جنوبي الهوى
زيزوومى مميز
غير متصل
السلام عليكم ..تظهر رسالة عند الوصول الى سطح المكتب
وهذا تقرير الهايجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:53:35 AM, on 1/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\NOTEPAD.EXE
E:\Zyzoom_HijackThis.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ،،،،،،.lnk = C:\WINDOWS\system32\XP-EF07299D.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 1970 bytes
وهذا تقرير اداة الكاسبر
Scan
----
Scanned: 83426
Detected: 142
Untreated: 0
Start time: 1/19/2004 9:15:13 AM
Duration: 00:16:14
Finish time: 1/19/2004 9:31:27 AM
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan-GameThief.Win32.Magania.agvk File: C:\WINDOWS\system32\ckvo1.dll
disinfected: virus Virus.Win32.Sality.aa File: C:\WINDOWS\system32\setuphsc.exe
will be deleted when the computer is restarted: Trojan program Trojan-GameThief.Win32.Magania.agvk File: C:\WINDOWS\system32\ckvo0.dll
disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\User\Desktop\SARA.exe
disinfected: virus Virus.Win32.Sality.aa File: C:\Program Files\Adobe\Adobe Bridge\Bridge.exe
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins\Filters\Tiles.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins\Filters\Wave.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins AR\Filters\Tiles.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins AR\Filters\Wave.8BF
disinfected: virus Virus.Win32.Sality.aa File: C:\Program Files\VideoLAN\VLC\vlc.exe
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.032\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.032\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.015\FILE0001.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.015\FILE0002.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.016\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.016\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.019\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.019\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.024\FILE0003.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.024\FILE0004.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.023\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: E:\iky.bat
deleted: Trojan program Packed.Win32.Krap.b File: E:\ev60a2.cmd
deleted: Trojan program Packed.Win32.Krap.b File: E:\e.cmd
deleted: Trojan program Packed.Win32.Krap.g File: E:\uvsqfgwd.cmd
disinfected: virus Virus.Win32.Sality.aa File: E:\hxsmm.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\ekac.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\Recycled.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SSVICHOSST.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\zzzzzhhhh.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\zzzzzzz.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\gazellle.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\law7aaat.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\Brushes.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\xami.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\zzzzzhhhh\zzzzzhhhh.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\zzzzzzz\zzzzzzz.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\gazellle.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\alhosein Brushes\alhosein Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\3id\3id.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\law7aaat\law7aaat.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Creative-Drawer-Free-Swirl-Brushes\Creative-Drawer-Free-Swirl-Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Dandelions and Seeds Brushes mshaz100\Dandelions and Seeds Brushes mshaz100.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Set of 5 Brushes Floral Boxes\Set of 5 Brushes Floral Boxes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Set of 5 Brushes Floral Boxes\BrushesVectorMIX11\BrushesVectorMIX11.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Snowflakes\Snowflakes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lovebrushes\Lovebrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lovebrushes\Love Brushes for Photoshop mshaz1000\Love Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Health &beauty\Health &beauty.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hearts\Hearts.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hearts\Brush Hearts jpgs\Brush Hearts jpgs.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\HighTech_Circles_by_env1ro\HighTech_Circles_by_env1ro.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Islamic\Islamic.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Label Brushes for Photoshop\Label Brushes for Photoshop.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Label Brushes for Photoshop\Label Brushes for Photoshop mshaz1000\Label Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Spaltter\Spaltter.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Spaltter\__I_N_K___S_P_L_A_T___S_E_T\__I_N_K___S_P_L_A_T___S_E_T.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Natural &floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature_And_Floral_Brush_Set_1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Nature And Floral Brush Set 1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Vander90_by_vander90\Vander90_by_vander90.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\SS-butterflies-n-trails\SS-butterflies-n-trails.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Room122_HandDrawn_Floral\Room122_HandDrawn_Floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\leaves_brushes_mega_pack_by_hawksmont\leaves_brushes_mega_pack_by_hawksmont.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\flowers1_brushes_by_hawksmont\flowers1_brushes_by_hawksmont.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\floral2_brushes_by_hawksmont2\floral2_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\floral1_brushes_by_hawksmont2\floral1_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Nature And Floral Brush Set II mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\The_Grasslands_by_midnightstouch\The_Grasslands_by_midnightstouch.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Fresh_Foliage_HighRes001\Fresh_Foliage_HighRes001.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Floral_decorations_brushespack_by_solenero73\Floral_decorations_brushespack_by_solenero73.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\fantasy_floral_part_1\fantasy_floral_part_1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\فرش حسينية\فرش حسينية.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\اسلاميات\اسلاميات.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\اسلاميات\Islamic Brushes for Adobe Photoshop\Islamic Brushes for Adobe Photoshop.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\worn _highres\worn _highres.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Web 2.0 Brushes\Web 2.0 Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Web 2.0 Brushes\Web 2.0 Brushes\Web 2.0 Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Waterfalls Professional\Waterfalls Professional.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Waterfalls Professional\Waterfalls Professional Photoshop Brushes mshaz1000\Waterfalls Professional Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Vector Scatter\Vector Scatter.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Vector Scatter\Swirls_And_Flowers\Swirls_And_Flowers.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Trees Promo Brush Pack\Trees Promo Brush Pack.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Trees Promo Brush Pack\Trees Promo Brush Pack mshaz1000\Trees Promo Brush Pack mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Neutron Collapse\Neutron Collapse.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Neutron Collapse\Neutron Collapse Photoshop Brushes mshaz1000\Neutron Collapse Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\stilokvecto\stilokvecto.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Starbrushes\Starbrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Brushes\Photoshop Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Brushes\Photoshop Brushes mshaz1000\Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DigitalKitt3n_Elegant_Letters\DigitalKitt3n_Elegant_Letters.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DigitalKitt3n_Elegant_Letters\DigitalKitt3n_Elegant Letters\DigitalKitt3n_Elegant Letters.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\Doodles Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\doodles2_brushes_by_hawksmont2\doodles2_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\doodles1_brushes_by_hawksmont2\doodles1_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DreamcatcherBrushes\DreamcatcherBrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DreamcatcherBrushes\DreamcatcherBrushes mshaz1000\DreamcatcherBrushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\dreamon72-shape-\dreamon72-shape-.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\dreamon72-shape-\dreamonshapebrushes02\dreamonshapebrushes02.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Fresh_Foliage\Fresh_Foliage.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Grunge Paint Brushes\Grunge Paint Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hawaiian Ornamental Brushes\Hawaiian Ornamental Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hawaiian Ornamental Brushes\__MACOSX\__MACOSX.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\9objects_brush\9objects_brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\34 Oranments Flower\34 Oranments Flower.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\34 Oranments Flower\34 Oranments Flower Brushes mshaz1000\34 Oranments Flower Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\36_Vector_Brushes\36_Vector_Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Banners & Scrolls Parchment\Banners & Scrolls Parchment.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\BB_floral_CS1.abr\BB_floral_CS1.abr.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\BB_floral_CS1.abr\__MACOSX\__MACOSX.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Beautiful Clouds\Beautiful Clouds.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Beautiful Clouds\Beautiful Clouds Brushes For Photoshop mshaz1000\Beautiful Clouds Brushes For Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Big floral\Big floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Big floral\Big Floral Brushes mshaz1000\Big Floral Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Blood brushes\Blood brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Branches and Foliage Brushes\Branches and Foliage Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\brush\brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Butterflies and Flowers Brushes\Butterflies and Flowers Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Butterflies and Flowers Brushes\Butterflies and Flowers Brushes mshaz1000\Butterflies and Flowers Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Celestia - Brushes\Celestia - Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Celestia - Brushes\Celestia - Brushes for PhotoShop mshaz1000\Celestia - Brushes for PhotoShop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Morning Brushes mshaz1000\Photoshop Morning Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\quantum_brushes\quantum_brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Romantic flower brush\Romantic flower brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Romantic flower brush\Romantic flower brush mshaz1000\Romantic flower brush mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Rons - Water Brushes\Rons - Water Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Rons - Water Brushes\Rons - Water Brushes for Photoshop mshaz1000\Rons - Water Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Swirls_And_Flowers\Swirls_And_Flowers.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\net\net.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SYSTEM\SYSTEM.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\S-1-5-21-1482476501-1644491937-682003330-1013.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\prt\PRT.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\IPMS\iPMS21.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\RRT\RRT v1.00.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RECYCLER\RECYCLER.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\S-1-6-21-2434476501-1644491937-600003330-1213.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RESTORE\RESTORE.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\S-1-5-21-1482476501-1644491937-682003330-1013.exe
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Disinfect, delete if disinfection fails
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وهذا تقرير الهايجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:53:35 AM, on 1/19/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\NOTEPAD.EXE
E:\Zyzoom_HijackThis.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ،،،،،،.lnk = C:\WINDOWS\system32\XP-EF07299D.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 1970 bytes
وهذا تقرير اداة الكاسبر
Scan
----
Scanned: 83426
Detected: 142
Untreated: 0
Start time: 1/19/2004 9:15:13 AM
Duration: 00:16:14
Finish time: 1/19/2004 9:31:27 AM
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan-GameThief.Win32.Magania.agvk File: C:\WINDOWS\system32\ckvo1.dll
disinfected: virus Virus.Win32.Sality.aa File: C:\WINDOWS\system32\setuphsc.exe
will be deleted when the computer is restarted: Trojan program Trojan-GameThief.Win32.Magania.agvk File: C:\WINDOWS\system32\ckvo0.dll
disinfected: virus Virus.Win32.Sality.aa File: C:\Documents and Settings\User\Desktop\SARA.exe
disinfected: virus Virus.Win32.Sality.aa File: C:\Program Files\Adobe\Adobe Bridge\Bridge.exe
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins\Filters\Tiles.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins\Filters\Wave.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins AR\Filters\Tiles.8BF
deleted: Trojan program Rootkit.Win32.TDSS.eyj File: C:\Program Files\Adobe\Photoshop 7.0 ME\Plug-Ins AR\Filters\Wave.8BF
disinfected: virus Virus.Win32.Sality.aa File: C:\Program Files\VideoLAN\VLC\vlc.exe
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.032\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.032\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.015\FILE0001.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.015\FILE0002.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.016\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.016\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.019\FILE0000.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.019\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: C:\FOUND.024\FILE0003.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.024\FILE0004.CHK
deleted: virus Worm.Win32.AutoRun.qpy File: C:\FOUND.023\FILE0001.CHK
deleted: Trojan program Packed.Win32.Krap.b File: E:\iky.bat
deleted: Trojan program Packed.Win32.Krap.b File: E:\ev60a2.cmd
deleted: Trojan program Packed.Win32.Krap.b File: E:\e.cmd
deleted: Trojan program Packed.Win32.Krap.g File: E:\uvsqfgwd.cmd
disinfected: virus Virus.Win32.Sality.aa File: E:\hxsmm.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\ekac.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\Recycled.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SSVICHOSST.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\zzzzzhhhh.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\zzzzzzz.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\gazellle.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\law7aaat.exe
deleted: virus Worm.Win32.AutoRun.soq File: E:\Brushes.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\xami.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\zzzzzhhhh\zzzzzhhhh.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\zzzzzzz\zzzzzzz.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\gazellle.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\alhosein Brushes\alhosein Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\gazellle\3id\3id.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\law7aaat\law7aaat.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Creative-Drawer-Free-Swirl-Brushes\Creative-Drawer-Free-Swirl-Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Dandelions and Seeds Brushes mshaz100\Dandelions and Seeds Brushes mshaz100.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Set of 5 Brushes Floral Boxes\Set of 5 Brushes Floral Boxes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Set of 5 Brushes Floral Boxes\BrushesVectorMIX11\BrushesVectorMIX11.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Snowflakes\Snowflakes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lovebrushes\Lovebrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lovebrushes\Love Brushes for Photoshop mshaz1000\Love Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Health &beauty\Health &beauty.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hearts\Hearts.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hearts\Brush Hearts jpgs\Brush Hearts jpgs.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\HighTech_Circles_by_env1ro\HighTech_Circles_by_env1ro.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Islamic\Islamic.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Label Brushes for Photoshop\Label Brushes for Photoshop.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Label Brushes for Photoshop\Label Brushes for Photoshop mshaz1000\Label Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Lace brushes\Lace brushes\Lace brushes\Lace brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Spaltter\Spaltter.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Spaltter\__I_N_K___S_P_L_A_T___S_E_T\__I_N_K___S_P_L_A_T___S_E_T.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Natural &floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature_And_Floral_Brush_Set_1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Nature And Floral Brush Set 1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Vander90_by_vander90\Vander90_by_vander90.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\SS-butterflies-n-trails\SS-butterflies-n-trails.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\Room122_HandDrawn_Floral\Room122_HandDrawn_Floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\leaves_brushes_mega_pack_by_hawksmont\leaves_brushes_mega_pack_by_hawksmont.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\flowers1_brushes_by_hawksmont\flowers1_brushes_by_hawksmont.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\floral2_brushes_by_hawksmont2\floral2_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature_And_Floral_Brush_Set_1\Nature And Floral Brush Set 1\floral1_brushes_by_hawksmont2\floral1_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Nature And Floral Brush Set II mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\The_Grasslands_by_midnightstouch\The_Grasslands_by_midnightstouch.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Fresh_Foliage_HighRes001\Fresh_Foliage_HighRes001.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\Floral_decorations_brushespack_by_solenero73\Floral_decorations_brushespack_by_solenero73.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Natural &floral\Nature And Floral Brush Set II mshaz1000\fantasy_floral_part_1\fantasy_floral_part_1.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\فرش حسينية\فرش حسينية.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\اسلاميات\اسلاميات.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\اسلاميات\Islamic Brushes for Adobe Photoshop\Islamic Brushes for Adobe Photoshop.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\worn _highres\worn _highres.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Web 2.0 Brushes\Web 2.0 Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Web 2.0 Brushes\Web 2.0 Brushes\Web 2.0 Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Waterfalls Professional\Waterfalls Professional.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Waterfalls Professional\Waterfalls Professional Photoshop Brushes mshaz1000\Waterfalls Professional Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Vector Scatter\Vector Scatter.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Vector Scatter\Swirls_And_Flowers\Swirls_And_Flowers.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Trees Promo Brush Pack\Trees Promo Brush Pack.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Trees Promo Brush Pack\Trees Promo Brush Pack mshaz1000\Trees Promo Brush Pack mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Neutron Collapse\Neutron Collapse.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Neutron Collapse\Neutron Collapse Photoshop Brushes mshaz1000\Neutron Collapse Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\stilokvecto\stilokvecto.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Starbrushes\Starbrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Brushes\Photoshop Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Brushes\Photoshop Brushes mshaz1000\Photoshop Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DigitalKitt3n_Elegant_Letters\DigitalKitt3n_Elegant_Letters.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DigitalKitt3n_Elegant_Letters\DigitalKitt3n_Elegant Letters\DigitalKitt3n_Elegant Letters.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\Doodles Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\doodles2_brushes_by_hawksmont2\doodles2_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Doodles Brushes\doodles1_brushes_by_hawksmont2\doodles1_brushes_by_hawksmont2.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DreamcatcherBrushes\DreamcatcherBrushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\DreamcatcherBrushes\DreamcatcherBrushes mshaz1000\DreamcatcherBrushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\dreamon72-shape-\dreamon72-shape-.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\dreamon72-shape-\dreamonshapebrushes02\dreamonshapebrushes02.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Fresh_Foliage\Fresh_Foliage.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Grunge Paint Brushes\Grunge Paint Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hawaiian Ornamental Brushes\Hawaiian Ornamental Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Hawaiian Ornamental Brushes\__MACOSX\__MACOSX.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\9objects_brush\9objects_brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\34 Oranments Flower\34 Oranments Flower.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\34 Oranments Flower\34 Oranments Flower Brushes mshaz1000\34 Oranments Flower Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\36_Vector_Brushes\36_Vector_Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Banners & Scrolls Parchment\Banners & Scrolls Parchment.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\BB_floral_CS1.abr\BB_floral_CS1.abr.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\BB_floral_CS1.abr\__MACOSX\__MACOSX.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Beautiful Clouds\Beautiful Clouds.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Beautiful Clouds\Beautiful Clouds Brushes For Photoshop mshaz1000\Beautiful Clouds Brushes For Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Big floral\Big floral.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Big floral\Big Floral Brushes mshaz1000\Big Floral Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Blood brushes\Blood brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Branches and Foliage Brushes\Branches and Foliage Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\brush\brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Butterflies and Flowers Brushes\Butterflies and Flowers Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Butterflies and Flowers Brushes\Butterflies and Flowers Brushes mshaz1000\Butterflies and Flowers Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Celestia - Brushes\Celestia - Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Celestia - Brushes\Celestia - Brushes for PhotoShop mshaz1000\Celestia - Brushes for PhotoShop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Photoshop Morning Brushes mshaz1000\Photoshop Morning Brushes mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\quantum_brushes\quantum_brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Romantic flower brush\Romantic flower brush.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Romantic flower brush\Romantic flower brush mshaz1000\Romantic flower brush mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Rons - Water Brushes\Rons - Water Brushes.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Rons - Water Brushes\Rons - Water Brushes for Photoshop mshaz1000\Rons - Water Brushes for Photoshop mshaz1000.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\Brushes\Swirls_And_Flowers\Swirls_And_Flowers.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\net\net.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SYSTEM\SYSTEM.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\S-1-5-21-1482476501-1644491937-682003330-1013.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\prt\PRT.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\IPMS\iPMS21.exe
disinfected: virus Virus.Win32.Sality.aa File: E:\tools\RRT\RRT v1.00.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RECYCLER\RECYCLER.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\S-1-6-21-2434476501-1644491937-600003330-1213.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RESTORE\RESTORE.exe
deleted: virus IM-Worm.Win32.Sohanad.t File: E:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\S-1-5-21-1482476501-1644491937-682003330-1013.exe
Events
------
Time Name Status Reason
---- ---- ------ ------
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Disinfect, delete if disinfection fails
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
