مشكلة في البالتوك

alshbaah_911 · 4 أبريل 2011

السلام عليكم ورحمة الله وبركاته

اخواني الكرام حفظكم الله تعالى ورعاكم انا من رواد برنامج البالتوك

صار لي شهرين أعاني من مشكلة روم الهلب في البالتوك أبدأو عجزهم عن حل المشكلة التي أواجهها المشكلة يا اخوان هي لما ادخل غرفة يطلع لي مربع هذا هو

في كل مرة ادخل أي غرفة يطلع لي هالمربع

انا عانيت الكثيييييير من هالازعاج ياليت يا اخوان الي يعرف يسعفني بالحل

جزاكم الله خير وبارك الله فيكم

انتظر تجاوبكم رعاكم الله

alshbaah_911 · 4 أبريل 2011

يا اخوان فيه أحد يساعدني بارك الله فيكم

علي همر · 4 أبريل 2011

وعليكم السلام

ادخل هنا

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

من ثم اعمل

تقرير هايجك+ برامج مثبتة

alshbaah_911 · 4 أبريل 2011

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:30:12 م, on 04/04/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\AvaFind\AvaFind.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Multi-Paltalk v.10-389-vip\paltalk.exe
C:\Program Files\Creative\MediaSource\CTCMS.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Multi-Paltalk v.10-389-vip\paltalk..exe
C:\Zyzoom_Forum_Tools\zHijak.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: VIPTToolbarManager Class - {1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - C:\Program Files\Visual IP Trace 2009\VisualIPTraceIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Visual IP Trace - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - C:\Program Files\Visual IP Trace 2009\VisualIPTraceIE.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [rundll32.exe] C:\WINDOWS\system32\yahoo chat\rundll32.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [AvaFind] "C:\Program Files\AvaFind\AvaFind.exe" /minimized
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\xp ascs\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: فحص عناوين المواقع (URL) - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone:

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {38D6D77C-5EC1-4A4A-AFEB-85FE780CD61A} (FontDownloaderIE Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504780} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7A0D1738-10EA-47FF-92BE-4E137B5BE1A4} (Stm Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B0067CA5-2C37-4C6B-AAEC-5E2CE8635061} (FontDown Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\Browseui.dll
O22 - SharedTaskScheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\Browseui.dll
O23 - Service: Kaspersky PURE (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Blaze Media Pro\NMSAccess32.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 10558 bytes

طآغي النظرهـ · 4 أبريل 2011

أعمل التقرير التالي لو سمحت

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

alshbaah_911 · 4 أبريل 2011

************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.
************' Anti-Malware 1.50.1.1100

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 6266
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
04/04/2011 05:18:02 م
mbam-log-2011-04-04 (17-18-02).txt
Scan type: Full scan (C:\|)
Objects scanned: 292033
Time elapsed: 1 hour(s), 19 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa (PUP.Wpakill) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\maowsoat_ibntaimia_02.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{A4B54069-3C67-EE69-0E0A-0D88201DF744} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rundll32.exe (Trojan.Agent) -> Value: rundll32.exe -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\WINDOWS\system32\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\documents and settings\xp ascs\application data\desktopicon\ebayshortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\10000001200002h\msimn.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000001900002h\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000003300002h\klwtblfs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\application data\thinstall\Ava Find\4000008100002h\realplay.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج\الموسوعة الرجالية الرافضية.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\البرامج6\U96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\xp ascs\سطح المكتب\الفلاش\idman crack abuhemmo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\program files\mask surf pro\check.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\Dorar\Dorar.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191227.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191230.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP553\A0191248.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP485\A0146753.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP494\A0148922.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP508\A0151533.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0d1f2d46-4aba-4a9b-83c9-dd5fd05ed68d}\RP527\A0187322.dll (PUP.Wpakill) -> Not selected for removal.
c:\zwga\antiwpa.dll (PUP.Wpakill) -> Not selected for removal.
c:\WINDOWS\system32\logg.dat (Malware.Trace) -> Quarantined and deleted successfully.

alshbaah_911 · 4 أبريل 2011

يا اخوان فيه حل او لا

انا من الساعة تسعة الصباح وانا اراقب الموضوع إلى الساعة خمسه ونص العصر

فيه حل او لا

MAAX · 4 أبريل 2011

اعمل تقرير قائمة البرامج المثبتة

alshbaah_911 · 4 أبريل 2011

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

شلون ؟

MAAX · 4 أبريل 2011

حمل الاداة من هذا الموضوع

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

alshbaah_911 · 4 أبريل 2011

عندي الأداة هذي من زمان

تفضل هذا التقرير

====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3

====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Able2Extract Professional v6.0
Active WebCam
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 - Arabic
Apple Application Support
Apple Software Update
Ava Find
Balot.Net Plugin
Battlefield 2(TM)
Bonjour
BufferChm
Compatibility Pack for the 2007 Office system
Copy
Creative MediaSource
Creative System Information
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F2200_ProductContext
DJ_AIO_03_F2200_Software
DJ_AIO_03_F2200_Software_Min
Driver Magician 3.5
Easy-Hide-IP 3.6.2
eSupportQFolder
F2200
F2200_Help
FormatFactory 2.30
GeeKz Virus Remover V4.1
GOM Player
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Customer Participation Program 10.0
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPProductAssistant
HPSSupply
HyperSnap 6
Intel(R) Graphics Media *********** Driver
Internet Download Manager
Internet Download Manager 6.04 Build 2
J2SE Runtime Environment 5.0 Update 17
Java Auto Updater
Java(TM) 6 Update 24
Kaspersky PURE
Kaspersky PURE
K-Lite Codec Pack 2.77 Full
MagicDisc 2.7.106
ManyCam 2.5.48 (remove only)
MarketResearch
Mass Actions
Messenger Plus! 5
Microsoft .NET Framework 2.0 Language Pack - ARA
Microsoft .NET Framework 2.0 Language Pack - ARA
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveX Control Pad
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.14)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Lite 8.3.2.1
NVIDIA Drivers
PSSWCORE
PunkBuster Services
Quran - Searcher 5.0
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RealUpgrade 1.1
Rhapsody Player Engine
Scan
Script31Pro
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Shop for HP Supplies
Skype™ 4.2
SmartWebPrintingOC
Smarty Uninstaller Pro
Snagit 10
SolutionCenter
Sound Blaster Audigy
Spelling Dictionaries Support For Adobe Reader 9
Status
System Requirements Lab CYRI
Toolbox
TrayApp
Uninstall Tool
UnloadSupport
Unlocker 1.8.6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
Visual IP Trace
VLC media player 0.9.4
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinX HD Video Converter Deluxe 3.10.2
Your Uninstaller! 2010
أحكام التجويد - الإصدار الأول
أداة التحميل Windows Live Upload Tool
الأطلس الإلكترونى
الدرر السنية
تحديث أمان لـ Windows Internet Explorer 8 (KB2482017)‎
تحديث أمان لـ Windows XP (KB2393802)‎
تحديث أمان لـ Windows XP (KB2419632)‎
تحديث أمان لـ Windows XP (KB2476687)‎
تحديث أمان لـ Windows XP (KB2478960)‎
تحديث أمان لـ Windows XP (KB2478971)‎
تحديث أمان لـ Windows XP (KB2479628)‎
تحديث أمان لـ Windows XP (KB2479943)‎
تحديث أمان لـ Windows XP (KB2481109)‎
تحديث أمان لـ Windows XP (KB2483185)‎
تحديث أمان لـ Windows XP (KB2485376)‎
تحديث أمان لـ Windows XP (KB2524375)‎
تحديث لـ Microsoft Windows رقم (KB971513)
تحديث لـ Windows Internet Explorer 8 (KB2447568)‎
تحديث لـ Windows XP (KB971029)‎
جوامع الكلم
حزمة التوافق لنظام Office 2007
حزمة موفر خدمة تشفير البطاقة الذكية الأساسية من Microsoft
مساعد تسجيل الدخول إلى Windows Live

alshbaah_911 · 4 أبريل 2011

فيه حل يالربع ؟؟؟؟؟؟؟

MAAX · 4 أبريل 2011

من اضافة وازالة البرامج احذف التالي

Google Toolbar for Internet Explorer

واعمل تقرير رن سكنر

alshbaah_911 · 4 أبريل 2011

حذفته من اضافة وازالة البرامج وهذا تقرير بعد الحذف

====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3

====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Able2Extract Professional v6.0
Active WebCam
Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 - Arabic
Apple Application Support
Apple Software Update
Ava Find
Balot.Net Plugin
Battlefield 2(TM)
Bonjour
BufferChm
Compatibility Pack for the 2007 Office system
Copy
Creative MediaSource
Creative System Information
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DJ_AIO_03_F2200_ProductContext
DJ_AIO_03_F2200_Software
DJ_AIO_03_F2200_Software_Min
Driver Magician 3.5
Easy-Hide-IP 3.6.2
eSupportQFolder
F2200
F2200_Help
FormatFactory 2.30
GeeKz Virus Remover V4.1
GOM Player
Google Chrome
Google Earth
GPBaseService
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Customer Participation Program 10.0
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPProductAssistant
HPSSupply
HyperSnap 6
Intel(R) Graphics Media *********** Driver
Internet Download Manager
Internet Download Manager 6.04 Build 2
J2SE Runtime Environment 5.0 Update 17
Java Auto Updater
Java(TM) 6 Update 24
Kaspersky PURE
Kaspersky PURE
K-Lite Codec Pack 2.77 Full
MagicDisc 2.7.106
ManyCam 2.5.48 (remove only)
MarketResearch
Mass Actions
Messenger Plus! 5
Microsoft .NET Framework 2.0 Language Pack - ARA
Microsoft .NET Framework 2.0 Language Pack - ARA
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveX Control Pad
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.14)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Lite 8.3.2.1
NVIDIA Drivers
PSSWCORE
PunkBuster Services
Quran - Searcher 5.0
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
RealUpgrade 1.1
Rhapsody Player Engine
Scan
Script31Pro
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
Shop for HP Supplies
Skype™ 4.2
SmartWebPrintingOC
Smarty Uninstaller Pro
Snagit 10
SolutionCenter
Sound Blaster Audigy
Spelling Dictionaries Support For Adobe Reader 9
Status
System Requirements Lab CYRI
Toolbox
TrayApp
Uninstall Tool
UnloadSupport
Unlocker 1.8.6
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
Visual IP Trace
VLC media player 0.9.4
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
WinX HD Video Converter Deluxe 3.10.2
Your Uninstaller! 2010
أحكام التجويد - الإصدار الأول
أداة التحميل Windows Live Upload Tool
الأطلس الإلكترونى
الدرر السنية
تحديث أمان لـ Windows Internet Explorer 8 (KB2482017)‎
تحديث أمان لـ Windows XP (KB2393802)‎
تحديث أمان لـ Windows XP (KB2419632)‎
تحديث أمان لـ Windows XP (KB2476687)‎
تحديث أمان لـ Windows XP (KB2478960)‎
تحديث أمان لـ Windows XP (KB2478971)‎
تحديث أمان لـ Windows XP (KB2479628)‎
تحديث أمان لـ Windows XP (KB2479943)‎
تحديث أمان لـ Windows XP (KB2481109)‎
تحديث أمان لـ Windows XP (KB2483185)‎
تحديث أمان لـ Windows XP (KB2485376)‎
تحديث أمان لـ Windows XP (KB2524375)‎
تحديث لـ Microsoft Windows رقم (KB971513)
تحديث لـ Windows Internet Explorer 8 (KB2447568)‎
تحديث لـ Windows XP (KB971029)‎
جوامع الكلم
حزمة التوافق لنظام Office 2007
حزمة موفر خدمة تشفير البطاقة الذكية الأساسية من Microsoft
مساعد تسجيل الدخول إلى Windows Live

MAAX · 4 أبريل 2011

تقرير رن سكنر اخي

حمل الاداة من هذا الموضوع

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

alshbaah_911 · 4 أبريل 2011

عذراً اخي الكريم اخطأت هذا التقرير لرن سكنر

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

MAAX · 4 أبريل 2011

طبق شرح التنظيف على ملف رن سكنر التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

واعمل التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

وبلغنا النتائج

alshbaah_911 · 4 أبريل 2011

جزاك الله ألف خير وبيض الله وجهك خلاص انحلت المشكلة تماماً

ولكن واجهة مشكلة ثانيه وحليتها ولله الحمد ايضاً بفضل الله ثم زيزوم

المشكلة انه يطلع لي مربع يقول لي المنتج خطأ مايدخلني على الجهاز لا في الواجهه الي يقول فيها مرحبا يطلع لي الخطا ويوقف الجهاز الخطأ هو

0x80004005

لكن دخلت على أداة زيزوم كانت عندي سابقة اسمها

Zyzoom_Fix_Error_0x80004005

وحليتها ولله الحمد لكن للأسف لما جيت ابي احلها واتواصل معك بالمنتدى ودخلت عن طريق السيف مود مافيه اتصال انترنت اذا كان وتراني اقول الكلام هذا وانا مستحي والله هههههههه اذا كان فيه حل برابط بحيث بس ادخل عليه واتبع الطرق ويصير فيه اتصال بالسيف مود اكون لك من الشاكرين

اما هذي المشكلة انتهت بفضل الله ثم بفضل تعبك معاي ماقصرت بيض الله وجهك

MAAX · 4 أبريل 2011

الله يبشرك بالخير اخي والفضل لله وحده
للدخول للوضع الامن مع اتصال اختر ثاني خيار
وهو سيف مود ويذ نتورك

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومى مميز

زيزوومى مميز

زيزوومى فضى

توقيع : علي همر

زيزوومى مميز

زيزوومى محترف

توقيع : طآغي النظرهـ

زيزوومى مميز

زيزوومى مميز

عضوشرف

زيزوومى مميز

عضوشرف

زيزوومى مميز

زيزوومى مميز

عضوشرف

زيزوومى مميز

عضوشرف

زيزوومى مميز

عضوشرف

زيزوومى مميز

عضوشرف

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم