فايروس w32.myzor.fk@yf

alwardy · 10 أكتوبر 2008

السلام عليكم
اللابتوب صاده تروجان او فايروس الله اعلم اسمه w32.myzor.fk@yf

لا النود ولا ال avg ولا سبايوير دوكتور قدروا يسيلونه
الحل ياجماعه

sport · 10 أكتوبر 2008

عليكم السلام

======

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

ثم

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

alwardy · 10 أكتوبر 2008

هذا تقرير الاداه الاولى

ComboFix 08-10-10.01 - Ali 2008-10-10 23:39:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.973.1033.18.2404 [GMT 3:00]
Running from: C:\Documents and Settings\Ali\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Ali\Application Data\inst.exe
C:\Documents and Settings\Ali\Local Settings\Temporary Internet Files\outlineminus.IMG
C:\Documents and Settings\Ali\Local Settings\Temporary Internet Files\outlineminusmo.IMG
C:\Documents and Settings\Ali\Local Settings\Temporary Internet Files\outlineplus.IMG
C:\Documents and Settings\Ali\Local Settings\Temporary Internet Files\outlineplusmo.IMG
C:\Documents and Settings\Ali\My Documents\My Documents.url
C:\Documents and Settings\Ali\My Documents\My Music\My Music.url
C:\Documents and Settings\Ali\My Documents\My Pictures\My Pictures.url
C:\Documents and Settings\Ali\My Documents\My Videos\My Video.url
C:\Program Files\Applications\iebu.exe
C:\Program Files\Applications\myd.ico
C:\Program Files\Applications\mym.ico
C:\Program Files\Applications\myp.ico
C:\Program Files\Applications\myv.ico
C:\Program Files\Applications\ot.ico
C:\Program Files\Applications\ts.ico
C:\Program Files\Applications\wcm.exe
C:\Program Files\Applications\wcs.exe
C:\WINDOWS\system32\winitn.dll
C:\WINDOWS\system32\x64
.
((((((((((((((((((((((((( Files Created from 2008-09-10 to 2008-10-10 )))))))))))))))))))))))))))))))
.
2008-10-10 23:38 . 2008-10-10 23:38 <DIR> d-------- C:\ERDNT
2008-10-10 23:21 . 2008-10-10 23:21 <DIR> d-------- C:\WINDOWS\system32\xircom
2008-10-10 23:21 . 2008-10-10 23:21 <DIR> d-------- C:\Program Files\microsoft frontpage
2008-10-10 23:08 . 2008-10-10 23:08 <DIR> d-------- C:\Program Files\Avira
2008-10-10 22:34 . 2008-10-10 23:36 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-10 22:23 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-10-10 22:23 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-10-10 22:23 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-10-10 22:23 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-10-10 22:22 . 2008-10-10 22:43 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-10-10 22:22 . 2008-10-10 22:22 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\PC Tools
2008-10-10 22:00 . 2008-10-10 22:00 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\Grisoft
2008-10-10 21:59 . 2008-10-10 21:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-10-10 21:59 . 2007-05-30 15:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-10-10 21:45 . 2008-10-10 21:45 <DIR> d-------- C:\Program Files\Maximum Software
2008-10-10 21:30 . 2008-10-10 23:42 <DIR> d-------- C:\Program Files\Applications
2008-10-10 01:14 . 2008-10-10 01:15 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-09-29 20:44 . 2008-10-05 00:42 160 --a------ C:\WINDOWS\cdplayer.ini
2008-09-29 01:03 . 2008-09-29 01:03 <DIR> d-------- C:\WINDOWS\naevius_yt_1
2008-09-29 01:03 . 2008-09-29 01:10 <DIR> d-------- C:\Program Files\Naevius YouTube Converter
2008-09-29 01:03 . 2008-09-29 01:03 <DIR> d-------- C:\naevius_temp_folder
2008-09-29 00:58 . 2008-09-29 00:58 203,776 --a------ C:\WINDOWS\system32\clrviddc.dll
2008-09-29 00:52 . 2008-09-29 00:52 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-09-27 04:51 . 2008-09-27 04:51 <DIR> d-------- C:\Program Files\Opera
2008-09-25 02:56 . 2008-09-25 02:56 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\Publish Providers
2008-09-25 02:55 . 2008-09-25 02:55 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\Sony
2008-09-25 02:51 . 2008-09-25 02:51 <DIR> d-------- C:\Program Files\Vstplugins
2008-09-25 02:51 . 2008-09-25 02:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony
2008-09-25 02:50 . 2008-09-25 02:50 <DIR> d-------- C:\Program Files\Sony Setup
2008-09-25 02:50 . 2008-09-25 02:51 <DIR> d-------- C:\Program Files\Sony
2008-09-25 02:38 . 2008-09-25 02:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-09-25 02:14 . 2004-05-04 12:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll
2008-09-25 02:14 . 2006-05-20 17:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll
2008-09-24 04:08 . 2008-09-24 04:08 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\vlc
2008-09-24 02:45 . 2008-09-24 02:45 <DIR> d-------- C:\Program Files\Marsu-Fix
2008-09-24 02:45 . 2008-09-24 02:45 159,837 --a------ C:\WINDOWS\Marsu-Fix Uninstaller.exe
2008-09-18 16:12 . 2008-09-18 16:12 <DIR> d-------- C:\Documents and Settings\Ali\Application Data\ESET
2008-09-18 16:11 . 2008-09-18 16:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-09-15 17:11 . 2008-09-15 17:11 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-09-14 21:32 . 2004-05-14 12:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-09-14 21:32 . 2004-05-14 12:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-09-14 21:32 . 2004-05-14 12:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-09-14 21:32 . 2004-05-14 12:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-09-14 21:32 . 2004-01-11 22:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-09-14 21:32 . 2004-05-14 12:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-09-14 21:32 . 2003-11-04 11:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-09-14 21:32 . 2004-05-14 12:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-10 20:39 --------- d-----w C:\Documents and Settings\Ali\Application Data\DMCache
2008-10-10 20:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-10-10 18:35 --------- d-----w C:\Documents and Settings\Ali\Application Data\Azureus
2008-10-10 18:32 --------- d-----w C:\Program Files\Google
2008-10-06 18:51 --------- d-----w C:\Program Files\Nokia
2008-10-06 18:51 --------- d-----w C:\Program Files\Common Files\Nokia
2008-10-06 18:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-10-04 15:20 --------- d-----w C:\Documents and Settings\Ali\Application Data\Vso
2008-09-28 21:52 --------- d-----w C:\Program Files\Common Files\Real
2008-09-24 23:15 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-09-24 23:15 47,360 ----a-w C:\Documents and Settings\Ali\Application Data\pcouffin.sys
2008-09-24 23:14 --------- d-----w C:\Program Files\VSO
2008-09-24 00:49 --------- d-----w C:\Program Files\Video Convert Master
2008-09-15 14:12 --------- d-----w C:\Documents and Settings\Ali\Application Data\Nokia
2008-09-15 14:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-09-15 14:10 --------- d-----w C:\Documents and Settings\Ali\Application Data\PC Suite
2008-09-14 01:33 --------- d-----w C:\Program Files\SubFind
2008-09-12 19:27 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-09-09 17:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-09 07:41 --------- d-----w C:\Program Files\Ashampoo
2008-09-07 16:49 --------- d-----w C:\Documents and Settings\Ali\Application Data\IDM
2008-09-05 17:33 --------- d-----w C:\Program Files\Alo RM Converter
2008-09-05 16:41 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-09-05 15:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-05 15:05 --------- d-----w C:\Program Files\MSN Messenger
2008-09-05 13:40 --------- d-----w C:\Program Files\DFX
2008-09-05 13:40 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-05 13:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\DFX
2008-09-04 23:08 --------- d-----w C:\Program Files\StreamingStar
2008-09-04 21:33 --------- d-----w C:\Program Files\GoldWave
2008-09-03 19:55 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-03 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-09-03 19:47 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-09-03 19:47 --------- d-----w C:\Program Files\DIFX
2008-09-03 19:47 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-09-03 19:25 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-03 19:23 --------- d-----w C:\Program Files\Dell
2008-09-03 19:22 --------- d-----w C:\Program Files\Intel
2008-09-03 19:17 --------- d-----w C:\Program Files\Dell Support Center
2008-09-02 20:14 --------- d-----w C:\Documents and Settings\Ali\Application Data\Nero
2008-09-02 20:13 --------- d-----w C:\Program Files\Common Files\Nero
2008-09-02 20:12 --------- d-----w C:\Program Files\Nero
2008-09-02 20:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-09-01 11:03 --------- d-----w C:\Documents and Settings\Ali\Application Data\Ashampoo
2008-09-01 11:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\ashampoo
2008-08-31 21:32 81,920 ----a-w C:\Documents and Settings\Ali\Application Data\ezpinst.exe
2008-08-31 21:31 --------- d-----w C:\Program Files\Apple Software Update
2008-08-31 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-08-31 21:29 --------- d-----w C:\Documents and Settings\Ali\Application Data\Media Player Classic
2008-08-31 21:02 --------- d-----w C:\Program Files\CONEXANT
2008-08-31 21:01 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-31 21:01 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2008-08-31 21:01 --------- d-----w C:\Program Files\DellTPad
2008-08-31 20:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-08-31 20:55 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-31 20:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\SupportSoft
2008-08-31 20:19 --------- d-----w C:\Program Files\Internet Download Manager
2008-08-31 20:08 --------- d-----w C:\Program Files\MSXML 4.0
2008-08-31 19:48 --------- d-----w C:\Program Files\Azureus
2008-08-31 19:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-08-31 19:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-31 19:23 --------- d-----w C:\Program Files\Java
2008-08-31 19:04 --------- d-----w C:\Program Files\Common Files\Java
2008-08-31 18:55 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-31 18:44 --------- d-----w C:\Program Files\WIDCOMM
2008-08-31 18:43 --------- d-----w C:\Program Files\Synaptics
2008-08-31 18:43 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-31 18:12 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-08-31 18:12 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-31 15:36 --------- d-----w C:\Program Files\Windows Live
2008-08-31 15:35 --------- d-----w C:\Program Files\Real
2008-08-31 15:03 --------- d-----w C:\Program Files\SigmaTel
2008-08-31 14:22 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-31 10:07 --------- d-----w C:\Program Files\Marvell
2008-08-31 10:06 --------- d-----w C:\Documents and Settings\Ali\Application Data\TMP
2008-08-31 10:05 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\Intel
2008-08-31 08:50 --------- d-----w C:\Program Files\Microsoft Student
2008-08-31 08:49 --------- d-----w C:\Program Files\Learning Essentials
2008-08-31 07:29 --------- d-----w C:\Program Files\MSBuild
2008-08-31 07:29 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-31 07:29 --------- d-----w C:\Program Files\Microsoft Works
2008-08-31 07:27 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-08-31 07:18 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-08-31 07:15 --------- d-----w C:\Program Files\Saleen Software
2008-08-31 07:14 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-31 07:14 --------- d-----w C:\Documents and Settings\Ali\Application Data\DAEMON Tools
2008-08-31 07:08 --------- d-----w C:\Program Files\Creative Live! Cam
2008-08-31 07:08 --------- d-----w C:\Program Files\Creative
2008-08-31 07:08 --------- d-----w C:\Program Files\Common Files\Reallusion
2008-08-31 07:08 --------- d-----w C:\Documents and Settings\Ali\Application Data\InstallShield
2008-08-31 06:51 --------- d-----w C:\Program Files\BitDefender
2008-08-31 06:43 --------- d-----w C:\Program Files\Ringz Studio
2008-08-31 06:43 --------- d-----w C:\Program Files\Foxit Reader
2008-08-31 06:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-08-31 06:41 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-31 06:29 --------- d-----w C:\Program Files\Windows Media Connect 2
.
------- Sigcheck -------
2008-06-26 23:16 674816 0f2f01cdf020832eaf0704a3d1481d11 C:\WINDOWS\system32\user32.dll
2008-06-26 23:17 557056 7dd9ce78dd441eea2bbaff6d3eeaad08 C:\WINDOWS\system32\winlogon.exe
2008-06-26 23:23 2185216 839b8821b342cfb4f37f2df63abefa00 C:\WINDOWS\system32\ntkrnlpa.exe
2008-06-26 23:11 2306560 0f733106a818383806060abc29fe0f3a C:\WINDOWS\system32\ntoskrnl.exe
2008-06-26 23:07 1377792 bd63be0a3d05056222c86be283256d90 C:\WINDOWS\explorer.exe
2008-06-26 23:07 40448 c1d50243355a290cb3aa684fd8b38170 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-06-26 40448]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-08-31 2610608]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
"L09AXLRD_2781250"="C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" [2008-06-03 351000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [2006-11-26 97357]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" [2007-11-03 6731312]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1024000]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"OEM02Mon.exe"="C:\WINDOWS\OEM02Mon.exe" [2007-05-09 36864]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-07-02 159744]
"QuickTime Task"="C:\Program Files\Ringz Studio\Storm Codec\QTTask.exe" [2008-05-27 413696]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-09-05 137752]
"youtubeconverter"="C:\Program Files\Naevius YouTube Converter\mon.exe" [2008-09-23 647680]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-06-12 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"nltide_3"="advpack.dll" [2008-06-23 C:\WINDOWS\system32\advpack.dll]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-05-17 568176]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"46736:TCP"= 46736:TCP:46736
"46736:UDP"= 46736:UDP:46736
R2 AVEService;Avira AntiVir Premium MailGuard helper service;C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [2008-05-09 41217]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\WINDOWS\system32\drivers\IntcHdmi.sys [2007-05-04 105984]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys [2007-07-17 235520]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424]
S2 AntiVirMailService;Avira AntiVir Premium MailGuard;C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe [2008-07-11 164097]
S2 antivirwebservice;Avira AntiVir Premium WebGuard;C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE [2008-06-12 258305]
S2 gupdate1c912a172077bdc;Google Update Service (gupdate1c912a172077bdc);C:\Program Files\Google\Update\GoogleUpdate.exe [2008-09-09 133104]
S3 OEM02Afx;Provides a software interface to control audio effects of OEM002 camera.;C:\WINDOWS\system32\Drivers\OEM02Afx.sys [2007-06-07 141376]
.
s of the 'Scheduled Tasks' folder
2008-10-04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 13:57]
2008-10-10 C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2008-09-09 20:51]
.
- - - - ORPHANS REMOVED - - - -
BHO-{BE1A344F-9FF5-4024-949B-52205E6DB2D0} - C:\Program Files\Applications\iebt.dll
HKCU-Run-DellSupportCenter - C:\Program Files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-DellSupportCenter - C:\Program Files\Dell Support Center\bin\sprtcmd.exe
HKLM-Explorer_Run-smile - C:\Program Files\Applications\wcs.exe

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Ali\Application Data\Mozilla\Firefox\Profiles\tzq48dhe.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com.bh/
FF -: plugin - C:\Program Files\Google\Google Earth Plugin\npgeplugin.dll
FF -: plugin - C:\Program Files\Google\Update\1.2.131.11\npGoogleOneClick5.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,