|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
جهازي أصيب بفيرس وعملت سكان عليه وأزلت ما أستطيعه من فيروسات ثم وفرمت الويندوز ونزلت ويندز جديد وبعدها كلما أردت تسطيب أي برنامج لا أستطيع ثم بعد ذلك تخرج لي رسال لقد صادف Generic Host Process for Win32 Services مشكلة ويجب إغلاقه. المعذرة على الإزعاج. ثم أشار علي أخ أن أنزل برنامج ليفحص الجهاز وبعدها أعطاني البرنامج هذا التقرير وأنا لا أدري ما معنى هذا التقرير فهل من مساعدة التقرير ComboFix 09-05-30.03 - Administrator 05/31/2009 12:49.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.511.333 [GMT 3:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\svchost.exe F:\Funny UST Scandal.avi.exe G:\Funny UST Scandal.avi.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_POWERMANAGER -------\Service_PowerManager ((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-31 ))))))))))))))))))))))))))))))) . 2009-05-30 16:42 . 2009-05-31 09:53 -------- d-----w c:\documents and settings\Administrator\Tracing 2009-05-30 16:37 . 2009-05-30 16:37 -------- d-----w c:\program files\Microsoft Sync Framework 2009-05-30 16:36 . 2009-05-30 16:36 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-05-30 16:35 . 2009-05-31 06:08 -------- d-----w c:\windows\SxsCaPendDel 2009-05-30 16:34 . 2009-05-30 16:34 -------- d-----w c:\program files\Microsoft 2009-05-30 16:34 . 2009-05-30 16:34 -------- d-----w c:\program files\Windows Live SkyDrive 2009-05-30 16:06 . 2009-05-30 16:06 -------- d-----w c:\program files\Common Files\Windows Live 2009-05-30 15:49 . 2006-10-26 16:56 32592 ----a-w c:\windows\system32\msonpmon.dll 2009-05-30 15:47 . 2009-05-30 15:47 -------- d-----w c:\program files\Microsoft Works 2009-05-30 15:47 . 2009-05-30 15:47 -------- d-----w c:\program files\MSBuild 2009-05-30 15:42 . 2009-05-30 15:47 -------- d-----w c:\windows\SHELLNEW 2009-05-30 15:42 . 2009-05-30 15:42 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help 2009-05-30 15:42 . 2009-05-30 15:49 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-05-30 15:41 . 2009-05-30 15:41 -------- d--h--r C:\MSOCache 2009-05-30 13:56 . 2009-05-30 13:56 249344 ---h--w c:\documents and settings\Administrator\Application Data\shamela\C4ACD77A\s_report.exe 2009-05-30 13:45 . 2009-05-30 13:46 3115072 ----a-w c:\documents and settings\Administrator\Application Data\IDM\idmupdt.exe 2009-05-30 13:44 . 2009-05-30 13:47 198064 ----a-w c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2009-05-30 13:43 . 2009-05-31 09:09 -------- d-----w c:\documents and settings\Administrator\Application Data\IDM 2009-05-30 13:43 . 2009-05-31 09:50 -------- d-----w c:\documents and settings\Administrator\Application Data\DMCache 2009-05-30 13:43 . 2009-05-30 15:33 -------- d-----w c:\program files\Internet Download Manager 2009-05-30 13:25 . 2009-05-30 13:25 0 ----a-w c:\windows\nsreg.dat 2009-05-30 13:25 . 2009-05-30 13:25 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2049-11-19 01:43 . 2009-05-30 14:01 570128 ----a-w c:\documents and settings\Administrator\Application Data\IDM\bin\dao350.dll 2009-05-31 08:44 . 2009-05-30 08:06 -------- d-----w c:\program files\الجامع الكبير - الإصدار الرابع 2009-05-30 16:41 . 2009-05-30 09:50 -------- d-----w c:\program files\Windows Live 2009-05-30 16:06 . 2009-05-30 08:35 83840 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-30 14:01 . 2009-05-30 08:09 -------- d-----w c:\documents and settings\Administrator\Application Data\shamela 2009-05-30 10:06 . 2009-05-30 10:06 -------- d-----w c:\program files\VIA Technologies, Inc 2009-05-30 09:52 . 2009-05-30 09:52 -------- d-----w c:\documents and settings\Administrator\Application Data\Systweak 2009-05-30 09:52 . 2009-05-30 09:52 -------- d-----w c:\program files\Systweak 2009-05-30 09:51 . 2009-05-30 09:50 -------- d-----w c:\documents and settings\Administrator\Application Data\inSpeak 2009-05-30 09:50 . 2009-05-30 09:50 -------- d-----w c:\program files\inSpeak 2009-05-30 09:50 . 2009-05-30 09:50 -------- d-----w c:\documents and settings\All Users\Application Data\inSpeak 2009-05-30 09:31 . 2009-05-30 07:39 118144 ----a-w c:\windows\system32\BootSafe.exe 2009-05-30 08:49 . 2009-05-30 07:39 2122312 ----a-w c:\windows\system32\InfoTool.exe 2009-05-30 08:49 . 2009-05-30 07:39 761856 ----a-w c:\windows\system32\HWMonitor.exe 2009-05-30 08:49 . 2009-05-30 07:39 405504 ----a-w c:\windows\system32\HDTune.exe 2009-05-30 08:49 . 2009-05-30 07:39 394704 ----a-w c:\windows\system32\GPU-Z.exe 2009-05-30 08:47 . 2009-05-30 07:39 943104 ----a-w c:\windows\system32\DFX.exe 2009-05-30 08:47 . 2009-05-30 07:39 1286144 ----a-w c:\windows\system32\cpuz.exe 2009-05-30 08:46 . 2009-05-30 07:39 202240 ----a-w c:\windows\system32\CoreTemp.exe 2009-05-30 08:44 . 2009-05-30 07:52 3374640 ----a-w c:\windows\Help\Tours\mmTour\mui\0401\tour.exe 2009-05-30 08:15 . 2009-05-30 08:15 -------- d-----w c:\program files\ESET 2009-05-30 08:15 . 2009-05-30 08:15 -------- d-----w c:\documents and settings\All Users\Application Data\ESET 2009-05-30 07:51 . 2009-05-30 07:44 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-05-30 07:45 . 2009-05-30 07:45 -------- d-----w c:\program files\microsoft frontpage 2009-05-30 07:40 . 2009-05-30 07:40 21640 ----a-w c:\windows\system32\emptyregdb.dat 2009-05-29 08:01 . 2009-05-30 14:01 486912 ----a-w c:\documents and settings\Administrator\Application Data\IDM\bin\viewer.exe 2009-05-29 08:01 . 2009-05-30 14:01 5832192 ----a-w c:\documents and settings\Administrator\Application Data\IDM\bin\shamela.exe 2009-03-26 15:35 . 2009-05-27 10:22 210352 ----a-w c:\windows\system32\idmmbc.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-01-26 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] "AVO Ram Optimizer"="c:\program files\systweak\advanced vista optimizer 2009\AVO.exe" [2009-01-09 216296] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-27 2815408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive .exe " [2006-10-05 280779] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-01-26 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "e:\\موسوعات\\الموسوعة الشاملة 3\\bin\\shamela.exe"= "c:\\program files\\systweak\\advanced vista optimizer 2009\\AdvancedVistaOptimizer.exe"= "d:\\برامج\\كمبيوتر وصيانة\\الأوفيس\\أوفيس 2003 عربي\\Office2003Arb\\SETUP.EXE"= "c:\\WINDOWS\\system32\\netsh.exe"= "c:\\WINDOWS\\VistaDrive\\VistaDrive.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\برامج\\كمبيوتر وصيانة\\WindowsInstaller-KB893803-v2-x86.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe"= R2 AVO2009 Defrag;AVO2009 Defrag;c:\program files\Systweak\Advanced Vista Optimizer 2009\AVODefragService32.exe [5/30/2009 12:52 PM 398056] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [8/4/2004 3:00 PM 3584] S3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\ skslm.sys --> c:\windows\system32\drivers\skslm.sys [?] . - - - - ORPHANS REMOVED - - - - SafeBoot-procexp90.Sys . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = hxxp://www.shamela.ws/updates.php IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\b1e2v338.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . ************************************************** ************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-31 12:53 Windows 5.1.2600 Service Pack 3, v.3300 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************** ************************ . ------------------------ Other Running Processes ------------------------ . c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\rundll32.exe . ************************************************** ************************ . Completion time: 2009-05-31 12:54 - machine was rebooted ComboFix-quarantined-files.txt 2009-05-31 09:54 Pre-Run: 3,359,756,288 bytes free Post-Run: 3,288,186,880 bytes free 159 __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |
المواضيع المتشابهه | ||||
الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
كل ميت وأنتم بخير . | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 01-25-2010 02:10 AM |
كل ميت وأنتم بخير . | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 01-25-2010 02:00 AM |
كل مطر وأنتم بخير -تحية أهل جدة- | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 12-04-2009 09:50 PM |
كل عام وأنتم بخير ::: | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 0 | 09-18-2009 01:50 AM |
كل عام وأنتم بخير | محروم.كوم | منتدى أخبار المواقع والمنتديات العربية والأجنبية | 1 | 08-03-2009 07:15 AM |