برنآمج RelevantKnowledge

  • بادئ الموضوع بادئ الموضوع برنسسو
  • تاريخ البدء تاريخ البدء
  • المشاهدات 7,982
برنسسو

برنسسو

زيزوومى فعال
إنضم
30 نوفمبر 2010
المشاركات
247
مستوى التفاعل
25
النقاط
340
غير متصل
السلآم عليكم ورحمه الله ..

عندي مشكله ..

اليوم تثبت برنامج بدون ماثبته هو طلع كذا فجآءه من ظمن قائمة البرآمج ..

وياليت تعطوني معلومه عنه اذا فايروس او مآشابه ..

وطريقه حذفه ..

وهذا اسمة .. RelevantKnowledge


cdfb47d7cf8a0d7552b058b1a3806f21.jpg



وبس ولكم خالص التحآيآ
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام

اختي هذا فايروس لا تفتحينه

حمل الاداة من هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعمل تقرير هايجاك + قائمة البرامج المثبتة

------------------

3b3ce221851b60a78bfa55cbd704e323.jpg
 
توقيع : YHYA -KSA
تأييد 0
====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3

====== قائمة البرامج المثبتة ======
2Shared Toolbar
Acoustica MP3 Audio Mixer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS
Adobe Reader 9.3
Alien Skin Xenofex 2.0
Alien Skin Xenofex 2.0 Demo
Any Audio Converter 2.0.5
Any Video Converter 2.7.8
AppServ 2.5.9 (remove only)
Ashampoo Burning Studio 9.21
Ask.com Search Assistant 1.0.2
AutocompletePro
Babylon toolbar
BitComet 0.98
Chit Chat Toolbar v4.4
Conduit Engine
COWON Media Center - jetAudio Basic VX
Eye Candy 4000
FlashFXP v4.0
FormatFactory 2.20
GOM Player
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HotSpot International Toolbar
Hotspot Shield 2.04
Hotspot_Shield Toolbar
Internet Download Manager
iVocalize Web Conference 4
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) SE Runtime Environment 6 Update 1
Kaspersky Internet Security 2012
Kaspersky Internet Security 2012
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Messenger Plus! 5
Messenger Plus! Live
Messenger_Plus_Live Toolbar
Messenger_Plus_Live_Saudi_Arabia Toolbar
MessengerDiscovery 3.0.150
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ARA
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ARA
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 Language Pack - ARA
Microsoft .NET Framework 3.5 Language Pack - ara
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Expression Web 2
Microsoft Expression Web 2
Microsoft Expression Web 2 MUI (English)
Microsoft Office 2003 Arabic User Interface Pack
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 4.0.1 (x86 ar)
MpcStar 4.1
MSVCRT
MyAshampoo Toolbar
pdfFactory Pro
Picasa 3
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
RelevantKnowledge
Search Toolbar
Segoe UI
SWiSHmax
TeamViewer 6
Topaz DeNoise 5
Topaz Vivacity
WampServer 2.0
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Internet Explorer 8 Multilingual User Interface (MUI)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
أداة التحميل Windows Live Upload Tool
محول الصوتيات 5.9
مساعد تسجيل الدخول إلى Windows Live
 
تأييد 0
باقي هايجاك
 
توقيع : YHYA -KSA
تأييد 0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:40:00 PM, on 6/30/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Microsoft Help\MsHelpCenter.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\program files\relevantknowledge\rlvknlg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitComet\tools\CometBrowser.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.76.68.205:8080
R3 - URLSearchHook: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
R3 - URLSearchHook: YTNavAssist.YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O2 - BHO: HotSpot International - {0002ee26-8c11-49eb-9cdf-56eeffef664f} - C:\Program Files\HotSpot_International\prxtbHot0.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: ??C?I E???? C?II?? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Messenger Plus Live - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\prxtbMes2.dll
O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O2 - BHO: Messenger Plus Live Saudi Arabia - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\prxtbMes2.dll
O2 - BHO: MyAshampoo - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: 2Shared - {ef468e5b-5b30-4136-a833-7f2e3a31afdf} - C:\Program Files\2Shared\prxtb2Sh2.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\prxtbMes2.dll
O3 - Toolbar: Messenger Plus Live Saudi Arabia Toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\prxtbMes2.dll
O3 - Toolbar: 2Shared Toolbar - {ef468e5b-5b30-4136-a833-7f2e3a31afdf} - C:\Program Files\2Shared\prxtb2Sh2.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: HotSpot International Toolbar - {0002ee26-8c11-49eb-9cdf-56eeffef664f} - C:\Program Files\HotSpot_International\prxtbHot0.dll
O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O3 - Toolbar: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\QTSystem\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [************' Anti-Malware (reboot)] "C:\Documents and Settings\N\Local Settings\Temp\zxq1\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Login Spoofer] C:\Documents and Settings\N\Desktop\Login Spoofer\Login Spoofer.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: إضافة إلى مانع الإعلانات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\WEB2~1\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {64E89DC6-8EB8-4459-82AE-408E18BB831B} (BMCCtl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504780} (BMC Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {8246AC2B-4733-4964-A744-4BE60C6731D4} (IMS Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: pdfFactory Pro Dispatcher v3 - FinePrint Software, LLC - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 15745 bytes
 
تأييد 0
احذفي القيم التاليه وسكري جميع المتصفحات والبرامج من جنب الساعه هاااااام َ

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 212.76.68.205:8080


R3 - URLSearchHook: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll


R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll


R3 - URLSearchHook: YTNavAssist.YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTNavAs sist.dll


R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll


O2 - BHO: HotSpot International - {0002ee26-8c11-49eb-9cdf-56eeffef664f} - C:\Program Files\HotSpot_International\prxtbHot0.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll


O2 - BHO: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll


O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll


O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\B abylonToolbar.dll


O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll


O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll


O2 - BHO: Messenger Plus Live - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\prxtbMes2.dll


O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll


O2 - BHO: Messenger Plus Live Saudi Arabia - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\prxtbMes2.d ll


O2 - BHO: MyAshampoo - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll


O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll


O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\s wg.dll


O2 - BHO: 2Shared - {ef468e5b-5b30-4136-a833-7f2e3a31afdf} - C:\Program Files\2Shared\prxtb2Sh2.dll


O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files\Messenger_Plus_Live\prxtbMes2.dll


O3 - Toolbar: Messenger Plus Live Saudi Arabia Toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\prxtbMes2.d ll


O3 - Toolbar: 2Shared Toolbar - {ef468e5b-5b30-4136-a833-7f2e3a31afdf} - C:\Program Files\2Shared\prxtb2Sh2.dll


O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll


O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\No1 Video Converter\msdxm.ocx


O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\Baby lonToolbarTlbr.dll


O3 - Toolbar: HotSpot International Toolbar - {0002ee26-8c11-49eb-9cdf-56eeffef664f} - C:\Program Files\HotSpot_International\prxtbHot0.dll


O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll


O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\prxtbMyA0.dll


O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll


O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll


O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll


O3 - Toolbar: Chit Chat Toolbar - {0B3240B3-5115-42A3-B043-B8824998DC4A} - C:\Program Files\Chit Chat Toolbar\IE\4.4\chitchatToolbarIE.dll


O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"


O4 - HKLM\..\Run: [RelevantKnowledge] C:\program files\relevantknowledge\rlvknlg.exe -boot


O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : YHYA -KSA
تأييد 0
اخوي ماعرفت احمل البرنامج من مركز التحميل
 
تأييد 0
ايوه اخترت رابط بديل وجاري التحميل
 
تأييد 0
مررا طوول الفحص من الساعه 11 ونص :(

وللحين ماخلص
 
تأييد 0
خليه يفحص الجهاز يطلع .. هههههه الصراصير هههههه .. امزح الفايروسات:u:
 
توقيع : YHYA -KSA
تأييد 0
هههههههههههههههههههههه

وش يطلعهم الباين للحين 7 والله يستر من اللي بيطلع بعد
 
تأييد 0
انتظري لين يخلصن:u:
 
توقيع : YHYA -KSA
تأييد 0
ططيب =(
 
تأييد 0
من امس مآنمت بسبب هالفايروس

وهذا التقرير 28 اصابه :(



************' Anti-Malware 1.51.0.1200
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 6705
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/1/2011 10:26:23 AM
mbam-log-2011-07-01 (10-26-21).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 302568
Time elapsed: 10 hour(s), 44 minute(s), 39 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 21
Memory Processes Infected:
c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> 3716 -> Unloaded process successfully.
Memory Modules Infected:
c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RelevantKnowledge (Adware.RelevantKnowledge) -> Value: RelevantKnowledge -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
c:\program files\relevantknowledge (Spyware.MarketScore) -> Delete on reboot.
c:\documents and settings\all users\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
Files Infected:
c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.
c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> Delete on reboot.
c:\documents and settings\N\application data\thinstall\microsoft text-to-speech engine 4.0 (english)\4000005e00002i\vcmd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212823.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212824.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212825.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212826.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212827.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212831.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212833.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{1ff0ae54-8d01-4e42-b687-9066f28a2af6}\RP350\A0212828.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\nscf.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
 
تأييد 0
مازال الفحص جآري

ياويلي 32 تهديد ..
 
تأييد 0
انتظري بعد الانتهاااء ارجعي اعملي فحص مالوير بايت ~ٍ عشان ننتاكد وارفقي التقرير
 
توقيع : YHYA -KSA
تأييد 0
فحصته بالاداه SUPERAntiSpyware

وحذف وقال لازم اعاده التشغيل بس انتظرت التقرير ماطلع وماطلع برضو شئ بالسجل
ورجعت سويت له سكنر من جديد
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى