|
#1
09-02-2010
|
||||
|
||||
فيروس autorn ياخبراءنا ( الله لايوفق من صنعه)
السلام عليكم ورحمة الله وبركاته
اخوان شهر مبارك علينا وعليكم اعانكم الله على صيامه وقيامه اخواني الكرام عندي هاردسك خارجي فيه فيروس اوتو رن قفل علي غالب المجلدات بمعنى ان المجلد امامي لكن عند النقر عليه تضهر لي مثل مافي الصوره هذه :-  بدا في مجلد واحد والان اغلب مجلدات الموجود في الهاردسك بنفس المشكله عملت فحس ببرنامج أفاست المنزلي بسريال اصلي واخر التحديثات وكانت النتيجه :-  لم يستطع البرنامج حذفه او حتى نقله الى الحجز حاولت البحث عن بأسم الفيروس في الهاردسك ولكنه لايظهر وكأنه غير موجود الامر الاخر عند تغيير اسم اي ملف في الجهاز تأتيني رسالة تحذير غريبه مثل هذه الصوره :-  حاولت في هذا الفيروس بكل البرامج تقريبا لم يبقى برنامج لم استخدمه واخرها قبل قليل ببرنامج حقن الفلاشات ضد ملفات الاوتو رن والمضحك ان البرنامج حقن مجلد الـ c بنجاح ولكن الهاردسك لم يستطع حقنه بسبب ان الملف موجود مسبقا اي ان الفيروس عطل البرنامج عن الحقن اخيرا اخواني هذه بعض التقاري عن جهازي اتمنى انها تساعدكم في حل المشكله نبدأ بأسم الله تقرير برنامج hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:49:04 ص, on 02/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 SP3 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\explorer.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Hotspot Shield\bin\openvpnas.exe C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\mspaint.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\بلاتيني\My Documents\التّنزيلات\RunScanner.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local F2 - REG:system.ini: Shell=explorer.exe O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui O4 - HKLM\..\Run: [protect_autorun] C:\Documents and Settings\بلاتيني\سطح المكتب\anti auto run.exe /start O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: تحميل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: DFServ - Faronics Corporation - C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SSDP Discovery Service (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 7494 bytes ثانيا تقرير موقع bitdefender QuickScan Beta 32-bit v0.9.9.30 ------------------------------- Scan date: Thu Sep 02 04:51:42 2010 Machine ID: 9CB975B4 No infection found. ------------------- Processes --------- Deep Freeze 6.52 888 C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe Deep Freeze 6.52 1576 C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe avast! Antivirus 684 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe avast! Antivirus 1924 C:\Program Files\Alwil Software\Avast5\AvastUI.exe Firefox 2164 C:\Program Files\Mozilla Firefox\firefox.exe Firefox 3468 C:\Program Files\Mozilla Firefox\plugin-container.exe hsssrv.exe 612 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe hsswd.exe 740 C:\Program Files\Hotspot Shield\bin\hsswd.exe Java(TM) Platform SE 6 U20 824 C:\Program Files\Java\jre6\bin\jqs.exe LWEMon.exe 1940 C:\Program Files\Logitech\Gaming Software\LWEMon.exe Microsoft® Windows® Operating System 828 C:\WINDOWS\explorer.exe Microsoft® Windows® Operating System 3212 C:\WINDOWS\System32\alg.exe Microsoft® Windows® Operating System 1348 C:\WINDOWS\system32\csrss.exe Microsoft® Windows® Operating System 972 C:\WINDOWS\system32\ctfmon.exe Microsoft® Windows® Operating System 1428 C:\WINDOWS\system32\lsass.exe Microsoft® Windows® Operating System 3912 C:\WINDOWS\system32\mspaint.exe Microsoft® Windows® Operating System 1880 C:\WINDOWS\system32\rundll32.exe Microsoft® Windows® Operating System 1916 C:\WINDOWS\system32\RUNDLL32.EXE Microsoft® Windows® Operating System 1416 C:\WINDOWS\system32\services.exe Microsoft® Windows® Operating System 1292 C:\WINDOWS\System32\smss.exe Microsoft® Windows® Operating System 1800 C:\WINDOWS\system32\spoolsv.exe Microsoft® Windows® Operating System 468 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1680 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1728 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1768 C:\WINDOWS\System32\svchost.exe Microsoft® Windows® Operating System 1992 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 604 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 348 C:\WINDOWS\system32\svchost.exe Microsoft® Windows® Operating System 1372 C:\WINDOWS\system32\winlogon.exe NVIDIA Driver Helper Service, Version 1 1608 C:\WINDOWS\system32\nvsvc32.exe openvpnas.exe 532 C:\Program Files\Hotspot Shield\bin\openvpnas.exe PnkBstrA.exe 928 C:\WINDOWS\system32\PnkBstrA.exe PnkBstrB.exe 1660 C:\WINDOWS\system32\PnkBstrB.exe RealPlayer (32-bit) 1872 C:\Program Files\Common Files\Real\Update_OB\realsched.exe Runscanner 2568 C:\Documents and Settings\بلاتيني\My Documents\التّنزيلات\RunScanner.exe Network activity ---------------- Process AvastSvc.exe (684) connected on port 80 (HTTP) --> crl.verisign.com Process AvastSvc.exe (684) connected on port 80 (HTTP) --> crl.thawte.com Process AvastSvc.exe (684) connected on port 80 (HTTP) --> csc3-2009-crl.verisign.com Process AvastSvc.exe (684) connected on port 80 (HTTP) --> www.google-analytics.com Process svchost.exe (1728) listens on ports: 135 (RPC) Autoruns and critical files --------------------------- CPE17 Autorun Killer (AntiAutorun) C:\Documents and Settings\بلاتيني\سطح المكتب\anti auto run.exe LogonDll.dll C:\WINDOWS\system32\LogonDll.dll avast! Antivirus C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe LWEMon.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\bthprops.cpl Microsoft® Windows® Operating System C:\WINDOWS\system32\crypt32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\wlnotify.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll NVIDIA Compatible Windows 2000 Display C:\WINDOWS\system32\nvcpl.dll NVIDIA Media Center Library C:\WINDOWS\system32\nvmctray.dll RealPlayer (32-bit) C:\Program Files\Common Files\Real\Update_OB\realsched.exe RealUpgrade C:\Program Files\Real\RealUpgrade\realupgrade.exe RunInteractiveWin.exe C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe TuneUp Utilities C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe Browser plugins --------------- FFExternalAlert.dll C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\FFExternalAlert.dll Nexon Game Controller C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.6 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll RadioWMPCore.dll C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\RadioWMPCore.dll RealJukebox NS Plugin c:\program files\real\realplayer\Netscape6\nprjplug.dll RealPlayer Version Plugin c:\program files\real\realplayer\Netscape6\nprpjplug.dll RealPlayer(tm) HTML5VideoShim Plug-In ( C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll AcroIEHelper Library c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll BitDefender QuickScan C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll BitDefender QuickScan C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll Cortona3D Viewer C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll Cortona3D Viewer C:\Program Files\Mozilla Firefox\plugins\npCortona.dll hssie.dll c:\program files\hotspot shield\hssie\hssie.dll Java(TM) Platform SE 6 U20 c:\program files\java\jre6\bin\jp2ssv.dll Java(TM) Platform SE 6 U20 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows Live Login Helper c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\wshbth.dll Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll PaltalkScene C:\Program Files\Paltalk Messenger\Paltalk.exe RealPlayer Download and Record Plugin c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrow serrecordplugin.dll RealPlayer(tm) G2 LiveConnect-Enabled P c:\program files\real\realplayer\Netscape6\nppl3260.dll Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll Missing files ------------- File not found: %system%\webcheck.dll --> HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32\(default) File not found: C:\WINDOWS\system32\drivers\EagleNT.sys --> HKLM\System\ControlSet001\services\EagleNT\"ImageP ath" File not found: system32\DRIVERS\33687561.sys --> HKLM\System\ControlSet001\services\33687561\"Image Path" File not found: ےے‰$–|?'–| --> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Userinit" Scan ---- MD5: 9741513d6c9d76c8903bfa362ac8bf9d C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\npNxGameeu.dll MD5: 73fd4b6593af94cfd98b21c7d1548f53 C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\E xt\Components\nprpffbrowserrecordext.dll MD5: 26ab21e66adb7b60175052446a2308ec C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPl ugins\nprphtml5videoshim.dll MD5: 741c7e4c48b4d8b3111644a91800ea3e C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims \rpnpshimswf.dll MD5: ebebdbf1df7621623bbc5af82b533542 C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\FFExternalAlert.dll MD5: 696f6787818300362f15485d654f6887 C:\Documents and Settings\بلاتيني\Application Data\Mozilla\Firefox\Profiles\n3do7p1m.default\ext ensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\RadioWMPCore.dll MD5: 9df01b5fc94f0f89ecd5d6d140607f2a C:\Documents and Settings\بلاتيني\سطح المكتب\anti auto run.exe MD5: 0caf338825a1678bdc70c07db01e4684 C:\Program Files\7-Zip\7-zipn.dll MD5: fa81100303011c93087fcda288aa14ad C:\Program Files\Alwil Software\Avast5\defs\10090101\algo.dll MD5: a9b3b4a762963be8cac715bef5068232 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll MD5: 449ca59d5668e3a24ae73de3a457aa29 C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe MD5: a4bbb9b38782886419fdd613f98e4021 C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe MD5: 1cd292e65d973d7ee568811aac8d9e44 C:\Program Files\Hotspot Shield\bin\libcurl.dll MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files\Hotspot Shield\bin\libeay32.dll MD5: 21c2b1b55d24fbff03ecfb9788c0bb77 C:\Program Files\Hotspot Shield\bin\libidn-11.dll MD5: df49cc0f2a00fa5cd2c79abd9c269796 C:\Program Files\Hotspot Shield\bin\libssl32.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: 33df4f19b0a5c0a66fdf5cc9d2848b8f C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\Program Files\Java\jre6\bin\msvcr71.dll MD5: 2cb7c019a1ab8ea3d281c9606d097331 c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll MD5: 10bed437023f93dd1ad8efa80e71280f C:\Program Files\Mozilla Firefox\freebl3.dll MD5: dce543b6b3ff516bd65c1030e4b933ff C:\Program Files\Mozilla Firefox\nssdbm3.dll MD5: 222afed911cbf5f9a454adee53d31b30 C:\Program Files\Mozilla Firefox\softokn3.dll MD5: 2d841b7b7f6dec32162edfcc69d61f42 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe MD5: edf657cc6d35e4bff1e4f144eb5e027f c:\program files\real\realplayer\Netscape6\nprjplug.dll MD5: 8908ac33d36f55a60a87a5290360fa27 c:\program files\real\realplayer\Netscape6\nprpjplug.dll MD5: d387ab223dc04979fb08e1e89f53f4d5 C:\Program Files\WinRAR\RarExt.dll MD5: e819e2d346b943f9562436e1abb50eae C:\PROGRA~1\WinZip\WZSHLSTB.DLL MD5: ea7267505149b3a10df32506a4e4e412 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe MD5: 8070bb07fe06de8b9acb29b07016a273 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe MD5: 31da97b4682187c6639bbe2215814fda C:\WINDOWS\system32\Adobe\Director\np32dsw.dll MD5: 30bb1bde595ca65fd5549462080d94e5 C:\WINDOWS\system32\drivers\AEGISP.sys MD5: d82414ec520453efe2eba936f6a9115a C:\WINDOWS\system32\drivers\EAPPKT.sys MD5: 4a6e7cd1aafdd88a6df6348e277951c2 C:\WINDOWS\system32\DRIVERS\rtl8185.sys MD5: d390675b8ce45e5fb359338e5e649329 C:\WINDOWS\system32\drivers\SPTD.sys MD5: 27a2c318cd28cfb3eb2200fd96af1e58 C:\WINDOWS\system32\DRIVERS\tapvpn.sys MD5: 4333a34011814af753004419f42797aa C:\WINDOWS\system32\DRIVERS\tenCapture.sys MD5: 15499fcf8d19c5049f5a29566c78ea12 C:\WINDOWS\system32\LogonDll.dll MD5: 561fa2abb31dfa8fab762145f81667c2 C:\WINDOWS\system32\msvcp71.dll MD5: 86f1895ae8c5e8b17d99ece768a70732 C:\WINDOWS\system32\msvcr71.dll MD5: 40e8fa0e4396dcae651b71acd0810cd5 C:\WINDOWS\system32\nvrsar.dll MD5: d5c9dc605e1acb57bf37be3e9890b936 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpi pelineprintproc.dll MD5: e35fabbe7f63cb9ae2a06a449392e3f6 C:\WINDOWS\system32\uxtheme.dll MD5: 686b224b4987c22b153fbb545fee9657 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a 1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll No file uploaded. Scan finished - communication took 6 sec Total traffic - 0.09 MB sent, 3.21 KB recvd Scanned 1047 files and modules - 195 seconds ================================================== ============================ ثالثا تقرير برنامج runscanner ارجو فحص الملف قبل فتحه مضغوط ببرنامج winrar runscanner.rar - 129 Kb والله يا اخواني مابقي برنامج ما استخدمه قد يكون سوء استعمال مني او ان البرنامج لا يقدر على هذا الفيروس اخيرا ارجوكم رجاء خاص اريد حل لا اريد عمل فورمات للهاردسك فيه ملفات لي قديمه بمعنى الكلمه وخسارتها تعني خسارة نصف العمر ولا انسى انا خالفت الاداره في عدم ظغطي للملفات جميعها والسبب خوفي من انتقال الفيروس لكم في داخل المجلد المظغوط اخر تقرير مظغوط ارجو فحصه قبل فتحه للتأكد من عدم انتقال الفيروس للملف وقد ظفطه ببرنامج winrar اتمنى ان اجد الحل بين ايدكم وفقكم الله وسدد خطاكم أكثر... |
| مواقع النشر (المفضلة) |
| أدوات الموضوع | |
| انواع عرض الموضوع | |
|
|
المواضيع المتشابهه
|
||||
| الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
| خبــر نغمة صلى الله عليك الله يا نور الهدى -اسلامية- | RSS | Arabic Rss | 0 | 08-24-2010 12:28 AM |
| لبنان: نصر الله يتحدث عن مؤامرة دولية تستهدف حزب الله | RSS | المجاوشي للأخبار العامه والسياسية والرياضية | 0 | 07-23-2010 01:55 AM |
| نصر الله: قرار محكمة الحريري كتب قبل التحقيق مع عناصر في حزب الله | RSS | المجاوشي للأخبار العامه والسياسية والرياضية | 0 | 07-23-2010 01:25 AM |
| نبذة عن حياة اية الله الراحل محمد حسين فضل الله | RSS | المجاوشي للأخبار العامه والسياسية والرياضية | 0 | 07-05-2010 02:32 AM |
| شرح البلاغة الواضحة: لفضيلة الشيخ أبي عبد الله محمد سعيد رسلان حفظه الله تعالى | RSS | Arabic Rss | 0 | 04-22-2010 04:03 PM |
|
|
العرض العادي
