مكافي McAfee VirusScan Enterprise 8.7 للفحص والتنظيف وعمل التقارير

[زيزوووم]

السلام عليكم ورحمة الله وبركاته
هذا تقرير جهازي فهل جهازي مصاب ؟

logfile of trend micro hijackthis v2.0.2
scan saved at 11:40:40 م, on 31/01/2009
platform: Windows xp sp2 (winnt 5.01.2600)
msie: Internet explorer v6.00 sp2 (6.00.2900.2180)
boot mode: Normal
running processes:
C:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\windows\explorer.exe
c:\program files\java\jre1.5.0_03\bin\jusched.exe
c:\program files\common files\real\update_ob\realsched.exe
c:\windows\sm56hlpr.exe
c:\program files\cyberlink\powerdvd\pdvdserv.exe
c:\program files\lg_fwupdate\fwupdate.exe
c:\program files\nero\nero 7\incd\nbhgui.exe
c:\program files\nero\nero 7\incd\incd.exe
c:\windows\rthdcpl.exe
c:\windows\fixcamera.exe
c:\windows\tsnp325.exe
c:\windows\vsnp325.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\1.2.1128.5462\googletoolbarnotifier.exe
c:\docume~1\user\locals~1\temp\a.exe
c:\docume~1\user\locals~1\temp\~tmpf.exe
c:\program files\nero\nero 7\incd\incdsrv.exe
c:\program files\cyberlink\shared files\richvideo.exe
c:\windows\system32\svchost.exe
c:\program files\yahoo!\messenger\ymsgr_tray.exe
c:\windows\system32\wuauclt.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = 127.0.0.1:4001
r3 - urlsearchhook: Defaultsearchhook class - {c94e154b-1459-4a47-966b-4b843befc7db} - c:\program files\asksearch\bin\defaultsearch.dll
o2 - bho: Askbar bho - {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askbar.dll
o2 - bho: Realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
o2 - bho: Xml module - {500bca15-57a7-4eaf-8143-8c619470b13d} - c:\windows\system32\msxml71.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: Windows live sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
o3 - toolbar: &google - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll
o3 - toolbar: Ask toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askbar.dll
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre1.5.0_03\bin\jusched.exe
o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
o4 - hklm\..\run: [smserial] sm56hlpr.exe
o4 - hklm\..\run: [remotecontrol] "c:\program files\cyberlink\powerdvd\pdvdserv.exe"
o4 - hklm\..\run: [languageshortcut] "c:\program files\cyberlink\powerdvd\language\language.exe"
o4 - hklm\..\run: [lgoddfu] "c:\program files\lg_fwupdate\fwupdate.exe" blrun
o4 - hklm\..\run: [nerofiltercheck] c:\program files\common files\ahead\lib\nerocheck.exe
o4 - hklm\..\run: [securdisc] c:\program files\nero\nero 7\incd\nbhgui.exe
o4 - hklm\..\run: [incd] c:\program files\nero\nero 7\incd\incd.exe
o4 - hklm\..\run: [rthdcpl] rthdcpl.exe
o4 - hklm\..\run: [skytel] skytel.exe
o4 - hklm\..\run: [alcmtr] alcmtr.exe
o4 - hklm\..\run: [fixcamera] c:\windows\fixcamera.exe
o4 - hklm\..\run: [tsnp325] c:\windows\tsnp325.exe
o4 - hklm\..\run: [snp325] c:\windows\vsnp325.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [amva] c:\windows\system32\amvo.exe
o4 - hkcu\..\run: [yahoo! Pager] "c:\program files\yahoo!\messenger\yahoomessenger.exe" -quiet
o4 - hkcu\..\run: [uniblue registrybooster 2009] c:\program files\uniblue\registrybooster\registrybooster.exe /s
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msfox] c:\docume~1\user\locals~1\temp\a.exe
o4 - hkcu\..\run: [cognac] c:\docume~1\user\locals~1\temp\a.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'network service')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o8 - extra context menu item: E&xport to microsoft excel - res://c:\progra~1\micros~2\office11\excel.exe/3000
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.5.0_03\bin\npjpi150_03.dll
o9 - extra 'tools' menuitem: Sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.5.0_03\bin\npjpi150_03.dll
o9 - extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o23 - service: Google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: Incd helper (incdsrv) - nero ag - c:\program files\nero\nero 7\incd\incdsrv.exe
o23 - service: Nbservice - nero ag - c:\program files\nero\nero 7\nero backitup\nbservice.exe
o23 - service: Nmindexingservice - nero ag - c:\program files\common files\ahead\lib\nmindexingservice.exe
o23 - service: Cyberlink richvideo service(crvs) (richvideo) - unknown owner - c:\program files\cyberlink\shared files\richvideo.exe
--
end of file - 5847 bytes

عندك مفاتيح مصابه ...
والافضل فتح موضوع بقسم الصيانه ... كما اسلفت بردي السابق

 

[زيزوووم]

اللهم ارحم والدي اخي تركي

ســؤال لو تكرمت

انت ذكرت التحديث اليدوي وقلت بواسطة ال winrar

هل نضع التحديثفي ملف البرنامج الرئيسي مباشرة بعد فك لضغط ؟؟؟

ولك جزيل الشكر والتقدير

ويرحم والديك وجميع موتى المسلمين

نعم التحديث يوضع في ملف البرنامج الرئيسي

 

[زيزوووم]

شكرا و الله يجازيك الجنه مع من تحب

ممكن تحليل التقرير ؟

engine version : 5300.2777
engine load time : 24437 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections

memory : Clean
please wait ... Building list of critical files to scan
critical : Clean
scanning the computer's ****** directories
******s : Clean
c:\pagefile.sys : Scan failed
c:\documents and settings\administrator\ntuser.dat : Scan failed
c:\documents and settings\administrator\ntuser.dat.log : Scan failed
file : C:\documents and settings\administrator\desktop\new folder\u\u92\u92.exe : Contains "trojan" called "generic backdoor" (deleted )
c:\documents and settings\administrator\desktop\new folder\u\u92\u92.exe : Deleted
c:\documents and settings\administrator\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\administrator\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\documents and settings\administrator\local settings\temp\fla4.tmp : Scan failed
c:\documents and settings\administrator\local settings\temp\perflib_perfdata_b90.dat : Scan failed
c:\documents and settings\localservice\ntuser.dat : Scan failed
c:\documents and settings\localservice\ntuser.dat.log : Scan failed
c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\documents and settings\networkservice\ntuser.dat : Scan failed
c:\documents and settings\networkservice\ntuser.dat.log : Scan failed
c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\windows\system32\config\default : Scan failed
c:\windows\system32\config\default.log : Scan failed
c:\windows\system32\config\sam : Scan failed
c:\windows\system32\config\sam.log : Scan failed
c:\windows\system32\config\security : Scan failed
c:\windows\system32\config\security.log : Scan failed
c:\windows\system32\config\software : Scan failed
c:\windows\system32\config\software.log : Scan failed
c:\windows\system32\config\system : Scan failed
c:\windows\system32\config\system.log : Scan failed
c:\windows\system32\drivers\fidbox.dat : Scan failed
c:\windows\system32\drivers\fidbox.idx : Scan failed
scanning the registry
registry : Clean

summary :-
filesfound : 42670
filesscanned : 24904
filesnotscanned : 17766

objectsfound : 83466
objectsinfected : 1
objectscleaned : 0
objectsdeleted : 1

filesinfected : 1
filescleaned : 0
filesmoved : 0
filesdeleted : 1

started at : 05:09:28 م 27 فبراير, 2009
ended at : 05:31:25 م 27 فبراير, 2009
duration : 21 minutes 57 seconds
4209 mb scanned in 1317 seconds = 3 mb/s
engine version : 5300.2777
engine load time : 21765 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections


summary :-
filesfound : 2144
filesscanned : 872
filesnotscanned : 1272

objectsfound : 2145
objectsinfected : 0
objectscleaned : 0
objectsdeleted : 0

filesinfected : 0
filescleaned : 0
filesmoved : 0
filesdeleted : 0

started at : 05:31:49 م 27 فبراير, 2009
ended at : 05:32:08 م 27 فبراير, 2009
duration : 18 seconds
109 mb scanned in 18 seconds = 6 mb/s
engine version : 5300.2777
engine load time : 21235 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections


summary :-
filesfound : 4230
filesscanned : 2719
filesnotscanned : 1511

objectsfound : 4286
objectsinfected : 0
objectscleaned : 0
objectsdeleted : 0

filesinfected : 0
filescleaned : 0
filesmoved : 0
filesdeleted : 0

started at : 05:32:29 م 27 فبراير, 2009
ended at : 05:33:06 م 27 فبراير, 2009
duration : 36 seconds
225 mb scanned in 36 seconds = 6 mb/s
engine version : 5300.2777
engine load time : 21031 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections

memory : Clean
please wait ... Building list of critical files to scan
critical : Clean
scanning the computer's ****** directories
******s : Clean
c:\pagefile.sys : Scan failed
c:\documents and settings\administrator\ntuser.dat : Scan failed
c:\documents and settings\administrator\ntuser.dat.log : Scan failed
c:\documents and settings\administrator\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\administrator\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\documents and settings\administrator\local settings\temp\fla8.tmp : Scan failed
c:\documents and settings\administrator\local settings\temp\perflib_perfdata_b14.dat : Scan failed
c:\documents and settings\localservice\ntuser.dat : Scan failed
c:\documents and settings\localservice\ntuser.dat.log : Scan failed
c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\localservice\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\documents and settings\networkservice\ntuser.dat : Scan failed
c:\documents and settings\networkservice\ntuser.dat.log : Scan failed
c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat : Scan failed
c:\documents and settings\networkservice\local settings\application data\microsoft\windows\usrclass.dat.log : Scan failed
c:\windows\system32\config\default : Scan failed
c:\windows\system32\config\default.log : Scan failed
c:\windows\system32\config\sam : Scan failed
c:\windows\system32\config\sam.log : Scan failed
c:\windows\system32\config\security : Scan failed
c:\windows\system32\config\security.log : Scan failed
c:\windows\system32\config\software : Scan failed
c:\windows\system32\config\software.log : Scan failed
c:\windows\system32\config\system : Scan failed
c:\windows\system32\config\system.log : Scan failed
c:\windows\system32\drivers\fidbox.dat : Scan failed
c:\windows\system32\drivers\fidbox.idx : Scan failed
scanning the registry
registry : Clean

summary :-
filesfound : 42925
filesscanned : 25098
filesnotscanned : 17827

objectsfound : 83932
objectsinfected : 0
objectscleaned : 0
objectsdeleted : 0

filesinfected : 0
filescleaned : 0
filesmoved : 0
filesdeleted : 0

started at : 06:38:16 م 27 فبراير, 2009
ended at : 07:01:00 م 27 فبراير, 2009
duration : 22 minutes 44 seconds
4234 mb scanned in 1364 seconds = 3 mb/s
engine version : 5300.2777
engine load time : 22516 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections


summary :-
filesfound : 2144
filesscanned : 872
filesnotscanned : 1272

objectsfound : 2145
objectsinfected : 0
objectscleaned : 0
objectsdeleted : 0

filesinfected : 0
filescleaned : 0
filesmoved : 0
filesdeleted : 0

started at : 07:01:25 م 27 فبراير, 2009
ended at : 07:01:44 م 27 فبراير, 2009
duration : 18 seconds
109 mb scanned in 18 seconds = 6 mb/s
engine version : 5300.2777
engine load time : 21547 milliseconds
av dat version : 5492.0000 488805 detections built 11 يناير, 2009
extra dat : 0 detections


summary :-
filesfound : 4230
filesscanned : 2719
filesnotscanned : 1511

objectsfound : 4286
objectsinfected : 0
objectscleaned : 0
objectsdeleted : 0

filesinfected : 0
filescleaned : 0
filesmoved : 0
filesdeleted : 0

started at : 07:02:06 م 27 فبراير, 2009
ended at : 07:02:42 م 27 فبراير, 2009
duration : 36 seconds
225 mb scanned in 36 seconds = 6 mb/s

ويجزاك خير ويبارك فيك


عندك اصابة ( ملف مشتبه فيه ) وتم حذفه