oscar_16
زيزوومى متألق
- إنضم
- 13 فبراير 2008
- المشاركات
- 351
- مستوى التفاعل
- 8
- النقاط
- 420
غير متصل
- بادئ الموضوع oscar_16
- تاريخ البدء
- 2,093
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
و عليكم السلام
أغلق كل البرامج و أعمل
أغلق كل البرامج و أعمل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
توقيع : SeCuRiTy-DZ
تأييد
0
oscar_16
زيزوومى متألق
- إنضم
- 13 فبراير 2008
- المشاركات
- 351
- مستوى التفاعل
- 8
- النقاط
- 420
غير متصل
Running processes:
C:\Program Files (x86)\TTMessenger\spool\PDFSaver.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WINRAR32] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [TTMessengerPDF] "C:\Program Files (x86)\TTMessenger\spool\PDFSaver.exe"
O4 - HKCU\..\Run: [TTMessenger] "C:\Program Files (x86)\TTMessenger\ttmessenger2.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WINRAR33] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [WINRAR32] %winrarr%
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECC371F5-CBE9-45A7-8C65-2B8A4C40E9D5}: NameServer = 62.240.110.197 62.240.110.198
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
C:\Program Files (x86)\TTMessenger\spool\PDFSaver.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WINRAR32] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [TTMessengerPDF] "C:\Program Files (x86)\TTMessenger\spool\PDFSaver.exe"
O4 - HKCU\..\Run: [TTMessenger] "C:\Program Files (x86)\TTMessenger\ttmessenger2.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WINRAR33] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [WINRAR32] %winrarr%
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECC371F5-CBE9-45A7-8C65-2B8A4C40E9D5}: NameServer = 62.240.110.197 62.240.110.198
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
توقيع : oscar_16
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
احذف هاذ القيمة
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
و قم بعمل
+
البرامج المثبــتة
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
و قم بعمل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
+
البرامج المثبــتة
توقيع : SeCuRiTy-DZ
تأييد
0
oscar_16
زيزوومى متألق
- إنضم
- 13 فبراير 2008
- المشاركات
- 351
- مستوى التفاعل
- 8
- النقاط
- 420
غير متصل
************' Anti-Malware 1.50.1.1100
Database version: 6777
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
05/06/2011 10:54:09 م
mbam-log-2011-06-05 (22-54-09).txt
Scan type: Full scan (C:\|)
Objects scanned: 233078
Time elapsed: 20 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XTREMERAT (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\Software\XtremeRAT\Mutex (Trojan.Agent) -> Value: Mutex -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Database version: 6777
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
05/06/2011 10:54:09 م
mbam-log-2011-06-05 (22-54-09).txt
Scan type: Full scan (C:\|)
Objects scanned: 233078
Time elapsed: 20 minute(s), 16 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XTREMERAT (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\Software\XtremeRAT\Mutex (Trojan.Agent) -> Value: Mutex -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
توقيع : oscar_16
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
مالوير بايت
ثم
ثم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
توقيع : SeCuRiTy-DZ
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
أخي اعمل المالوير بايت لأنو هناكـ اصابات,
و احتمال أنو هي اللي تعمل ضغط على البروسيسور, ثم نظف الجهاز
و بعدها هات تقرير هايجاكـ جديد
و احتمال أنو هي اللي تعمل ضغط على البروسيسور, ثم نظف الجهاز
و بعدها هات تقرير هايجاكـ جديد
توقيع : SeCuRiTy-DZ
تأييد
0
oscar_16
زيزوومى متألق
- إنضم
- 13 فبراير 2008
- المشاركات
- 351
- مستوى التفاعل
- 8
- النقاط
- 420
غير متصل
اتفضل اخى الكريم
بعد مع عملت المالوير بايت . تقارير هاى جاك
واسف جدا على الاطالة
Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WINRAR33] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [WINRAR32] %winrarr%
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECC371F5-CBE9-45A7-8C65-2B8A4C40E9D5}: NameServer = 62.240.110.197 62.240.110.198
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
بعد مع عملت المالوير بايت . تقارير هاى جاك
واسف جدا على الاطالة
Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\MuhaMMeD\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WINRAR33] C:\Windows\InstallDir\winrarr.exe
O4 - HKCU\..\Run: [WINRAR32] %winrarr%
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECC371F5-CBE9-45A7-8C65-2B8A4C40E9D5}: NameServer = 62.240.110.197 62.240.110.198
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
توقيع : oscar_16
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
أخي أغلب الظن أنها اضافة الفاير فوكس لتشغيل الفلاشات
جرب أطلق الفايرفوكس في في النسخة الآمنة [firefox safe mode]
تجدها في قائمة ابدء بجانب فاير فوكس العادي, لقد نسيت اسمها
و جرب ملاحظة البروسيسور ان كان عاد لطبيعته
جرب أطلق الفايرفوكس في في النسخة الآمنة [firefox safe mode]
تجدها في قائمة ابدء بجانب فاير فوكس العادي, لقد نسيت اسمها
و جرب ملاحظة البروسيسور ان كان عاد لطبيعته
توقيع : SeCuRiTy-DZ
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
:king:
..
لم يتعد 2 يعني المعالج كلو نشط بالمائة؟؟
أم أنو نقص الضغط 2 بالمئة فقط؟؟
اذا على الأرجــح أنو أحد إضافات الفايرفوكــش هي السبب
اذا اخي احذف أب شيء زدتــو للفاير فوكس [plugins]
..
لم يتعد 2 يعني المعالج كلو نشط بالمائة؟؟
أم أنو نقص الضغط 2 بالمئة فقط؟؟
اذا على الأرجــح أنو أحد إضافات الفايرفوكــش هي السبب
اذا اخي احذف أب شيء زدتــو للفاير فوكس [plugins]
توقيع : SeCuRiTy-DZ
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
اذا أخــي احذف الفايرفوكس ببرنامج حذف مثل your uninstaller
و نظف الجهاز و اعمل
و نزل نسخة جديدة من الفايرفوكــس و ثبتها
و أعطيــنا خبر هل تحسن الوضع
و نظف الجهاز و اعمل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
و نزل نسخة جديدة من الفايرفوكــس و ثبتها
و أعطيــنا خبر هل تحسن الوضع
توقيع : SeCuRiTy-DZ
تأييد
0
oscar_16
زيزوومى متألق
- إنضم
- 13 فبراير 2008
- المشاركات
- 351
- مستوى التفاعل
- 8
- النقاط
- 420
غير متصل
هههههههههه
حذتف الفاير فوكس من جزوره
طلعلى وينرار
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
توقيع : oscar_16
تأييد
0
SeCuRiTy-DZ
زيزوومى محترف
غير متصل
كل شيء يتصلح ان شاء الله:hh:
طيب أخــي أعمل
طيب أخــي أعمل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
توقيع : SeCuRiTy-DZ
تأييد
0