- بادئ الموضوع cava
- تاريخ البدء
- 3,836
تفضل
هايجاك :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:22 AM, on 5/6/2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\LiveZilla\LiveZilla.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Power Video Converter\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files\LiveZilla\LiveZilla.exe" -minimize
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [FileHunter Check for updates] C:\Documents and Settings\Y A S S E R\Application Data\FileHunter\update.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: 0iiduup.exe
O4 - Startup: 5ssijee.exe
O4 - Startup: 6uu6gg6.exe
O4 - Startup: 986ss0e.exe
O4 - Startup: dzpplbbxnn.exe
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Startup: fbww6ii6.exe
O4 - Startup: iduupggbss.exe
O4 - Startup: l0rnii6uu.exe
O4 - Startup: n0tpkk6ww.exe
O4 - Startup: neezqqlccxo.exe
O4 - Startup: oojaavmmhy.exe
O4 - Startup: pk1gccxooj.exe
O4 - Startup: ssneezqqlc.exe
O4 - Startup: vq1miiduup.exe
O4 - Startup: vrhhdttp.exe
O4 - Startup: xtjjfvvr.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8213 bytes
البرامج المثبتة :
====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 2
====== قائمة البرامج المثبتة ======
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader X (10.1.3)
Ask Toolbar
Babylon toolbar on IE
BatchInpaint 1.0
Carambis Driver Updater
CCleaner
Charles 3.6.5
Cheat Engine 6.1
Coupon Printer for Windows
Driver Magician Lite 3.7
Ela-Salaty
FormatFactory 1.85
Free YouTube to MP3 Converter version 3.10.6.727
Funmoods on IE and Chrome
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Deskjet 2050 J510 series Basic Device Software
HP Deskjet 2050 J510 series Help
HP Deskjet 2050 J510 series Product Improvement Study
HP Photo Creations
HP Update
I Want This
Inpaint 4.0
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
K-Lite Codec Pack 4.0.0 (Full)
LeapFTP
LiveZilla
LiveZilla
McAfee Security Scan Plus
Messenger Plus! 5
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office FrontPage 2003
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Notepad++
ProphecyMaster v1.1
ProxyShell Hide IP 4.0.1
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
RealUpgrade 1.1
Registry Mechanic
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Segoe UI
Sothink SWF Quicker
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VeryPDF PDF Editor v2.6
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinPcap 4.1.1
WinRAR archiver
WinZip 15.5
Yahoo! Messenger
Yahoo! Software Update
Your Uninstaller! 2010
Zend SafeGuard
رن سكنر :
Runscanner logfile
* = signed file
- = file not found
General info
------------
Computer name : YASSER
Creation time : 5/6/2012 4:59:20 AM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 6.0.2900.2180
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\WINDOWS
Running processes
-----------------
* C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
* C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
* C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
C:\Program Files\LiveZilla\LiveZilla.exe (SPAUN Power GmbH)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
C:\Program Files\Ela-Salaty\Salaty.exe (
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
* C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
* C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
* C:\WINDOWS\explorer.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)
* C:\PROGRA~1\Yahoo!\Messenger\Ymsgr_tray.exe (Yahoo! Inc.)
C:\Zyzoom_Forum_Tools\zyzoom.exe
Unrated items
-------------
002 C:\Program Files\LiveZilla\LiveZilla.exe (SPAUN Power GmbH)
002 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
003 C:\Documents and Settings\Y A S S E R\Application Data\FileHunter\update.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\0iiduup.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\5ssijee.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\6uu6gg6.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\986ss0e.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\dzpplbbxnn.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\fbww6ii6.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\iduupggbss.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\l0rnii6uu.exe
004 C:\Program Files\Ela-Salaty\Salaty.exe (
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\n0tpkk6ww.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\neezqqlccxo.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\oojaavmmhy.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\pk1gccxooj.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\ssneezqqlc.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\vq1miiduup.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\vrhhdttp.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\xtjjfvvr.exe
031 C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation) {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}
041 * C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods) {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
041 C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation) {8E718888-423F-11D2-876E-00A0C9082467}
052 GUID / CLSID not found {02478D38-C3F9-4efb-9B51-7695ECA05670}
052 GUID / CLSID not found {5C255C8A-E604-49b4-9D64-90988571CECB}
052 * C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO) {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
052 C:\Program Files\I Want This\I Want This.dll (215 Apps) {11111111-1111-1111-1111-110011221158}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
073 HP Photo Creations Communicator.job : C:\Documents and Settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe
100 ProxyServer HKCU : http=127.0.0.1:8888; https=127.0.0.1:8888
100 SearchAssistant HKCU : http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTerms}
100 SearchAssistant HKLM : http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
100 ShellNext HKCU :
100 Start Page HKCU :
105 Sothink SWF Catcher : C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
173 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\Game\SoftnyxGame\RakionIS\Bin\apf001.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 System32\drivers\kovi.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
034 C:\Documents and Settings\Y A S S E R\deh3ubd.exe
038 A
038 and
038 R\deh3ubd.exe
038 C:\Documents
038 E
038 S
038 S
038 Settings\Y
061 deskpan.dll
هايجاك :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:22 AM, on 5/6/2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\LiveZilla\LiveZilla.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Power Video Converter\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [LiveZilla] "C:\Program Files\LiveZilla\LiveZilla.exe" -minimize
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [FileHunter Check for updates] C:\Documents and Settings\Y A S S E R\Application Data\FileHunter\update.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: 0iiduup.exe
O4 - Startup: 5ssijee.exe
O4 - Startup: 6uu6gg6.exe
O4 - Startup: 986ss0e.exe
O4 - Startup: dzpplbbxnn.exe
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Startup: fbww6ii6.exe
O4 - Startup: iduupggbss.exe
O4 - Startup: l0rnii6uu.exe
O4 - Startup: n0tpkk6ww.exe
O4 - Startup: neezqqlccxo.exe
O4 - Startup: oojaavmmhy.exe
O4 - Startup: pk1gccxooj.exe
O4 - Startup: ssneezqqlc.exe
O4 - Startup: vq1miiduup.exe
O4 - Startup: vrhhdttp.exe
O4 - Startup: xtjjfvvr.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 8213 bytes
البرامج المثبتة :
====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 2
====== قائمة البرامج المثبتة ======
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader X (10.1.3)
Ask Toolbar
Babylon toolbar on IE
BatchInpaint 1.0
Carambis Driver Updater
CCleaner
Charles 3.6.5
Cheat Engine 6.1
Coupon Printer for Windows
Driver Magician Lite 3.7
Ela-Salaty
FormatFactory 1.85
Free YouTube to MP3 Converter version 3.10.6.727
Funmoods on IE and Chrome
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Deskjet 2050 J510 series Basic Device Software
HP Deskjet 2050 J510 series Help
HP Deskjet 2050 J510 series Product Improvement Study
HP Photo Creations
HP Update
I Want This
Inpaint 4.0
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Connections Drivers
Java Auto Updater
Java(TM) 6 Update 31
Junk Mail filter update
K-Lite Codec Pack 4.0.0 (Full)
LeapFTP
LiveZilla
LiveZilla
McAfee Security Scan Plus
Messenger Plus! 5
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office FrontPage 2003
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Notepad++
ProphecyMaster v1.1
ProxyShell Hide IP 4.0.1
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek AC'97 Audio
RealUpgrade 1.1
Registry Mechanic
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958470)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971032)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981350)
Security Update for Windows XP (KB982381)
Segoe UI
Sothink SWF Quicker
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB898461)
Update for Windows XP (KB925720)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VeryPDF PDF Editor v2.6
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinPcap 4.1.1
WinRAR archiver
WinZip 15.5
Yahoo! Messenger
Yahoo! Software Update
Your Uninstaller! 2010
Zend SafeGuard
رن سكنر :
Runscanner logfile
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
* = signed file
- = file not found
General info
------------
Computer name : YASSER
Creation time : 5/6/2012 4:59:20 AM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 6.0.2900.2180
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\WINDOWS
Running processes
-----------------
* C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
* C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\Documents and Settings\Y A S S E R\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
* C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
C:\Program Files\LiveZilla\LiveZilla.exe (SPAUN Power GmbH)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
C:\Program Files\Ela-Salaty\Salaty.exe (
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
)* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
* C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
* C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
* C:\WINDOWS\explorer.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\smss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
* C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)
* C:\PROGRA~1\Yahoo!\Messenger\Ymsgr_tray.exe (Yahoo! Inc.)
C:\Zyzoom_Forum_Tools\zyzoom.exe
Unrated items
-------------
002 C:\Program Files\LiveZilla\LiveZilla.exe (SPAUN Power GmbH)
002 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
003 C:\Documents and Settings\Y A S S E R\Application Data\FileHunter\update.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\0iiduup.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\5ssijee.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\6uu6gg6.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\986ss0e.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\dzpplbbxnn.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\fbww6ii6.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\iduupggbss.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\l0rnii6uu.exe
004 C:\Program Files\Ela-Salaty\Salaty.exe (
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
)004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\n0tpkk6ww.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\neezqqlccxo.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\oojaavmmhy.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\pk1gccxooj.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\ssneezqqlc.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\vq1miiduup.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\vrhhdttp.exe
004 C:\Documents and Settings\Y A S S E R\Start Menu\Programs\Startup\xtjjfvvr.exe
031 C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation) {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}
041 * C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (Funmoods) {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
041 C:\Program Files\Power Video Converter\msdxm.ocx (Microsoft Corporation) {8E718888-423F-11D2-876E-00A0C9082467}
052 GUID / CLSID not found {02478D38-C3F9-4efb-9B51-7695ECA05670}
052 GUID / CLSID not found {5C255C8A-E604-49b4-9D64-90988571CECB}
052 * C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (Funmoods BHO) {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
052 C:\Program Files\I Want This\I Want This.dll (215 Apps) {11111111-1111-1111-1111-110011221158}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
073 HP Photo Creations Communicator.job : C:\Documents and Settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe
100 ProxyServer HKCU : http=127.0.0.1:8888; https=127.0.0.1:8888
100 SearchAssistant HKCU : http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTerms}
100 SearchAssistant HKLM : http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
100 ShellNext HKCU :
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
100 Start Page HKCU :
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
105 Sothink SWF Catcher : C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
173 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Documents and Settings\Y A S S E R\Local Settings\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\Game\SoftnyxGame\RakionIS\Bin\apf001.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 System32\drivers\kovi.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mbamswissarmy.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
034 C:\Documents and Settings\Y A S S E R\deh3ubd.exe
038 A
038 and
038 R\deh3ubd.exe
038 C:\Documents
038 E
038 S
038 S
038 Settings\Y
061 deskpan.dll
تأييد
0
techno
عضو شرف
غير متصل
بالهايجيك احذف القيم التاليه
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTer ms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\Ba bylonToolbar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Power Video Converter\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\Babyl onToolbarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
من قائمة البرامج احذف التالي
Ask Toolbar
Babylon toolbar
Carambis Driver Updater
Free YouTube to MP3 Converter version 3.10.6.727
I Want This
McAfee Security Scan Plus
ProxyShell Hide IP 4.0.1
WinZip 15.5
ثم
ثم
بعد إعادة التشغيل
حمل النورتن سكيوريتي 2012 مفعل مسبقا
نصبه وحدثه أغلق النت واعمل فحص كامل للجهاز عند الإنتهاء ضع تقرير النورتن
ببرنامج your uninstaller
طبق الخطوات التاليه
واعطيني الصوره الثانيه كامله من جهازك
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=1123&systemid=1&sr=0&q={searchTer ms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:8888; https=127.0.0.1:8888
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\Ba bylonToolbar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files\Power Video Converter\msdxm.ocx
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\Babyl onToolbarTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
من قائمة البرامج احذف التالي
Ask Toolbar
Babylon toolbar
Carambis Driver Updater
Free YouTube to MP3 Converter version 3.10.6.727
I Want This
McAfee Security Scan Plus
ProxyShell Hide IP 4.0.1
WinZip 15.5
ثم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
ثم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بعد إعادة التشغيل
حمل النورتن سكيوريتي 2012 مفعل مسبقا
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
نصبه وحدثه أغلق النت واعمل فحص كامل للجهاز عند الإنتهاء ضع تقرير النورتن
ببرنامج your uninstaller
طبق الخطوات التاليه
واعطيني الصوره الثانيه كامله من جهازك
توقيع : techno
تأييد
0
۰۪۫B۪۫A۪۫B۪۫A۪۫۰۪۫S۪۫N۪۫F۪۫O۪۫R۪۫۰
زيزوومى فضى
غير متصل
اخي جرب الاداة التالية
اداة لحذ التولبورات بالمتصفحات
سيتم اغلاق المتصفح اجباريا
اضغط على kick it وسيتم اغلاق المتصفح اجباريا والبدء بحذف التولبارات
الاداة متوافقة مع كل اصدارات الوندوز
لم يتم تجربتها على انظمة 64 بت !!
التحميل من هنا
اداة لحذ التولبورات بالمتصفحات
سيتم اغلاق المتصفح اجباريا
اضغط على kick it وسيتم اغلاق المتصفح اجباريا والبدء بحذف التولبارات
الاداة متوافقة مع كل اصدارات الوندوز
لم يتم تجربتها على انظمة 64 بت !!
التحميل من هنا
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
تأييد
0
تم عمل كل ما طلبتوه اخي
هذا تقرير النورتن :
Scan Statistics:
Scan Time: 1,201 seconds
Scan Targets: Commonly infected areas
Counts:
Total items scanned: 6,984
- Files & Directories: 2,863
- Registry Entries: 352
- Processes & Start-up Items: 2,746
- Network & Browser Items: 1,006
- Other: 5
- Trusted Files: 502
- Skipped Files: 0
Total security risks detected: 41
Total items resolved: 41
Total items that require attention: 0
Resolved Threats:
25 Tracking Cookies
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Tracking Cookies
Status: Fully Resolved
-----------
25 Tracking Cookies
Cookie:usercompu@bs.serving-sys.com/ - Deleted
Cookie:usercompu@microsoftwllivemkt.112.2o7.net/ - Deleted
Cookie:usercompu@hit.gemius.pl/ - Deleted
Cookie:usercompu@statcounter.com/ - Deleted
Cookie:usercompu@intellitxt.com/ - Deleted
Cookie:usercompu@ru4.com/ - Deleted
Cookie:usercompu@rubiconproject.com/ - Deleted
Cookie:usercompu@domdex.com/ - Deleted
Cookie:usercompu@atdmt.com/ - Deleted
Cookie:usercompu@pixel.rubiconproject.com/ - Deleted
Cookie:usercompu@casalemedia.com/ - Deleted
Cookie:usercompu@zedo.com/ - Deleted
Cookie:usercompu@h.atdmt.com/ - Deleted
Cookie:usercompu@tap.rubiconproject.com/ - Deleted
Cookie:usercompu@adbrite.com/ - Deleted
Cookie:usercompu@quantserve.com/ - Deleted
Cookie:usercompu@tribalfusion.com/ - Deleted
Cookie:usercompu@doubleclick.net/ - Deleted
Cookie:usercompu@adtech.de/ - Deleted
Cookie:usercompu@serving-sys.com/ - Deleted
Cookie:usercompu@c.atdmt.com/ - Deleted
Cookie:usercompu@ad.yieldmanager.com/ - Deleted
Cookie:usercompu@tap2-cdn.rubiconproject.com/ - Deleted
Cookie:usercompu@tradedoubler.com/ - Deleted
- Deleted
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\neezqqlccxo.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\xtjjfvvr.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\oojaavmmhy.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\fbww6ii6.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\dzpplbbxnn.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\5ssijee.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\ssneezqqlc.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\pk1gccxooj.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\0iiduup.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\vrhhdttp.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\n0tpkk6ww.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\l0rnii6uu.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\vq1miiduup.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\iduupggbss.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\986ss0e.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\6uu6gg6.exe - Deleted
1 Browser Cache
Unresolved Threats:
No unresolved risks
وهذه الصور المطلوبة :
وبالنسبه للاخ
جربت الاداة والمشكلة مستمرة للاسف
في انتظار الرد
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
هذا تقرير النورتن :
Scan Statistics:
Scan Time: 1,201 seconds
Scan Targets: Commonly infected areas
Counts:
Total items scanned: 6,984
- Files & Directories: 2,863
- Registry Entries: 352
- Processes & Start-up Items: 2,746
- Network & Browser Items: 1,006
- Other: 5
- Trusted Files: 502
- Skipped Files: 0
Total security risks detected: 41
Total items resolved: 41
Total items that require attention: 0
Resolved Threats:
25 Tracking Cookies
Type: Anomaly
Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)
Categories: Tracking Cookies
Status: Fully Resolved
-----------
25 Tracking Cookies
Cookie:usercompu@bs.serving-sys.com/ - Deleted
Cookie:usercompu@microsoftwllivemkt.112.2o7.net/ - Deleted
Cookie:usercompu@hit.gemius.pl/ - Deleted
Cookie:usercompu@statcounter.com/ - Deleted
Cookie:usercompu@intellitxt.com/ - Deleted
Cookie:usercompu@ru4.com/ - Deleted
Cookie:usercompu@rubiconproject.com/ - Deleted
Cookie:usercompu@domdex.com/ - Deleted
Cookie:usercompu@atdmt.com/ - Deleted
Cookie:usercompu@pixel.rubiconproject.com/ - Deleted
Cookie:usercompu@casalemedia.com/ - Deleted
Cookie:usercompu@zedo.com/ - Deleted
Cookie:usercompu@h.atdmt.com/ - Deleted
Cookie:usercompu@tap.rubiconproject.com/ - Deleted
Cookie:usercompu@adbrite.com/ - Deleted
Cookie:usercompu@quantserve.com/ - Deleted
Cookie:usercompu@tribalfusion.com/ - Deleted
Cookie:usercompu@doubleclick.net/ - Deleted
Cookie:usercompu@adtech.de/ - Deleted
Cookie:usercompu@serving-sys.com/ - Deleted
Cookie:usercompu@c.atdmt.com/ - Deleted
Cookie:usercompu@ad.yieldmanager.com/ - Deleted
Cookie:usercompu@tap2-cdn.rubiconproject.com/ - Deleted
Cookie:usercompu@tradedoubler.com/ - Deleted
- Deleted
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\neezqqlccxo.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\xtjjfvvr.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\oojaavmmhy.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\fbww6ii6.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\dzpplbbxnn.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\5ssijee.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\ssneezqqlc.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\pk1gccxooj.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\0iiduup.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\vrhhdttp.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\n0tpkk6ww.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\l0rnii6uu.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\vq1miiduup.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\iduupggbss.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\986ss0e.exe - Deleted
1 Browser Cache
Suspicious.Mystic
Type: Anomaly
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Heuristic Virus
Status: Fully Resolved
-----------
1 File
c:\documents and settings\usercompu\start menu\programs\startup\6uu6gg6.exe - Deleted
1 Browser Cache
Unresolved Threats:
No unresolved risks
وهذه الصور المطلوبة :
وبالنسبه للاخ
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
جربت الاداة والمشكلة مستمرة للاسف
في انتظار الرد
تأييد
0
techno
عضو شرف
غير متصل
للأمانه أخي العزيز جهازك مصاب وأنصحك بفرمتة الجهاز لنسخه خام تكون نظيفه
لأول مره أنصح عضو بفرمتة جهازه
حمل ملف الران سكانر
وطبق عليه الشرح التالي
اعمل كما بالشرح ...
لأول مره أنصح عضو بفرمتة جهازه
حمل ملف الران سكانر
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وطبق عليه الشرح التالي
اعمل كما بالشرح ...
توقيع : techno
تأييد
0
شاجع
زيزوومى ذهبى
غير متصل
اعتقد اخوي أن لا مشكلة من تحميل برنامج لفك الضغط ثم Delete
يمكنك أستخدام
فعلاً عند أخوي نفس المشكلة تماماً لا يستطيع حذف Yahoo Toolbar
يمكنك أستخدام
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
فعلاً عند أخوي نفس المشكلة تماماً لا يستطيع حذف Yahoo Toolbar
توقيع : شاجع
تأييد
0
أية برامج تقصد
اذا التولبار لم ينحذف فالحل حذف الفايرفوكس من الجذور ثم إعادة تنصيبه
اقصد البرامج الذي طلبت مني تعطيلها ببرنامج your installer
طيب كيف حذفه من جذووره ؟
تأييد
0
طبعا بعد اذن الاخ techno
تقدر تحذفة بطريقتين
الاولى عن طريق خيار ازالة البرامج الموجودة في الكونترول بانل
الطريقه الثانيه عن طريق برنامج your installer
وانا افضل الطريق الثانيه... مع مراعاة ان جميع المتصفحات تكون مغلقة
وبعد مسح الفايرفوكس اعمل مسح للرجستري ايضا ببرنامج الانستالر
وبعدين نصب الفاير فوكس وبلغنا النتيجة
وان شاءالله بتكون انحلت
موفق
تقدر تحذفة بطريقتين
الاولى عن طريق خيار ازالة البرامج الموجودة في الكونترول بانل
الطريقه الثانيه عن طريق برنامج your installer
وانا افضل الطريق الثانيه... مع مراعاة ان جميع المتصفحات تكون مغلقة
وبعد مسح الفايرفوكس اعمل مسح للرجستري ايضا ببرنامج الانستالر
وبعدين نصب الفاير فوكس وبلغنا النتيجة
وان شاءالله بتكون انحلت
موفق
تأييد
0