فايروس ومشاكل اخرى + تقر

دوت · 5 يونيو 2011

الجهاز كان طبيعي ونزلته لمحل حاسب يفرمته وسوسه بس:cr:

جاني الجهاز اما مهكر اماعليه فايروس

هذه صور

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

تقرير Hijack

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:20:47 م, on 04/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Motorola\Connection Manager\MotoCM.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Motorola\Connection Manager\RcAppSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\aadrive32.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Motorola Connection Manager] "C:\Program Files\Motorola\Connection Manager\MotoCM.exe" -a
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tnaww] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe
O4 - HKCU\..\Run: [sdjwe] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1343\jwjqa.exe
O4 - HKCU\..\Run: [jaqq] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9043\jwkd.exe
O4 - HKCU\..\Run: [jkqq] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-9143\jikd.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [YDZ1QVAGOJ] C:\WINDOWS\TEMP\Ubg.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Motorola RcAppSvc (MOTOROLARcAppSvc) - SmithMicro Inc. - C:\Program Files\Motorola\Connection Manager\RcAppSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--

End of file - 7494 bytes

صورة من تحليل التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

rd-19 · 7 يونيو 2011

ماهو مشكله اختي

فحصتي جهازك باللي عطاك اياه يحيى او حملتي اللي عطيتك اياه ,,

دوت · 7 يونيو 2011

يااخوي كل مااحمل اي برنامج حماية النت يفصل الجهاز مو تحت سيطرتي (جهاز اخوي ) جهازي خلاص مات نزلته للهندي اشوف علومه

protection · 8 يونيو 2011

عندك برنامج مزيف .. يطالبك بالتسجيل علشان تشترين البرنامج ويسرق البطاقه الائتمانيه
وهو السبب في البطئ وقطع الاتصال بالنت وعدم تحميل برامج الحمايه

طبقي الي في المشاركة هذه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

واذا قطع الاتصال .. حاولي تحملين الاداة من جهاز اخر وانقليها بفلاش للجهاز المصاب

دوت · 9 يونيو 2011

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

QuickScan Beta 32-bit v0.9.9.96
-------------------------------
تاريخ المسح: Wed Jun 08 22:10:42 2011
عنوان الحاسب: E825FE5E

C:\Documents and Settings\User\Application Data\Cvlyla.exe - hidden file!

تم العثور على 2 ملف مصاب
------------------------

C:\Documents and Settings\User\Application Data\Cvlyla.exe --> Gen:Trojan.Heur.JP.lu0@aqotXcpi
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Cvlyla"

C:\WINDOWS\aadrive32.exe --> Gen:Trojan.Heur.JP.iu0@a069Oyai
--> HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\"Microsoft Driver Setup"

البرامج
-------
CCleaner 1628 C:\Program Files\CCleaner\CCleaner.exe
Microsoft® Windows® Operating System 3596 C:\WINDOWS\system32\wbem\wmiprvse.exe
غير مسجل Internet Download Manager (IDM) 2000 C:\Program Files\Internet Download Manager\IDMan.exe

تم تفقده Motorola Roaming Client 1984 C:\Program Files\Motorola\Connection Manager\MotoCM.exe
تم تفقده AntiVir Desktop 1976 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
تم تفقده AntiVir Desktop 276 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
تم تفقده AntiVir Desktop 1232 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
تم تفقده AntiVir Desktop 1536 C:\Program Files\Avira\AntiVir Desktop\sched.exe
تم تفقده Google Chrome 4044 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 1368 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 1676 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 1780 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 1908 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 2260 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 3028 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده Google Chrome 3456 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
تم تفقده IEMonitor Application 2796 C:\Program Files\Internet Download Manager\IEMonitor.exe
تم تفقده Microsoft® Windows® Operating System 1804 C:\WINDOWS\explorer.exe
تم تفقده Microsoft® Windows® Operating System 2616 C:\WINDOWS\system32\alg.exe
تم تفقده Microsoft® Windows® Operating System 736 C:\WINDOWS\system32\csrss.exe
تم تفقده Microsoft® Windows® Operating System 1992 C:\WINDOWS\system32\ctfmon.exe
تم تفقده Microsoft® Windows® Operating System 816 C:\WINDOWS\system32\lsass.exe
تم تفقده Microsoft® Windows® Operating System 804 C:\WINDOWS\system32\services.exe
تم تفقده Microsoft® Windows® Operating System 676 C:\WINDOWS\system32\smss.exe
تم تفقده Microsoft® Windows® Operating System 1484 C:\WINDOWS\system32\spoolsv.exe
تم تفقده Microsoft® Windows® Operating System 1004 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1056 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1072 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1112 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1248 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1220 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 760 C:\WINDOWS\system32\winlogon.exe
تم تفقده Windows Live Communications Platform 1692 C:\Program Files\Windows Live\Contacts\wlcomm.exe
تم تفقده Windows Live Messenger 2012 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
تم تفقده Windows® Internet Explorer 1364 C:\Program Files\Internet Explorer\iexplore.exe
تم تفقده Windows® Internet Explorer 2704 C:\Program Files\Internet Explorer\iexplore.exe
تم تفقده Windows® Internet Explorer 1948 C:\Program Files\Internet Explorer\iexplore.exe

انشطة الشبكة
------------
البرنامج explorer.exe (1804) موصول على معبر 3800 --> 123.183.217.32
البرنامج iexplore.exe (1948) موصول على معبر 80 (HTTP) --> 209.62.68.168
البرنامج MotoCM.exe (1984) موصول على معبر 443 (HTTP over SSL) --> 207.67.226.111
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج IDMan.exe (2000) موصول على معبر 80 (HTTP) --> 74.55.215.156
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 174.123.104.75
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.17
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.17
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.85.149.166
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 174.123.104.75
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.85.149.166
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.18
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.18
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 88.221.217.16
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 69.59.20.28
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.212.144.149
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.85.149.113
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 178.63.10.174
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 69.59.20.28
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.212.144.149
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 69.59.20.28
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.212.144.149
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.212.144.149
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 66.220.158.25
البرنامج chrome.exe (3028) موصول على معبر 80 (HTTP) --> 209.85.149.166

البرنامج svchost.exe (1072) يستمع لمعبر: 135 (RPC)

الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
asdj22222askdhjasd C:\Documents and Settings\User\Application Data\Cvlyla.exe
One C:\WINDOWS\aadrive32.exe
غير مسجل Google Photos Screensaver C:\WINDOWS\system32\GPhotos.scr
غير مسجل Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe

تم تفقده Motorola Roaming Client C:\Program Files\Motorola\Connection Manager\MotoCM.exe
تم تفقده AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
تم تفقده Google Update C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
تم تفقده GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
تم تفقده Intel(R) Common User Interface C:\WINDOWS\system32\igfxdev.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
تم تفقده Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
تم تفقده TuneUp Utilities C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
تم تفقده Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
تم تفقده Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

وصلات المتصفح
-------------
غير مسجل Java(TM) Platform SE 6 U24 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

تم تفقده AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
تم تفقده Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
تم تفقده BitDefender QuickScan C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.96_0\npqscan.dll
تم تفقده Google Update C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
تم تفقده GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
تم تفقده Internet Download Manager Module C:\Program Files\Internet Download Manager\IDMIECC.dll
تم تفقده Java(TM) Platform SE 6 U24 C:\Program Files\Java\jre6\bin\jp2ssv.dll
تم تفقده Java(TM) Platform SE 6 U24 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
تم تفقده Messenger C:\Program Files\Messenger\msmsgs.exe
تم تفقده Microsoft® Windows Live Login Helper C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\System32\mswsock.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
تم تفقده NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
تم تفقده Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll
تم تفقده RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
تم تفقده RealPlayer Download and Record Plugin C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
تم تفقده RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
تم تفقده RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
تم تفقده Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
تم تفقده Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
تم تفقده Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll

الملفات الناقصة
---------------
الملف C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe غيرموجود
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Tnaww"
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Taskman"

مسح
---
MD5: f6dc73fc0a3055694e6d07ea3464ac2b C:\Documents and Settings\User\Application Data\Cvlyla.exe
MD5: c6e4eee8da73f25d6c5090ee4a0111c1 C:\Program Files\Avira\AntiVir Desktop\aecore.dll
MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
MD5: 99fc44836c9faa66d3dd7f6264c2996b C:\Program Files\Avira\AntiVir Desktop\aegen.dll
MD5: 3cd3f5187353323222ca64f55ce4a43d C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
MD5: 48099f3aaa0d5aad497b8317eb0543ae C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
MD5: 790089c290444a135daeae08c3b7fa24 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
MD5: 139634e65ef79ef7323837a93cf536ef C:\Program Files\Avira\AntiVir Desktop\aepack.dll
MD5: a0d0d6e981ccbd7f80f31531af0f26c0 C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
MD5: ea8d2dcbadb11928df166a5683d7b524 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
MD5: 864e4cec9f60c25a8a93ad3784da2e64 C:\Program Files\Avira\AntiVir Desktop\aescn.dll
MD5: a99cdae73fd41da37309a79934b2bd95 C:\Program Files\Avira\AntiVir Desktop\aescript.dll
MD5: dc4075c135ef78f6bc8674bb4c87e0b5 C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL
MD5: bf1e084c7907b6ed52c26f847e3b725b c:\program files\avira\antivir desktop\ccgen.dll
MD5: f05a5753c308425749b37acd39a5f760 c:\program files\avira\antivir desktop\ccgenrc.dll
MD5: a93a23d1d8922fe1e625d9884c275ff5 c:\program files\avira\antivir desktop\ccupdrc.dll
MD5: 7464c6694036b42ba237eb723a34d0f4 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
MD5: df647e973e714dabc7b57bf48f848836 C:\Program Files\CCleaner\CCleaner.exe
MD5: 50c4dd494cd4651054f1a64b0d7b951c C:\Program Files\CCleaner\lang\lang-1025.dll
MD5: f3075ef799801d290b169d43184e05bd C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: a7c4ddb4ad459d87c985abf8eca3ee0e C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.ARA
MD5: 6f2e3275f0815587c3f79effb6395c61 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 2ad2e831fb023915188008f5b3103f5b C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 065b2f67ebf71130e9126b161f3740dc C:\Program Files\Internet Explorer\xpshims.dll
MD5: 4ebb5b4dcabec18b29d01f9f607b0114 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 4ffbd864e5590e9fc69eb4912bde56cf C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll
MD5: 5a45430d95ae9888b3e83ec3d33e7355 C:\Program Files\Motorola\Connection Manager\AuthImpl.dll
MD5: 42f1c00f0d8a65b943e2ab9773c5dbdc C:\Program Files\Motorola\Connection Manager\CustomDiagDisplay.dll
MD5: 70e691146fdf9a6225618ef629beb466 C:\Program Files\Motorola\Connection Manager\Diagnostic.dll
MD5: ad4b890e917d028d326457f82bf5eba8 C:\Program Files\Motorola\Connection Manager\Eap.dll
MD5: d460338b6faf76108f3cd9da5d6198ed C:\Program Files\Motorola\Connection Manager\EngineeringDiagnostics.dll
MD5: f38f2e386e31fb6a07037731714e968d C:\Program Files\Motorola\Connection Manager\ethernet.dll
MD5: ba1e920ae2268ba6e23377fe987e21e6 C:\Program Files\Motorola\Connection Manager\EventMan.dll
MD5: 876c6fc8fc8c37337768c39df47fbbbd C:\Program Files\Motorola\Connection Manager\ExtendedTools.dll
MD5: f75751fd7141bd99802f48ee02dd2d1a C:\Program Files\Motorola\Connection Manager\FeatureMan.dll
MD5: e630c52dcafbbbb9b29ac433790a9a7b C:\Program Files\Motorola\Connection Manager\FileManager.dll
MD5: d10302d1c432be8c11d351a574ce2171 C:\Program Files\Motorola\Connection Manager\NdisHelper.dll
MD5: 0f444dc139da85783ed99caab6333615 C:\Program Files\Motorola\Connection Manager\Pac.dll
MD5: de008e7b8cb729d4a8f60092742c2f31 C:\Program Files\Motorola\Connection Manager\PanelFrmwrk.dll
MD5: fe6c2eb5c730d5a1e59ce1a8b2c021a7 C:\Program Files\Motorola\Connection Manager\PRCApiCli.dll
MD5: b508d7bc6770a179d8034eb547782054 C:\Program Files\Motorola\Connection Manager\PRCApiSrv.dll
MD5: d5a36e60352e37e86dc02f0fe87a975e C:\Program Files\Motorola\Connection Manager\ProcUtil.dll
MD5: 3e9ac6900b90c93956eeed5f72f0b5e4 C:\Program Files\Motorola\Connection Manager\Profile.dll
MD5: 8dc6a6115130294918690cbceb9def9f C:\Program Files\Motorola\Connection Manager\RcCommon.dll
MD5: 25d615f7be3f592f940a94af9252ed15 C:\Program Files\Motorola\Connection Manager\RcEngine.dll
MD5: bfae5dc2517c36997b381f0fee86dd32 C:\Program Files\Motorola\Connection Manager\RpcSrvApi.dll
MD5: 75ad023963387c6cae1aefbf4e600c92 C:\Program Files\Motorola\Connection Manager\RulesMgr.dll
MD5: 0ac341928763c60cb59495b7c729762c C:\Program Files\Motorola\Connection Manager\ScrtMan.dll
MD5: a98170b1846354a22d5228d46a1dc6a9 C:\Program Files\Motorola\Connection Manager\SkinManager.dll
MD5: 2af96e367578c7c337719f14fdc9a287 C:\Program Files\Motorola\Connection Manager\Smartkey.dll
MD5: 1b332b500ef0c9ee3c672fa53353cdff C:\Program Files\Motorola\Connection Manager\TextTranslator.dll
MD5: c47a4a393edd0f2462905238a8796b04 C:\Program Files\Motorola\Connection Manager\ToolBx.dll
MD5: 1239d3ee286931c044ad9d44903156a5 C:\Program Files\Motorola\Connection Manager\Update.dll
MD5: b7792f8c8f9821096dada65e0c5bc110 C:\Program Files\Motorola\Connection Manager\VPNManager.dll
MD5: 7439c8259f392a75d96bc37a57b1473c C:\Program Files\Motorola\Connection Manager\wifi.dll
MD5: 56397b3f7b8d96b6bd248a5cdb21e3f4 C:\Program Files\Motorola\Connection Manager\WiMaxCore.dll
MD5: 0cb6047251fd7cced1ff7e8ffcaf0761 C:\Program Files\Motorola\Connection Manager\wimaxui.dll
MD5: 724ee0b4a6049e63d6151482dd42bb65 C:\WINDOWS\aadrive32.exe
MD5: 4509e05c87b0772ddab4c26daaabc672 C:\WINDOWS\system32\GPhotos.scr
MD5: 254ca8f8b2a387cd59e659991e3e3dbd C:\WINDOWS\system32\iepeers.dll
MD5: 63f6826e5c59cb04c5835bf95bc87b52 C:\WINDOWS\system32\msfeeds.dll
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: 0ffae66e6d5b1c87cbd22d1f3b6079fd C:\WINDOWS\system32\wbem\wmiprvse.exe
MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL

يجب تحميل الملفات التالية ليتم فحصها:
C:\Documents and Settings\User\Application Data\Cvlyla.exe
C:\WINDOWS\aadrive32.exe

بدء التحميل - الملف 2
aadrive32.exe (133632)
Cvlyla.exe (180736)
سرعة التحميل - 5 KB/s
انتهاء التحميل - تم تحميل: 2 و فشل تحميل: 0

انتهاء المسح - تم الاتصال خلال 54 ثواني
الحجم الاجمالي - تم ارسال 0.31 ميجابايت و تم استقبال 0.34
تم مسح 658 ملف و برنامج - 76 ثواني

==============================================================================

دوت · 9 يونيو 2011

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

الان انسخ التقرير

k:

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 06/08/2011 at 11:02 PM

Application Version : 4.53.1000

Core Rules Database Version : 7238
Trace Rules Database Version: 5050

Scan type : Quick Scan
Total Scan Time : 00:13:24

Memory items scanned : 539
Memory threats detected : 0
Registry items scanned : 1556
Registry threats detected : 5
File items scanned : 3909
File threats detected : 11

Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[2].txt
C:\Documents and Settings\User\Cookies\user@content.yieldmanager[1].txt
C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Trojan.Agent/Gen
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Microsoft Driver Setup [ C:\WINDOWS\aadrive32.exe ]

Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Malware.Trace
HKU\S-1-5-21-1659004503-2146994641-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

دوت · 9 يونيو 2011

ملف باسم الجهاز شفته قلت اسألكم اش هذا؟!! موجود بالtemp

131 = "لا يمكن فتحه"
132 = "تحميل %s - %s %d و %s"
134 = "ينصح به"
135 = "المحاولة من جديد"
136 = "وصلات المتصفح"
137 = "الملفات المفتوحة تلقائياً و الحساسة"
138 = "%s %s تماثل"
139 = "الاعادة"
140 = "غير متوقع"
141 = "لا يمكن مسحهd"
143 = "تاريخ المسح: %s"
144 = "عنوان الحاسب: %X"
145 = "تحليل البرامج المفعلة"
146 = "فشل تحليل البرامج المفعلة"
148 = "البرنامج %s (%d)"
150 = "تحليل المناطق الحساسة"
151 = "لا يوجد شيء للمسح"
152 = "جاري مسح الجهاز"
153 = "مسح"
154 = "استخدام وكيل HTTP: %s"
155 = "الاتصال بالملقم"
156 = "لا يمكن الاتصال بملقم برنامج المسح السريع"
157 = "تحليل الملفات الممسوحة"
158 = "يجب تحميل الملفات التالية ليتم فحصها"
159 = "تم الغاء التحميل بواسطة المستخدم"
160 = "لم يتم تحميل اي ملف"
161 = "الملف %d"
162 = "تحميل الملفات"
163 = "فشل عملية التحميل"
166 = "سرعة التحميل"
167 = "تم تحميل: %d و فشل تحميل: %d"
168 = "انتهاء التحميل"
169 = "انتهى التحميل تقريباً"
170 = "تم العثور على ملف مصاب"
171 = "تم العثور على %d ملف مصاب"
172 = "فشل عملية تحميل %d ملف! الرجاء المحاولة من جديد"
173 = "لم يتم العثور على عدوى"
174 = "فشل عملية التحميل! خطأ %d"
175 = "فشل عملية التحميل! %d"
178 = "تم الاتصال خلال %d ثواني"
179 = "انتهاء المسح"
180 = "الحجم الاجمالي"
181 = "تم مسح %d ملف و برنامج"
182 = "بدء التحميل"
183 = "تم ارسال %.2f ميجابايت و تم استقبال %.2f"
189 = "مصاب بالعدوى %s"
190 = "يقوم بمراقبة برامجك"
191 = "الملفات الناقصة"
192 = "الملف %s غيرموجود"
193 = " مرتبط ب: %s"
194 = "يقوم بتشغيل"
195 = "برنامج خفي!"
197 = "البرامج"
198 = "تم تفقده"
199 = "غير مسجل"
230 = "%d ثواني"
231 = "ثانية واحدة"
235 = "الملفات المحملة نظيفة"
241 = "تنبيه: لا تملك الحقوق الادارية اللازمة للقيام بالعملية. الرجاء تفعيل البرنامج كمسؤول"
242 = "تنبيه: سيتم مسح البرامج ذات 32 بت"
243 = "انشطة الشبكة"
244 = "موصول على معبر"
245 = "يستمع لمعبر"
250 = "فشل عملية التوثيق"
251 = "وصلة برنامج المسح السريع قديمة"
252 = "فشل عملية الاتصال"
253 = "انتهت صلاحية كود التوثيق"
254 = "الغاء بواسطة المستخدم"
255 = "hidden registry key!"
256 = "hidden registry value!"
257 = "hidden file!"

دوت · 10 يونيو 2011

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 06/09/2011 at 00:57 AM

Application Version : 4.53.1000

Core Rules Database Version : 7238
Trace Rules Database Version: 5050

Scan type : Complete Scan
Total Scan Time : 00:32:24

Memory items scanned : 485
Memory threats detected : 0
Registry items scanned : 6667
Registry threats detected : 4
File items scanned : 11478
File threats detected : 12

Trojan.Agent/Gen-Injector
[Microsoft Driver Setup] C:\WINDOWS\AADRIVE32.EXE
C:\WINDOWS\AADRIVE32.EXE
[Microsoft Driver Setup] C:\WINDOWS\AADRIVE32.EXE
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\2.TMP
C:\WINDOWS\Prefetch\2.TMP-3063B4E1.pf
C:\WINDOWS\Prefetch\AADRIVE32.EXE-2A1BFF9A.pf

Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@atdmt[2].txt
C:\Documents and Settings\User\Cookies\user@atdmt.combing[2].txt
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Trojan.Agent/Gen
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Microsoft Driver Setup [ C:\WINDOWS\aadrive32.exe ]

Malware.Trace
HKU\S-1-5-21-1659004503-2146994641-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

دوت · 10 يونيو 2011

[/url][/IMG]

ساعدوني تعبت:getsmile.tmp0014924

دوت · 10 يونيو 2011

فووووووووووووووووووووووووق

علي همر · 10 يونيو 2011

اعملي هذي المشاركة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 10 يونيو 2011

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 06/09/2011 at 09:28 PM
Application Version : 4.53.1000
Core Rules Database Version : 7241
Trace Rules Database Version: 5053
Scan type : Complete Scan
Total Scan Time : 00:24:05
Memory items scanned : 291
Memory threats detected : 0
Registry items scanned : 6295
Registry threats detected : 1
File items scanned : 11415
File threats detected : 52
Trojan.Agent/Gen-Faldesc
[Microsoft Driver Setup] C:\WINDOWS\AADRIVE32.EXE
C:\WINDOWS\AADRIVE32.EXE
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\15.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\224.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\225.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\4.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\51.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\6B.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\7.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\8A.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\8C.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\9.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\AA.TMP
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\AC.TMP
C:\SYSTEM VOLUME INFORMATION\_RESTORE{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP28\A0008739.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP28\A0008749.EXE
C:\WINDOWS\Prefetch\15.TMP-02EC0B5E.pf
C:\WINDOWS\Prefetch\4.TMP-1B30656F.pf
C:\WINDOWS\Prefetch\51.TMP-1A3F72F4.pf
C:\WINDOWS\Prefetch\6B.TMP-0AA4E964.pf
C:\WINDOWS\Prefetch\7.TMP-042DDA36.pf
C:\WINDOWS\Prefetch\8A.TMP-35DAB87B.pf
C:\WINDOWS\Prefetch\8C.TMP-20A76909.pf
C:\WINDOWS\Prefetch\9.TMP-2A9554CB.pf
C:\WINDOWS\Prefetch\AA.TMP-00310250.pf
C:\WINDOWS\Prefetch\AADRIVE32.EXE-2A1BFF9A.pf
C:\WINDOWS\Prefetch\AC.TMP-156451C2.pf
Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.wsod[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[2].txt
C:\Documents and Settings\User\Cookies\user@atdmt.combing[2].txt
C:\Documents and Settings\User\Cookies\user@atdmt[1].txt
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
Trojan.Agent/Gen-Falint
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\1J9LSATV\0[1].EXE
C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\U7C01ICB\0[1].EXE
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\CVLYLA.EXE
C:\DOCUMENTS AND SETTINGS\USER\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\QN9C4319\7CHBQEENN[1].EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP29\A0009816.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{883E0124-86A3-4FD7-8548-FB7A5211C2C1}\RP29\A0009817.EXE
C:\WINDOWS\SYSTEM32\48.EXE
C:\WINDOWS\SYSTEM32\63.EXE
C:\WINDOWS\SYSTEM32\72.EXE
C:\WINDOWS\Prefetch\72.EXE-1BFE0D1E.pf
C:\WINDOWS\Prefetch\CVLYLA.EXE-01BF31E0.pf
Trojan.Agent/Gen-Injector
C:\DOCUMENTS AND SETTINGS\USER\APPLICATION DATA\1E4.TMP
C:\WINDOWS\Prefetch\1E4.TMP-3828ADA1.pf

ابشر سويتها وراح اسويها ثاني

علي همر · 10 يونيو 2011

هذا الفحص اخي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 10 يونيو 2011

************' Anti-Malware 1.51.0.1200

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705
Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702
09/06/2011 10:51:21 م
mbam-log-2011-06-09 (22-51-15).txt
Scan type: Full scan (C:\|)
Objects scanned: 189968
Time elapsed: 9 minute(s), 10 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\1XJRKNA7\x[1] (Malware.Packer.Krunchy) -> No action taken.
c:\documents and settings\User\application data\16.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\1E3.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\223.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\3.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\6.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\6C.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\AB.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\User\application data\B.tmp (Trojan.Agent.Gen) -> No action taken.
c:\WINDOWS\system32\x.exe (Backdoor.Bot) -> No action taken.

علي همر · 10 يونيو 2011

طبق هذي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 11 يونيو 2011

نزلته وخفف المشاكل لكن مازالت المشكله

************' Anti-Malware 1.51.0.1200

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/06/2011 05:01:05 ص
mbam-log-2011-06-10 (05-00-58).txt

Scan type: Full scan (C:\|)
Objects scanned: 190512
Time elapsed: 31 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SHELL (Worm.AutoRun) -> Value: SHELL -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SHELL (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe,EXPLORER.EXE) Good: (Explorer.exe) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\User\my documents\downloads\TFC.exe (Trojan.Dropper.PGen) -> No action taken.

الخفـوق · 11 يونيو 2011

اختي عملتي ازاله
بعد ماعملتي فحص المالوير ؟

لان حسب التقرير .... امرين /

انك ماضغطتي حذف
او
المالوير ماقدر يزيل الاصابه

دوت · 11 يونيو 2011

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/06/2011 05:02:25 ص
mbam-log-2011-06-10 (05-02-25).txt

Scan type: Full scan (C:\|)
Objects scanned: 190512
Time elapsed: 31 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SHELL (Worm.AutoRun) -> Value: SHELL -> Delete on reboot.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SHELL (Hijack.Shell) -> Bad: (explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe,EXPLORER.EXE) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\User\my documents\downloads\TFC.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.

عملت لكن كل مافتحت النت او سويت اعادة تشغيل للجهاز

يطلعولي ثاني

تعبت

الخفـوق · 11 يونيو 2011

جهازك محقون
يعني لما تنظفي الجهاز وترجعي تضغطي نفس الايقونات
ترجع الاصابه

...

الاكسبلورر محقون
بدليل تقولين لما تشبكي ع النت ترجع الاصابه

طبقي اللي هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دوت · 11 يونيو 2011

QuickScan Beta 32-bit v0.9.9.96
-------------------------------
Scan date: Fri Jun 10 17:52:41 2011
Machine ID: E825FE5E

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Cvlyla" - hidden registry value!
--> C:\Documents and Settings\User\Application Data\Cvlyla.exeC:\Documents and Settings\User\Application Data\Cvlyla.exe - hidden file!

Found 1 infected file!
----------------------

C:\Documents and Settings\User\Application Data\Cvlyla.exe --> Trojan.Generic.KDV.248908
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Cvlyla"

Processes
---------
************' Anti-Malware 3492 C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\mbam.exe
(unsigned) Internet Download Manager (IDM) 364 C:\Program Files\Internet Download Manager\IDMan.exe

(verified) Motorola Roaming Client 260 C:\Program Files\Motorola\Connection Manager\MotoCM.exe
(verified) AntiVir Desktop 256 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(verified) AntiVir Desktop 564 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(verified) AntiVir Desktop 788 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(verified) AntiVir Desktop 1720 C:\Program Files\Avira\AntiVir Desktop\sched.exe
(verified) Google Chrome 232 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 3268 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 4080 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 536 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 540 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 640 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 2132 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 2772 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 2920 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 3248 C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(verified) IEMonitor Application 2536 C:\Program Files\Internet Download Manager\IEMonitor.exe
(verified) Microsoft® Windows® Operating System 1996 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 2348 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 900 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 276 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 980 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 968 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 832 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 3664 C:\WINDOWS\system32\spoolsv.exe
(verified) Microsoft® Windows® Operating System 736 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1260 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1400 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1428 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1176 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1220 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 924 C:\WINDOWS\system32\winlogon.exe
(verified) Microsoft® Windows® Operating System 2460 C:\WINDOWS\system32\wscntfy.exe
(verified) Windows Live Communications Platform 2068 C:\Program Files\Windows Live\Contacts\wlcomm.exe
(verified) Windows Live Messenger 356 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

Network activity
----------------
Process msnmsgr.exe (356) connected on port 1863 (MSN) --> 64.4.61.203
Process explorer.exe (1996) connected on port 3800 --> 59.53.91.168
Process explorer.exe (1996) connected on port 3321 --> 209.200.50.90
Process chrome.exe (3268) connected on port 80 (HTTP) --> 64.4.34.225
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.17
Process chrome.exe (3268) connected on port 80 (HTTP) --> 87.242.75.215
Process chrome.exe (3268) connected on port 80 (HTTP) --> 66.220.153.11
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.17
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.17
Process chrome.exe (3268) connected on port 80 (HTTP) --> 209.85.148.157
Process chrome.exe (3268) connected on port 80 (HTTP) --> 174.123.104.75
Process chrome.exe (3268) connected on port 80 (HTTP) --> 174.123.104.75
Process chrome.exe (3268) connected on port 80 (HTTP) --> 69.59.20.28
Process chrome.exe (3268) connected on port 80 (HTTP) --> 174.123.104.75
Process chrome.exe (3268) connected on port 80 (HTTP) --> 174.123.104.75
Process chrome.exe (3268) connected on port 80 (HTTP) --> 174.123.104.75
Process chrome.exe (3268) connected on port 80 (HTTP) --> 209.85.148.101
Process chrome.exe (3268) connected on port 80 (HTTP) --> 209.85.148.101
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.16
Process chrome.exe (3268) connected on port 80 (HTTP) --> 69.59.20.28
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.17
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.16
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.16
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.65
Process chrome.exe (3268) connected on port 80 (HTTP) --> 69.59.20.28
Process chrome.exe (3268) connected on port 80 (HTTP) --> 88.221.217.16

Process svchost.exe (1220) listens on ports: 135 (RPC)

Autoruns and critical files
---------------------------
Cvlyla.exe C:\Documents and Settings\User\Application Data\Cvlyla.exe
fweasdvg3ew C:\WINDOWS\aadrive32.exe
(unsigned) Google Photos Screensaver C:\WINDOWS\system32\GPhotos.scr
(unsigned) Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe

(verified) Motorola Roaming Client C:\Program Files\Motorola\Connection Manager\MotoCM.exe
(verified) AntiVir Desktop C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(verified) Google Update C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(verified) GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
(verified) Intel(R) Common User Interface C:\WINDOWS\system32\igfxdev.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
(verified) SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
(verified) SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
(verified) TuneUp Utilities C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
(verified) Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

Browser plugins
---------------
(unsigned) Java(TM) Platform SE 6 U24 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

(verified) AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
(verified) Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
(verified) BitDefender QuickScan C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.96_0\npqscan.dll
(verified) Google Update C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.57\npGoogleUpdate3.dll
(verified) GrooveShellExtensions Module C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
(verified) Internet Download Manager Module C:\Program Files\Internet Download Manager\IDMIECC.dll
(verified) Java(TM) Platform SE 6 U24 c:\program files\java\jre6\bin\jp2ssv.dll
(verified) Java(TM) Platform SE 6 U24 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verified) Messenger C:\Program Files\Messenger\msmsgs.exe
(verified) Microsoft® Windows Live Login Helper c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\mswsock.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
(verified) NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
(verified) Picasa C:\Program Files\Google\Picasa3\npPicasa3.dll
(verified) RealJukebox NS Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
(verified) RealPlayer Download and Record Plugin c:\program files\real\realplayer\rpbrowserrecordplugin.dll
(verified) RealPlayer Version Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
(verified) RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
(verified) Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
(verified) Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
(verified) Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

Missing files
-------------
File not found: c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Taskman"

Scan
----
MD5: 9c4b76fd75de97588c51efc7f9d2b5c3 C:\Documents and Settings\User\Application Data\Cvlyla.exe
MD5: ec60491a5ff57700f10fe0403f7dcad4 C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\\mbamservice.exe
MD5: 0b85e5d913d862e57abb4f9721b14d74 C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\mbam.dll
MD5: 2487c45b64790fc210547919f18fac71 C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\mbam.exe
MD5: 7a4adf8b2bafcef61e4c1e55bf1a3f82 C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\mbamcore.dll
MD5: 84271ba3b94323704f00730b7e6caeef C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\mbamnet.dll
MD5: f039eee3c8914e3127b2e2161480ef0a C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\ssubtmr6.dll
MD5: 3474b49a2d186172d3002a71b12ed4ea C:\Documents and Settings\User\Local Settings\Temp\zxu3\files\vbalsgrid6.ocx
MD5: c6e4eee8da73f25d6c5090ee4a0111c1 C:\Program Files\Avira\AntiVir Desktop\aecore.dll
MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
MD5: 99fc44836c9faa66d3dd7f6264c2996b C:\Program Files\Avira\AntiVir Desktop\aegen.dll
MD5: 3cd3f5187353323222ca64f55ce4a43d C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
MD5: 19f76465c9c2edac6ba48de70a7cf391 C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
MD5: 790089c290444a135daeae08c3b7fa24 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
MD5: 139634e65ef79ef7323837a93cf536ef C:\Program Files\Avira\AntiVir Desktop\aepack.dll
MD5: a0d0d6e981ccbd7f80f31531af0f26c0 C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
MD5: ea8d2dcbadb11928df166a5683d7b524 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
MD5: 864e4cec9f60c25a8a93ad3784da2e64 C:\Program Files\Avira\AntiVir Desktop\aescn.dll
MD5: a99cdae73fd41da37309a79934b2bd95 C:\Program Files\Avira\AntiVir Desktop\aescript.dll
MD5: dc4075c135ef78f6bc8674bb4c87e0b5 C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL
MD5: bf1e084c7907b6ed52c26f847e3b725b c:\program files\avira\antivir desktop\ccgen.dll
MD5: f05a5753c308425749b37acd39a5f760 c:\program files\avira\antivir desktop\ccgenrc.dll
MD5: a93a23d1d8922fe1e625d9884c275ff5 c:\program files\avira\antivir desktop\ccupdrc.dll
MD5: 7464c6694036b42ba237eb723a34d0f4 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
MD5: a7c4ddb4ad459d87c985abf8eca3ee0e C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.ARA
MD5: 6f2e3275f0815587c3f79effb6395c61 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 4ebb5b4dcabec18b29d01f9f607b0114 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 4ffbd864e5590e9fc69eb4912bde56cf C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes.dll
MD5: 5a45430d95ae9888b3e83ec3d33e7355 C:\Program Files\Motorola\Connection Manager\AuthImpl.dll
MD5: 42f1c00f0d8a65b943e2ab9773c5dbdc C:\Program Files\Motorola\Connection Manager\CustomDiagDisplay.dll
MD5: 70e691146fdf9a6225618ef629beb466 C:\Program Files\Motorola\Connection Manager\Diagnostic.dll
MD5: ad4b890e917d028d326457f82bf5eba8 C:\Program Files\Motorola\Connection Manager\Eap.dll
MD5: d460338b6faf76108f3cd9da5d6198ed C:\Program Files\Motorola\Connection Manager\EngineeringDiagnostics.dll
MD5: f38f2e386e31fb6a07037731714e968d C:\Program Files\Motorola\Connection Manager\ethernet.dll
MD5: ba1e920ae2268ba6e23377fe987e21e6 C:\Program Files\Motorola\Connection Manager\EventMan.dll
MD5: 876c6fc8fc8c37337768c39df47fbbbd C:\Program Files\Motorola\Connection Manager\ExtendedTools.dll
MD5: f75751fd7141bd99802f48ee02dd2d1a C:\Program Files\Motorola\Connection Manager\FeatureMan.dll
MD5: e630c52dcafbbbb9b29ac433790a9a7b C:\Program Files\Motorola\Connection Manager\FileManager.dll
MD5: d10302d1c432be8c11d351a574ce2171 C:\Program Files\Motorola\Connection Manager\NdisHelper.dll
MD5: 0f444dc139da85783ed99caab6333615 C:\Program Files\Motorola\Connection Manager\Pac.dll
MD5: de008e7b8cb729d4a8f60092742c2f31 C:\Program Files\Motorola\Connection Manager\PanelFrmwrk.dll
MD5: fe6c2eb5c730d5a1e59ce1a8b2c021a7 C:\Program Files\Motorola\Connection Manager\PRCApiCli.dll
MD5: b508d7bc6770a179d8034eb547782054 C:\Program Files\Motorola\Connection Manager\PRCApiSrv.dll
MD5: d5a36e60352e37e86dc02f0fe87a975e C:\Program Files\Motorola\Connection Manager\ProcUtil.dll
MD5: 3e9ac6900b90c93956eeed5f72f0b5e4 C:\Program Files\Motorola\Connection Manager\Profile.dll
MD5: 8dc6a6115130294918690cbceb9def9f C:\Program Files\Motorola\Connection Manager\RcCommon.dll
MD5: 25d615f7be3f592f940a94af9252ed15 C:\Program Files\Motorola\Connection Manager\RcEngine.dll
MD5: bfae5dc2517c36997b381f0fee86dd32 C:\Program Files\Motorola\Connection Manager\RpcSrvApi.dll
MD5: 75ad023963387c6cae1aefbf4e600c92 C:\Program Files\Motorola\Connection Manager\RulesMgr.dll
MD5: 0ac341928763c60cb59495b7c729762c C:\Program Files\Motorola\Connection Manager\ScrtMan.dll
MD5: a98170b1846354a22d5228d46a1dc6a9 C:\Program Files\Motorola\Connection Manager\SkinManager.dll
MD5: 2af96e367578c7c337719f14fdc9a287 C:\Program Files\Motorola\Connection Manager\Smartkey.dll
MD5: 1b332b500ef0c9ee3c672fa53353cdff C:\Program Files\Motorola\Connection Manager\TextTranslator.dll
MD5: c47a4a393edd0f2462905238a8796b04 C:\Program Files\Motorola\Connection Manager\ToolBx.dll
MD5: 1239d3ee286931c044ad9d44903156a5 C:\Program Files\Motorola\Connection Manager\Update.dll
MD5: b7792f8c8f9821096dada65e0c5bc110 C:\Program Files\Motorola\Connection Manager\VPNManager.dll
MD5: 7439c8259f392a75d96bc37a57b1473c C:\Program Files\Motorola\Connection Manager\wifi.dll
MD5: 56397b3f7b8d96b6bd248a5cdb21e3f4 C:\Program Files\Motorola\Connection Manager\WiMaxCore.dll
MD5: 0cb6047251fd7cced1ff7e8ffcaf0761 C:\Program Files\Motorola\Connection Manager\wimaxui.dll
MD5: d0931c71b6204817b54e56089a484cb9 C:\Program Files\TuneUp Utilities 2009\DseShExt-x86.dll
MD5: 5c75bbd5c2eb2285f25a2aa122dcc4b3 C:\WINDOWS\aadrive32.exe
MD5: 9a2d686c89acc36e3aa7cde3d1c45c1a C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
MD5: f4fb024a16acba4aaa40c8a8855aede5 C:\WINDOWS\system32\asycfilt.dll
MD5: b309912717c29fc67e1ba4730a82b6dd C:\WINDOWS\system32\drivers\mbamswissarmy.sys
MD5: 4509e05c87b0772ddab4c26daaabc672 C:\WINDOWS\system32\GPhotos.scr
MD5: 69ebc151ec67f0cd124e5fe318c4940e C:\WINDOWS\system32\jvloxj.exe
MD5: 64b33cc5bf131def2721394cf9b3f8ed C:\WINDOWS\system32\MSVBVM60.DLL
MD5: 94b26802af755849ab0c4359235e881d C:\WINDOWS\system32\sendmail.dll
MD5: e5edbd51476db5001abf5c82ae5c3dd1 C:\WINDOWS\system32\shgina.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: cf67398187509454b917f35b5a6cc2a3 C:\WINDOWS\system32\vbame.dll
MD5: bf67ac2c1f41be892b98e9b8e91c0cb8 C:\WINDOWS\system32\wiashext.dll
MD5: 723ccb70bb35576b5e64ebe7bb479802 C:\WINDOWS\system32\wmp.dll
MD5: 3f8e3dcc2303a8b683d65895b1438bf2 C:\WINDOWS\system32\wmploc.dll
MD5: 4928ab3a304ddf05c354de3807a4a66b C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL

The following file(s) must be uploaded for server-side scanning:
C:\WINDOWS\system32\jvloxj.exe

Upload started - 1 file(s)
jvloxj.exe (174592)
Upload speed - 6 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 29 sec
Total traffic - 0.17 MB sent, 0.34 KB recvd
Scanned 670 files and modules - 63 seconds

==============================================================================

************' Anti-Malware 1.51.0.1200

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/06/2011 06:00:41 م
mbam-log-2011-06-10 (18-00-41).txt

Scan type: Full scan (C:\|)
Objects scanned: 190611
Time elapsed: 29 minute(s), 12 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
c:\WINDOWS\aadrive32.exe (Trojan.Agent.Gen) -> 3016 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup (Trojan.Agent.Gen) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft Driver Setup (Trojan.Agent.Gen) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\aadrive32.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\User\application data\56.tmp (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

دوت · 11 يونيو 2011

************' Anti-Malware 1.51.0.1200

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

10/06/2011 07:41:11 م
mbam-log-2011-06-10 (19-41-11).txt

Scan type: Full scan (C:\|)
Objects scanned: 189247
Time elapsed: 10 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup (Trojan.Agent.Gen) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft Driver Setup (Trojan.Agent.Gen) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\aadrive32.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\User\application data\3.tmp (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\User\application data\64.tmp (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

زيزوومي نشيط

زيزوومى فضى

زيزوومي نشيط

لا إله إلا الله

توقيع : protection

زيزوومي نشيط

زيزوومي نشيط

زيزوومي نشيط

زيزوومي نشيط

زيزوومي نشيط

زيزوومي نشيط

زيزوومى فضى

توقيع : علي همر

زيزوومي نشيط

زيزوومى فضى

توقيع : علي همر

زيزوومي نشيط

زيزوومى فضى

توقيع : علي همر

زيزوومي نشيط

خبراء تحليل ملفات

توقيع : الخفـوق

زيزوومي نشيط

خبراء تحليل ملفات

توقيع : الخفـوق

زيزوومي نشيط

زيزوومي نشيط