فايروس ومشاكل اخرى + تقر

دوت · 5 يونيو 2011

الجهاز كان طبيعي ونزلته لمحل حاسب يفرمته وسوسه بس:cr:

جاني الجهاز اما مهكر اماعليه فايروس

هذه صور

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

تقرير Hijack

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:20:47 م, on 04/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Motorola\Connection Manager\MotoCM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Motorola\Connection Manager\RcAppSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\aadrive32.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Motorola Connection Manager] "C:\Program Files\Motorola\Connection Manager\MotoCM.exe" -a
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tnaww] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe
O4 - HKCU\..\Run: [sdjwe] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1343\jwjqa.exe
O4 - HKCU\..\Run: [jaqq] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9043\jwkd.exe
O4 - HKCU\..\Run: [jkqq] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9143\jikd.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [YDZ1QVAGOJ] C:\WINDOWS\TEMP\Ubg.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Motorola RcAppSvc (MOTOROLARcAppSvc) - SmithMicro Inc. - C:\Program Files\Motorola\Connection Manager\RcAppSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--

End of file - 7494 bytes

صورة من تحليل التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 12 يونيو 2011

RcAppSvc.exe
Size 111,896 byte(s)
Status Unknown
Vendor Smith Micro Software, Inc. (Not Rated)
Product RcAppSvc
Product version 4.3.413.0
Sighting 02-Jul-09 19-Feb-10
Actions Allowed by 75% user(s)

What does RcAppSvc.exe do?
Autorun - automatically runs every time you start your computer
Process - a process that runs on your computer
Cache

RcAppSvc.exe Version info
RcAppSvc.exe describes itself as follows. Note that this information can easy be faked

Product Name RcAppSvc
Product Version 4.3.413.0
File Version 4.3.413.0
Copyright SmithMicro Inc. All rights reserved.
Internal Name RcAppSvc.exe
Original Name RcAppSvc.exe
Description RcAppSvc, Service Helper

OA Version(s):
3.0.0.190
3.5.0.32
4.0.0.15

Imported DLL's
advapi32.dll
kernel32.dll
rpcrt4.dll
setupapi.dll
user32.dll
iphlpapi.dll
cfgmgr32.dll
msvcr80.dll
msvcp80.dll
diagnostic.dll
rpcsrvapi.dll

Locations:
RcAppSvc.exe is found in 1 location(s)

%ProgramFiles%\Clearwire\Connection Manager\

علي همر · 12 يونيو 2011

اختي طبقي هذي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعدها

هذي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 13 يونيو 2011

SmitFraudFix v2.424

Scan done at 12:39:21.46, Sun 06/12/2011
Run from C:\Documents and Settings\User\My Documents\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

»»»»»»»»»»»»»»»»»»»»»»»» RK.2

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

SmitFraudFix v2.424

Scan done at 12:43:54.17, Sun 06/12/2011
Run from C:\Documents and Settings\User\My Documents\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\User

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\User\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\User\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\User\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, following keys are not inevitably infected!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

»»»»»»»»»»»»»»»»»»»»»»»» DNS

»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

دوت · 13 يونيو 2011

SmitFraudFix v2.424

Scan done at 12:55:35.21, Sun 06/12/2011
Run from C:\Documents and Settings\User\My Documents\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

»»»»»»»»»»»»»»»»»»»»»»»» RK.2

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

دوت · 13 يونيو 2011

كل ملفات جهازي 1ك فقط

حتى برامج الحماية

ومنتشر ملف اسمه دسك توب دل

حتى لوحة التحكم فيها نسخه منه

ولاعبين في الادوات الاداريه

والجهاز مو تحت تحكمي ابدا

لااقدر احمل من النت

والجهاز بطي

و ال c:

به مجلد فارغ اسمه RECYCLER

ولايسمح لي حذفه

وملفات اخرى تبدأ مع بدأ التشغيل ولما افتح ابدأ - تشغيل -واكتب بدأ التشغيل بالانجليزي مالقاها

والتحويل من عربي وانجليزي والتاريخ مو من صلاحياتي

والكثير

مالحل

دوت · 13 يونيو 2011

Avira AntiVir Personal
Report file date: 11 رجب, 1432 12:51

Scanning for 2752344 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : RA-SA

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 27/04/1432 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 06/07/1432 16:54:04
AVSCAN.DLL : 10.0.3.0 46440 Bytes 17/04/1431 21:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 28/01/1432 18:12:56
LUKERES.DLL : 10.0.0.1 12648 Bytes 27/02/1431 08:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 19/11/1430 18:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 08/01/1432 18:12:55
VBASE002.VDF : 7.11.3.0 1950720 Bytes 06/03/1432 16:54:02
VBASE003.VDF : 7.11.5.225 1980416 Bytes 04/05/1432 16:54:03
VBASE004.VDF : 7.11.8.178 2354176 Bytes 28/06/1432 16:54:03
VBASE005.VDF : 7.11.8.179 2048 Bytes 28/06/1432 16:54:03
VBASE006.VDF : 7.11.8.180 2048 Bytes 28/06/1432 16:54:03
VBASE007.VDF : 7.11.8.181 2048 Bytes 28/06/1432 16:54:03
VBASE008.VDF : 7.11.8.182 2048 Bytes 28/06/1432 16:54:03
VBASE009.VDF : 7.11.8.183 2048 Bytes 28/06/1432 16:54:03
VBASE010.VDF : 7.11.8.184 2048 Bytes 28/06/1432 16:54:03
VBASE011.VDF : 7.11.8.185 2048 Bytes 28/06/1432 16:54:03
VBASE012.VDF : 7.11.8.186 2048 Bytes 28/06/1432 16:54:03
VBASE013.VDF : 7.11.8.222 121856 Bytes 01/07/1432 16:54:03
VBASE014.VDF : 7.11.9.7 134656 Bytes 03/07/1432 16:54:03
VBASE015.VDF : 7.11.9.42 136192 Bytes 05/07/1432 16:54:03
VBASE016.VDF : 7.11.9.72 117248 Bytes 06/07/1432 16:54:03
VBASE017.VDF : 7.11.9.107 130560 Bytes 08/07/1432 06:28:18
VBASE018.VDF : 7.11.9.143 132096 Bytes 09/07/1432 06:30:08
VBASE019.VDF : 7.11.9.144 2048 Bytes 09/07/1432 06:30:09
VBASE020.VDF : 7.11.9.145 2048 Bytes 09/07/1432 06:30:09
VBASE021.VDF : 7.11.9.146 2048 Bytes 09/07/1432 06:30:10
VBASE022.VDF : 7.11.9.147 2048 Bytes 09/07/1432 06:30:10
VBASE023.VDF : 7.11.9.148 2048 Bytes 09/07/1432 06:30:11
VBASE024.VDF : 7.11.9.149 2048 Bytes 09/07/1432 06:30:12
VBASE025.VDF : 7.11.9.150 2048 Bytes 09/07/1432 06:30:12
VBASE026.VDF : 7.11.9.151 2048 Bytes 09/07/1432 06:30:12
VBASE027.VDF : 7.11.9.152 2048 Bytes 09/07/1432 06:30:13
VBASE028.VDF : 7.11.9.153 2048 Bytes 09/07/1432 06:30:13
VBASE029.VDF : 7.11.9.154 2048 Bytes 09/07/1432 06:30:14
VBASE030.VDF : 7.11.9.155 2048 Bytes 09/07/1432 06:30:15
VBASE031.VDF : 7.11.9.159 8704 Bytes 10/07/1432 09:58:00
Engineversion : 8.2.5.14
AEVDF.DLL : 8.1.2.1 106868 Bytes 28/01/1432 18:12:55
AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 06/07/1432 16:54:03
AESCN.DLL : 8.1.7.2 127349 Bytes 28/01/1432 18:12:55
AESBX.DLL : 8.2.1.34 323957 Bytes 06/07/1432 16:54:03
AERDL.DLL : 8.1.9.9 639347 Bytes 06/07/1432 16:54:03
AEPACK.DLL : 8.2.6.8 557430 Bytes 06/07/1432 16:54:03
AEOFFICE.DLL : 8.1.1.25 205178 Bytes 06/07/1432 16:54:03
AEHEUR.DLL : 8.1.2.125 3543415 Bytes 09/07/1432 06:42:31
AEHELP.DLL : 8.1.17.2 246135 Bytes 06/07/1432 16:54:03
AEGEN.DLL : 8.1.5.6 401780 Bytes 06/07/1432 16:54:03
AEEMU.DLL : 8.1.3.0 393589 Bytes 28/01/1432 18:12:55
AECORE.DLL : 8.1.21.1 196983 Bytes 06/07/1432 16:54:03
AEBB.DLL : 8.1.1.0 53618 Bytes 28/01/1432 18:12:55
AVWINLL.DLL : 10.0.0.0 19304 Bytes 29/01/1431 21:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 29/01/1431 21:03:35
AVREP.DLL : 10.0.0.10 174120 Bytes 06/07/1432 16:54:04
AVREG.DLL : 10.0.3.2 53096 Bytes 28/01/1432 18:12:56
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 06/07/1432 16:54:04
AVARKT.DLL : 10.0.22.6 231784 Bytes 28/01/1432 18:12:56
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 11/02/1431 18:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 13/02/1431 21:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 02/04/1431 00:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 06/03/1431 23:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 13/02/1431 22:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 28/01/1432 18:12:55

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 11 رجب, 1432 12:51

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp\Parameters\{87d3d372-ef6c-4386-bb08-403f21f122b6}
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87D3D372-EF6C-4386-BB08-403F21F122B6}\dhcpserver
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87D3D372-EF6C-4386-BB08-403F21F122B6}\dhcpserver
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{87D3D372-EF6C-4386-BB08-403F21F122B6}\Parameters\Tcpip\dhcpipaddress
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{87D3D372-EF6C-4386-BB08-403F21F122B6}\Parameters\Tcpip\dhcpsubnetmask
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '39' Module(s) have been scanned
Scan process 'chrome.exe' - '67' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'RcAppSvc.exe' - '29' Module(s) have been scanned
Scan process 'wuauclt.exe' - '50' Module(s) have been scanned
Scan process 'MotoCM.exe' - '120' Module(s) have been scanned
Scan process 'avscan.exe' - '66' Module(s) have been scanned
Scan process 'msmsgs.exe' - '45' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'rbmonitor.exe' - '40' Module(s) have been scanned
Scan process 'avshadow.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'jqs.exe' - '35' Module(s) have been scanned
Scan process 'avguard.exe' - '56' Module(s) have been scanned
Scan process 'sched.exe' - '45' Module(s) have been scanned
Scan process 'spoolsv.exe' - '58' Module(s) have been scanned
Scan process 'Explorer.EXE' - '101' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '152' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '29' Module(s) have been scanned
Scan process 'winlogon.exe' - '67' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '369' files ).

Starting the file scan:

Begin scan in 'C:\' <win xp>
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP27\A0007681.exe
[WARNING] The file could not be read!
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP27\A0007682.exe
[WARNING] The file could not be read!
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP27\A0007683.exe
[WARNING] The file could not be read!
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP28\A0008716.exe
--> Object
[WARNING] The file could not be read!
[WARNING] The file could not be read!
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP33\A0018615.exe
[DETECTION] Is the TR/Pincav.bgqt Trojan

Beginning disinfection:
C:\System Volume Information\_restore{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP33\A0018615.exe
[DETECTION] Is the TR/Pincav.bgqt Trojan
[NOTE] The file was moved to the quarantine directory under the name '453d3875.qua'.

End of the scan: 11 رجب, 1432 14:02
Used time: 57:13 Minute(s)

The scan has been done completely.

3833 Scanned directories
188086 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
188085 Files not concerned
1488 Archives were scanned
5 Warnings
5 Notes
295793 Objects were scanned with rootkit scan
5 Hidden objects were found

دوت · 13 يونيو 2011

سببحان الله والحمدلله والله اكبر

علي همر · 13 يونيو 2011

اسف على التاخير

اختي اعطيني تقرير هايجك جديد+رن سكنر جديد+قائمة البرامج

دوت · 13 يونيو 2011

اعطنى روابط رن اسكنر والهاىجاك حتى احملها من مقهى وارسلها لجهازى

كىف اعطك قائمه البرامج من اي برنامج اطلعها

فايروس ومشاكل اخرى + تقر

دوت

زيزوومي نشيط

دوت

زيزوومي نشيط

علي همر

زيزوومى فضى

توقيع : علي همر

دوت

زيزوومي نشيط

دوت

زيزوومي نشيط

دوت

زيزوومي نشيط

دوت

زيزوومي نشيط

دوت

زيزوومي نشيط

علي همر

زيزوومى فضى

توقيع : علي همر

دوت

زيزوومي نشيط

حصري (ينتهي الدعم في 13 يناير 2032) Windows 10 IoT Enterprise LTSC 2021 (19044.6276) Aio Multi Update August 2025