عندى ملف تجسس فى جهازى

  • بادئ الموضوع بادئ الموضوع زووم2007
  • تاريخ البدء تاريخ البدء
  • المشاهدات 2,142
ز

زووم2007

زيزوومي جديد
إنضم
7 نوفمبر 2008
المشاركات
18
مستوى التفاعل
0
النقاط
20
غير متصل
انا واخد الى ان فى حد بيتصنت على مكالمتى على الايميلات وبيقرا الكلام الل بكتبه لصحابى
وفحصت ببرنامج اسمه NoAdware5 ولقيته بيظهرلى كلمة ملف خطير وجمبها اسم برنامج التجسس
netobserve ومكانه ف الc ف الويندوز وكل ما انزل نسخة ويندوز جديده الاقيه موجود معاها ف الc​


ممكن اعرف الحل ايه؟؟؟؟؟؟؟

وده تقرير عملته ببرنامج المكافى عن طريق الدوس​

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\XPPRESP3>cd\

C:\>cd mcafee

C:\mcafee>scan /ad /clean /del
McAfee VirusScan for Win32 v5.30.0
Copyright (c) 1992-2008 McAfee, Inc. All rights reserved.
(408) 988-3832 LICENSED COPY - Jun 16 2008

Scan engine v5.3.00 for Win32.
Virus data file v5661 created Jun 29 2009
Scanning for 532219 viruses, trojans and variants.

Scanning C: []
Scanning C:\*.*
C:\PAGEFILE.SYS ... file could not be opened.
C:\WINDOWS\system32\config\SECURITY ... file could not be opened.
C:\WINDOWS\system32\config\SECURITY.LOG ... file could not be opened.
C:\WINDOWS\system32\config\SOFTWARE.LOG ... file could not be opened.
C:\WINDOWS\system32\config\SYSTEM.LOG ... file could not be opened.
C:\WINDOWS\system32\config\DEFAULT.LOG ... file could not be opened.
C:\WINDOWS\system32\config\SAM ... file could not be opened.
C:\WINDOWS\system32\config\SAM.LOG ... file could not be opened.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\_avast4_\Webshlock.
txt ... file could not be opened.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_66
0.dat ... file could not be opened.
C:\WINDOWS\system32\config\system ... file could not be opened.
C:\WINDOWS\system32\config\software ... file could not be opened.
C:\WINDOWS\system32\config\default ... file could not be opened.
C:\WINDOWS\SoftwareDistribution\EventCache\{0951B998-1425-462D-90EC-359CDD7F6A33
}.bin ... file could not be opened.
C:\Documents and Settings\NetworkService\NTUSER.DAT ... file could not be opened
.
C:\Documents and Settings\NetworkService\NTUSER.DAT.LOG ... file could not be op
ened.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microso
ft\Windows\UsrClass.dat ... file could not be opened.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microso
ft\Windows\UsrClass.dat.LOG ... file could not be opened.
C:\Documents and Settings\LocalService\NTUSER.DAT ... file could not be opened.

C:\Documents and Settings\LocalService\NTUSER.DAT.LOG ... file could not be open
ed.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
\Windows\UsrClass.dat ... file could not be opened.
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
\Windows\UsrClass.dat.LOG ... file could not be opened.
C:\Documents and Settings\XPPRESP3\NTUSER.DAT ... file could not be opened.
C:\Documents and Settings\XPPRESP3\NTUSER.DAT.LOG ... file could not be opened.

C:\Documents and Settings\XPPRESP3\Local Settings\Temp\etilqs_8CbRxesbCoOGVTHyec
0z ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Local Settings\Temporary Internet Files\Conte
nt.IE5\KRYDGB8H\5nC0FOfGwrI[1].js\5nC0FOfGwrI[1] ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Microsoft\Win
dows\UsrClass.dat ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Microsoft\Win
dows\UsrClass.dat.LOG ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\ur0
2ksll.default\parent.lock ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\ur0
2ksll.default\cookies.sqlite-journal ... file could not be opened.
C:\Documents and Settings\XPPRESP3\Application Data\Mozilla\Firefox\Profiles\ur0
2ksll.default\places.sqlite-journal ... file could not be opened.
C:\Program Files\Real_SC\opt.exe ... Found the W32/Sdbot.worm virus !!!
The file has been deleted.
C:\Program Files\NoAdware5.0\nutils.dll ... Found the BackDoor-AWQ trojan !!!
The file has been deleted.
C:\System Volume Information\_restore{C8306024-1ECB-4FE5-84D6-672AB1B4EE1B}\RP4\
A0002563.exe ... Found the W32/Sdbot.worm virus !!!
The file has been deleted.
C:\Persi0.sys ... file could not be opened.

Summary report on C:\*.*
File(s)
Total files: ........... 13924
Clean: ................. 13889
Not scanned: ........... 0
Possibly Infected: ..... 3
Cleaned: ............... 0
Deleted: ............... 3
Non-critical Error(s): 1
Master Boot Record(s): ......... 1
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning D: [ع?غµ?]
Scanning D:\*.*

Summary report on D:\*.*
File(s)
Total files: ........... 2141
Clean: ................. 2141
Not scanned: ........... 0
Possibly Infected: ..... 0
Cleaned: ............... 0
Master Boot Record(s): ......... 1
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning E: [?ط???]
Scanning E:\*.*
E:\New Folder (3)\??و?\???ع?\avast! Antivirus Professional Edition 4.8.1229\keyg
en\AvastKeygen.exe ... Found the Generic.dx trojan !!!
The file has been deleted.
E:\New Folder (3)\New\?µ?ف ع??µ?\ع?غµ?\?طµ\Desktop_.ini ... Found the W32/Fujack
s.remnants virus !!!
The file has been deleted.

Summary report on E:\*.*
File(s)
Total files: ........... 34510
Clean: ................. 34508
Not scanned: ........... 0
Possibly Infected: ..... 2
Cleaned: ............... 0
Deleted: ............... 2
Master Boot Record(s): ......... 1
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0
Scanning F: [???غه]
Scanning F:\*.*

Summary report on F:\*.*
File(s)
Total files: ........... 16203
Clean: ................. 16203
Not scanned: ........... 0
Possibly Infected: ..... 0
Cleaned: ............... 0
Master Boot Record(s): ......... 1
Possibly Infected: ..... 0
Boot Sector(s): ................ 1
Possibly Infected: ..... 0


Time: 00:37.08


C:\mcafee>​
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
شكرا ليكم ياغالين

بس انا فى واحد بيتجسس فى جهازى وسرق اميلتى اعمل اية

وفحصت بموقع bitdefender قال فية تروجان
1246781570.jpg


ودة تقرير من موقع bitdefender


PHP: 
BitDefender QuickScan Beta v0.9.4.7
-----------------------------------

Scan date: Sun Jul 05 10:54:34 2009
Machine ID: 505C1B95


Found 1 infected item!
-----------------------
C:\WINDOWS\system32\Drivers\ - Trojan.Generic.1621834


Processes
---------
<unsigned>  RealNetworks Scheduler                              3396    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
<unsigned>  Deep Freeze 6 utility                                608    C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
<unsigned>  Deep Freeze 6 service                                868    C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
<unsigned>  LClock Application                                  1048    C:\Program Files\LClock\LClock.exe
<unsigned>  sdhelp.exe                                          2976    C:\Program Files\Spyware Doctor\sdhelp.exe

<verified>  On-Screen Keyboard                                   460    C:\Documents and Settings\XPPRESP3\Desktop\osk.exe
<verified>  avast! service GUI component                         288    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
<verified>  avast! e-Mail Scanner Service                       1180    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
<verified>  avast! antivirus service                            1516    C:\Program Files\Alwil Software\Avast4\ashServ.exe
<verified>  avast! Web Scanner                                  1632    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
<verified>  avast! Antivirus updating service                   1452    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
<verified>  Internet Explorer                                   2724    C:\Program Files\internet explorer\iexplore.exe
<verified>  Firefox                                             2040    C:\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe
<verified>  AutoUpater Service Module                           3148    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
<verified>  Windows Explorer                                    1400    C:\WINDOWS\Explorer.EXE
<verified>  CTF Loader                                          2096    C:\WINDOWS\system32\CTFMON.EXE
<verified>  LSA Shell (Export Version)                           712    C:\WINDOWS\system32\lsass.exe
<verified>  Services and Controller app                          700    C:\WINDOWS\system32\services.exe
<verified>  Windows NT Session Manager                           480    C:\WINDOWS\System32\smss.exe
<verified>  Volume Control                                      1276    C:\WINDOWS\system32\SNDVOL32.EXE
<verified>  Spooler SubSystem App                               1964    C:\WINDOWS\system32\spoolsv.exe
<verified>  Generic Host Process for Win32 Services              912    C:\WINDOWS\system32\svchost.exe
<verified>  Generic Host Process for Win32 Services             1000    C:\WINDOWS\System32\svchost.exe
<verified>  Generic Host Process for Win32 Services             2492    C:\WINDOWS\system32\svchost.exe
<verified>  Windows NT Logon Application                         648    C:\WINDOWS\system32\winlogon.exe


Autoruns and critical files
---------------------------
<unsigned>  Spyware Doctor                                      C:\PROGRA~1\SPYWAR~1\swdoctor.exe
<unsigned>  Beyluxe Messenger.exe                               C:\Program Files\Beyluxe Messenger\Beyluxe Messenger.exe
<unsigned>  RealNetworks Scheduler                              C:\Program Files\Common Files\Real\Update_OB\realsched.exe
<unsigned>  LClock Application                                  C:\Program Files\LClock\LClock.exe
<unsigned>  Orbit Downloader                                    C:\Program Files\Orbitdownloader\orbitdm.exe
<unsigned>  The Cleaner Active Process Monitor                  C:\Program Files\The Cleaner\tca.exe
<unsigned>  The Cleaner Registry and File Monitor               C:\Program Files\The Cleaner\tcm.exe

<verified>  avast! service GUI component                        C:\Program Files\Alwil Software\Avast4\ashDisp.exe
<verified>  Yahoo! Messenger                                    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
<verified>  Windows Command Processor                           C:\WINDOWS\system32\cmd.exe
<verified>  Crypto API32                                        C:\WINDOWS\system32\CRYPT32.dll
<verified>  Crypto Network Related API                          C:\WINDOWS\system32\cryptnet.dll
<verified>  Offline Network Agent                               C:\WINDOWS\System32\CSCDLL.dll
<verified>  CTF Loader                                          C:\WINDOWS\system32\CTFMON.EXE
<verified>  igfxdev Module                                      C:\WINDOWS\system32\igfxdev.dll
<verified>  Windows Logon UI                                    C:\WINDOWS\system32\logonui.exe
<verified>  Microsoft Windows Sockets 2.0 Service Provider      C:\WINDOWS\system32\mswsock.dll
<verified>  Microsoft Windows Rsvp 1.0 Service Provider         C:\WINDOWS\system32\rsvpsp.dll
<verified>  Secondary Logon Service Notification DLL            C:\WINDOWS\system32\sclgntfy.dll
<verified>  LDAP RnR Provider DLL                               C:\WINDOWS\System32\winrnr.dll
<verified>  Common DLL to receive Winlogon notifications        C:\WINDOWS\system32\wlnotify.dll


Browser plugins
---------------
<unsigned>  npkimi                                              C:\Program Files\Mozilla Firefox 3.1 Beta 3\plugins\npkimi.dll
<unsigned>  Orbitcth                                            C:\Program Files\Orbitdownloader\orbitcth.dll
<unsigned>  RealPlayer(tm) LiveConnect-Enabled Plug-In          C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
<unsigned>  RealJukebox Netscape Plugin                         C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
<unsigned>  6.0.12.1483                                         C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
<unsigned>  iesdpb.dll                                          C:\Program Files\Spyware Doctor\tools\iesdpb.dll

<verified>  Default Plug-in                                     C:\Program Files\Mozilla Firefox 3.1 Beta 3\plugins\npnul32.dll
<verified>  Skype add-on for IE                                 C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
<verified>  SBSD IE Protection                                  C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
<verified>  Site Guard                                          C:\Program Files\Spyware Doctor\tools\iesdsg.dll
<verified>  Yahoo! Toolbar                                      C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
<verified>  Yahoo! Single Instance for Mail                     C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
<verified>  Yahoo Application State Plugin version 1.0.0.7      C:\Program Files\Yahoo!\Shared\npYState.dll
<verified>  BitDefender QuickScan Client ActiveX                C:\WINDOWS\Downloaded Program Files\ActiveQscan.ocx
<verified>  NPSWF32.dll                                         C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verified>  Shell Doc Object and Control Library                C:\WINDOWS\system32\SHDOCVW.dll


Missing files
-------------
File not found: C:\Program Files\Unlocker\UnlockerAssistant.exe
 referenced in: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"UnlockerAssistant"


Scan
----

No file uploaded.
 

تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى