با سلام.
دیروز آخرین باری بود که از سیستم استفاده کردم، فقط به این انجمن سر زدم و چند سایت کرک هش که اینجا بهم معرفی شده بود.
الان که سیستم رو روشن کردم NOD32 هشدار داد و شروع کرد به اسکن فایل های من.
تا الان که 10 دقیقه گذشته و بالغ بر 150 مورد فایل آلوده رو قرنتینه کرده.
آلودگی ها:
Sality.NAO virus
MSIL/Trojan dropper.small.Y trojan
virut.NBI.virus
Operating memory » winlogon.exe(1076) - Win32/Virut.NDT virus - unable to clean
Operating memory » C:\WINDOWS\system32\spoolsv.exe - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
Operating memory » C:\WINDOWS\Explorer.EXE - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
Operating memory » C:\Program Files\Bonjour\mDNSResponder.exe - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Documents and Settings\All Users\Application Data\IndigoRose\AutoPlay Media Studio\8.0\Update.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\InstallMate\{0AA79968-4F1D-6BA3-8948-073FD144BB9E}\Setup.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\InstallMate\{1DFF0CE4-85F3-99BF-7B54-CDD1C61C2E12}\Setup.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\TuneUp Software\TU2011\StartUp Manager\Disabled objects for all users\Reboot.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\User\Application Data\CRYPTED.EXE - a variant of MSIL/TrojanDropper.Small.Y trojan - cleaned by deleting - quarantined
C:\Documents and Settings\User\Application Data\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe - a variant of Win32/Adware.ADON potentially unwanted application - action selection postponed until scan completion
C:\Documents and Settings\User\Local Settings\Application Data\Identities\{23F05023-7D5C-4528-B089-AEAEEA8EC831}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » PROCESS_LIBRARY.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION_CUSTOMIZED.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » TRACK_ISSUES.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » POLICIES.FDT » MIME - is OK (internal scanning not performed)
C:\Program Files\Adobe\Adobe Device Central CS3\DeviceCentral.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Adobe\Reader 11.0\Reader\ACRORD32.EXE - Win32/Sality.NAO virus - cleaned - quarantined
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Bonjour\mDNSResponder.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Cain\UNINSTAL.EXE - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Cain\Winrtgen\Winrtgen.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Ahead\Lib\NeroScoutOptions.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Havij 1.13 Free\HAVIJ.EXE - Win32/Sality.NAO virus - cleaned - quarantined
C:\Program Files\IcoFX 1.6\IcoFX.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\IDT\1062012132326\STacSV.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\JetAudio\JetCast.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\K-Lite Codec Pack\Info\faq.htm - HTML/Iframe.B.Gen virus - action selection postponed until scan completion
C:\Program Files\K-Lite Codec Pack\Tools\graphstudio.exe - Win32/Virut.NBI virus - cleaned - quarantined
یه لطفی کنید و بگید آیا دوستان آشیانه دارن با ما شوخی میکنند یا منشا آلودگی جای دیگست؟[/B]
دیروز آخرین باری بود که از سیستم استفاده کردم، فقط به این انجمن سر زدم و چند سایت کرک هش که اینجا بهم معرفی شده بود.
الان که سیستم رو روشن کردم NOD32 هشدار داد و شروع کرد به اسکن فایل های من.
تا الان که 10 دقیقه گذشته و بالغ بر 150 مورد فایل آلوده رو قرنتینه کرده.
آلودگی ها:
Sality.NAO virus
MSIL/Trojan dropper.small.Y trojan
virut.NBI.virus
Operating memory » winlogon.exe(1076) - Win32/Virut.NDT virus - unable to clean
Operating memory » C:\WINDOWS\system32\spoolsv.exe - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
Operating memory » C:\WINDOWS\Explorer.EXE - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
Operating memory » C:\Program Files\Bonjour\mDNSResponder.exe - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Documents and Settings\All Users\Application Data\IndigoRose\AutoPlay Media Studio\8.0\Update.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\InstallMate\{0AA79968-4F1D-6BA3-8948-073FD144BB9E}\Setup.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\InstallMate\{1DFF0CE4-85F3-99BF-7B54-CDD1C61C2E12}\Setup.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\TuneUp Software\TU2011\StartUp Manager\Disabled objects for all users\Reboot.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Documents and Settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe - Win32/Sality.NAO virus - cleaned - quarantined
C:\Documents and Settings\User\Application Data\CRYPTED.EXE - a variant of MSIL/TrojanDropper.Small.Y trojan - cleaned by deleting - quarantined
C:\Documents and Settings\User\Application Data\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe - a variant of Win32/Adware.ADON potentially unwanted application - action selection postponed until scan completion
C:\Documents and Settings\User\Local Settings\Application Data\Identities\{23F05023-7D5C-4528-B089-AEAEEA8EC831}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » PROCESS_LIBRARY.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION_CUSTOMIZED.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » HIRING_REQUISITION.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » TRACK_ISSUES.FDT » MIME - is OK (internal scanning not performed)
C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\EnterWW.cab » CAB » POLICIES.FDT » MIME - is OK (internal scanning not performed)
C:\Program Files\Adobe\Adobe Device Central CS3\DeviceCentral.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Adobe\Reader 11.0\Reader\ACRORD32.EXE - Win32/Sality.NAO virus - cleaned - quarantined
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Bonjour\mDNSResponder.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Cain\UNINSTAL.EXE - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Cain\Winrtgen\Winrtgen.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Ahead\Lib\NeroScoutOptions.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Havij 1.13 Free\HAVIJ.EXE - Win32/Sality.NAO virus - cleaned - quarantined
C:\Program Files\IcoFX 1.6\IcoFX.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\IDT\1062012132326\STacSV.exe.vir - Win32/Virut.NBI virus - cleaned (after the next restart) - quarantined
C:\Program Files\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\JetAudio\JetCast.exe - Win32/Virut.NBI virus - cleaned - quarantined
C:\Program Files\K-Lite Codec Pack\Info\faq.htm - HTML/Iframe.B.Gen virus - action selection postponed until scan completion
C:\Program Files\K-Lite Codec Pack\Tools\graphstudio.exe - Win32/Virut.NBI virus - cleaned - quarantined
یه لطفی کنید و بگید آیا دوستان آشیانه دارن با ما شوخی میکنند یا منشا آلودگی جای دیگست؟[/B]