fordeath Posted June 1, 2012 ID:556636 Share Posted June 1, 2012 Im Glad I Found a Site Like This . So I Scan My Pc With Ur Proggram And its founds 24 virus. now wich one i can delete wich one i should not .... pls help me some .i should add too, if ur heard there was a proggram named simorgh (phoenix) it was an anti filter , BBc said there is 2 version of this proggram one of them is normal one and other is a keylogger now i want to now wich i have do i have a keylogger i will glad if some one can help me .mbam-log-2012-06-01 (14-43-52).txt Link to post Share on other sites More sharing options...
MrCharlie Posted June 1, 2012 ID:556647 Share Posted June 1, 2012 Welcome to the forum.You can have MB remove them all.....Please Update and run a Quick Scan with MBAM, post the report.Make sure that everything is checked, and click Remove Selected.Please let me know how it is, MrC Link to post Share on other sites More sharing options...
fordeath Posted June 1, 2012 Author ID:556648 Share Posted June 1, 2012 I Attach The Log !Malwarebytes Anti-Malware (Trial) 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.06.01.02Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.13Admin :: IRANET-6B48E4B9 [administrator]Protection: Enabled6/1/2012 2:30:18 PMmbam-log-2012-06-01 (14-43-52).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 240389Time elapsed: 12 minute(s), 28 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 6HKCU\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.HKCU\SOFTWARE\V71IQL7HI7 (Trojan.FakeAlert) -> No action taken.HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.HKCU\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.HKCU\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> No action taken.HKLM\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> No action taken.Registry Values Detected: 1HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Trojan.Agent) -> Data: C:\RECYCLER\S-1-5-21-6855176443-9987867131-410422270-8802\sysdate.exe -> No action taken.Registry Data Items Detected: 1HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.Folders Detected: 5C:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A} (PUP.Zwangi) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\chrome (PUP.Zwangi) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\defaults (PUP.Zwangi) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\defaults\preferences (PUP.Zwangi) -> No action taken.Files Detected: 11C:\RECYCLER\S-1-5-21-1960408961-1644491937-1417001333-1003\Dc12.exe (PUP.UltraReach) -> No action taken.C:\Documents and Settings\Admin\Local Settings\Temp\Crypted.exe (PWS.Dybalom) -> No action taken.C:\RECYCLER\autoplay.exe (Trojan.Agent) -> No action taken.C:\Documents and Settings\Admin\Local Settings\Temp\OPR15C5.tmp (Trojan.Agent) -> No action taken.C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken.C:\Documents and Settings\Admin\Local Settings\Temp\.exe (Trojan.Agent) -> No action taken.C:\WINDOWS\Temp\.exe (Trojan.Agent) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\install.rdf (PUP.Zwangi) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\chrome\resulturl.jar (PUP.Zwangi) -> No action taken.C:\Program Files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\defaults\preferences\prefs.js (PUP.Zwangi) -> No action taken.(end) Link to post Share on other sites More sharing options...
MrCharlie Posted June 1, 2012 ID:556649 Share Posted June 1, 2012 HKCU\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.Once again....Please Update and run a Quick Scan with MBAM, post the report.Make sure that everything is checked, and click Remove Selected. MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted June 4, 2012 ID:557366 Share Posted June 4, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts