ساعدوني في اكتشاف الفيروسات

  • بادئ الموضوع بادئ الموضوع loley2
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,368
L

loley2

زيزوومي جديد
إنضم
21 يونيو 2010
المشاركات
15
مستوى التفاعل
0
النقاط
20
غير متصل
السلام عليكم ورحمه الله وبركاته

اتمنى تفيدوني لانوو جهازي مرره ثقيل ادا كان في اي فيرووس انا نزلت برنامج Hijackthis

وعملت scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:13:32 ?, on 6/1/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\BisonCam\Monitor.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Yones\AppData\Local\MediaFire Express\mf_systray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Airlink101\Airlink101 PS Software\PsLink.exe
C:\windows\SysWOW64\RunDll32.exe
C:\windows\psmon.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Yones\AppData\Local\MediaFire Express\mf_daemon.exe
C:\Users\Yones\AppData\Local\MediaFire Express\mf_status.exe
C:\Users\Yones\AppData\Local\MediaFire Express\mf_services.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Acoustica Mixcraft 6\mixcraft6.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Yones\Documents\Downloads\Zyzoom_HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O4 - HKLM\..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: ["C:\Users\Yones\AppData\Local\Temp\ir_ext_temp_0\riotango2e_webdownload_driver_1.6.1_iss2.exe"] "C:\Users\Yones\AppData\Local\Temp\ir_ext_temp_0\riotango2e_webdownload_driver_1.6.1_iss2.exe" /W
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MediaFire Tray] "C:\Users\Yones\AppData\Local\MediaFire Express\mf_systray.exe" --boot-start
O4 - HKCU\..\Run: [MSIDLL] C:\windows\SysWOW64\rundll32.exe msicvt32.dll,SMKTsI
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - Startup: Microsoft Outlook 2010.lnk = ?
O4 - Startup: MorphVOX.lnk = C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: PS-Link.lnk = ?
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ????? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: ??&??? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ??????? OneNote ???&????? - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ??????? OneNote ???&????? - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware workstation\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {7253A666-804A-1108-A3DC-00E04C504788} (BMChat Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7B43048F-DA7A-458F-AF35-D825BDBB6816} (NetVideoOCX Control V2.2) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9599E3C8-CBDB-49C0-A22A-803792ED752C} (MFCActivex Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {CAFCF48D-8E34-4490-8154-026191D73924} (NetVideoActiveX V2.3) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{AB57DF5C-073C-4289-8442-CFE54A3CADDB}: NameServer = 168.224.192.4
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Service Function (EpServiceFunction) - Unknown owner - C:\windows\SysWOW64\FunctionService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RPSProxy (ProxyManager) - Bosch - C:\RPS\Lib\RPSProxy.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19804 bytes



 

ترتيب حسب التاريخ ترتيب حسب الأصوات

حمل هذا البرنامج


رابط مباشر ،، محمول وبدون تثبيت
محدث
8 \ 4 \ 2012


ينصح بإغلاق برنامج الحماية قبل تحميل البرنامج
مستخدمي وندوز فيستا وسفن >>> كلك يمين وتشغيل كمسؤل


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير



ef13e017c7f665988b0203b7f6263df3.png



96cdb19a12f25918281cd580e18ea6d8.png



2bf73c43713bd700fce4d3e42e53e06f.png



942c6b91ff169506f993add2690f82ed.png



a400c0bd18f19d5be03699a3b20e7a6a.png



انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
 
توقيع : البارون
تأييد 0
هلا اخي هذة الملفات المصابة


ارجو منك اخي الكريم بفحص الجهاز ببرنامج كاسبر
او
النود
او
اي برنامج حماية قوي
_______________________________________________


C:\windows\SysWOW64\RunDll32.exe



O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics


O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll



O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)



O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)



O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)



O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)



O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)



O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)



O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)



O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)



O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)



O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)






 
توقيع : ۰۪۫B۪۫A۪۫B۪۫A۪۫۰۪۫S۪۫N۪۫F۪۫O۪۫R۪۫۰
تأييد 0
البارون قال:
حمل هذا البرنامج


رابط مباشر ،، محمول وبدون تثبيت
محدث
8 \ 4 \ 2012


ينصح بإغلاق برنامج الحماية قبل تحميل البرنامج
مستخدمي وندوز فيستا وسفن >>> كلك يمين وتشغيل كمسؤل


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير



ef13e017c7f665988b0203b7f6263df3.png



96cdb19a12f25918281cd580e18ea6d8.png



2bf73c43713bd700fce4d3e42e53e06f.png



942c6b91ff169506f993add2690f82ed.png



a400c0bd18f19d5be03699a3b20e7a6a.png



انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
أنقر للتوسيع...




الله يعطيك العافيه

تم تحميل البرنامج وتم نسخ بعد الفحص كالتالي :


Malwarebytes' Anti-Malware 1.51.2.1300
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

6/1/2012 11:09:32 م
mbam-log-2012-06-01 (23-09-21).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 390881
Time elapsed: 30 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 42

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.IRCBot) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{C1ACFFD6-514E-49DA-B4FF-30D02FEEED14} (Trojan.Downloader) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{4BB1C10E-D349-4C48-A979-1C0E4704A7C5} (Trojan.Downloader) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{F4355BF2-0E20-4F5D-916F-A4903A883A48} (Trojan.Downloader) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\DOWNLOADED PROGRAM FILES\DOWNLOADERACTIVEX.OCX (Trojan.Downloader) -> Value: DOWNLOADERACTIVEX.OCX -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\angel love\adobe photoshop cs4 me\Patch.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\Desktop\prograam\more\ضغط الملفات\alzip v7.4.0.1\alzip.7.4.0.1-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\more\كتب الكترونية\expert pdf pro v6.0\Patch\patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\more\كتب الكترونية\pdf.protection.remover.3.0\Patch\Crack.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\internet.download.manager.v5.19\patch 5.xx (2008-12-06).exe (Riskware.Tool.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\net.transport.v2.89.build.502\Patch\patch 2.xx.exe (Riskware.Tool.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\stuffit.deluxe.2010.v14.0.0.18-core\keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\stuffit.deluxe.2010.v14.0.0.18-core\keygen\keygen.exe (Trojan.Agent.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\تسريع الانترنت\tweakmaster pro 3.0.1 build r2581\patch.exe (Malware.Packer.Gen) -> No action taken.
c:\Users\Yones\Desktop\prograam\انترنت\مسنجر\xchat v2.8.7c\Patch\xchat.v2.8.7c-nope.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\Desktop\prograam\برامج الإستعادة\nuclear coffee recover keys v3.0.0.37 multilingual\patch.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\Desktop\prograam\برامج الإستعادة\recover my files 4.4.8 build 578\CRACK\armaccess.dll (Malware.Packer) -> No action taken.
c:\Users\Yones\Desktop\prograam\بورتابل\expert pdf editor pro 6.30.460\portable expert pdf editor pro v6.30.460\portable expert pdf editor pro v6.30.460.exe (Trojan.Agent) -> No action taken.
c:\Users\Yones\Desktop\prograam\بورتابل\quicktime pro 7.3\quicktime\4000001900002i\iexplore.exe (Trojan.IRCBot) -> No action taken.
c:\Users\Yones\Desktop\prograam\بورتابل\quicktime pro 7.3\quicktime\4000001b00002i\exportcontroller.exe (Trojan.IRCBot) -> No action taken.
c:\Users\Yones\Desktop\prograam\بورتابل\recover my files 4.0.4.448\armaccess.dll (Malware.Packer) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\تصميم وصور\corel photo album 7.0\keygen.exe (Trojan.Dropper.PGen) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\aleosoft 3d flash slideshow creator v1.2\aleo.3d.flash.slideshow.creator.v1.2-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\flash.banner.creator.v1.10\Patch.exe (Malware.NSPack) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\koolmoves flash editor 5.2.4\CRACK\keygen.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\sothink swf quicker v3.0.71120\Keygen.exe (Trojan.Dropper.PGen) -> No action taken.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\swish max3 v1.0 build date 2009.09.01\patch\swishzone.all.product-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\حماية\autorun virus remover 2.3 build 1006\autorun.virus.remover.2.3.-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\حماية\Casir 2.2\REGISTER\KEYGEN.EXE (RiskWare.Tool.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\حماية\super anti spyware pro v4.27.1000\Activ\superantispyware.ubl.tool.v1.0-res-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\حماية\usb.virus.scan.v2.3\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Yones\Desktop\prograam\حماية\usb.virus.scan.v2.3\keygen.exe (Malware.Packer.Gen) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\أدوات\latshaw systems absolute media\Crack\keygen.exe (Trojan.Agent.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\محولات\4easysoft total video converter 3.2.26\patch\4easysoft.all.producrts-patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\محولات\easy.dv.to.dvd.v1.3.10 build 1106\Key\keygen.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\blazedvd professional v5.1.0.3\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\bs.player.pro.v2.43.build.1008\keygen.exe (Trojan.Dropper.PGen) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\corel windvd pro v10.0.4.258\reg\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\corel windvd pro v10.0.4.258\reg\cr-wdp2010.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\divx pro v7.2.0 build 10.3.1.8\keygen_fff.exe (Trojan.Agent) -> No action taken.
c:\Users\Yones\Desktop\prograam\نظام\advanced systemcare pro\patch & keygen\patch & keygen.exe (RiskWare.Tool.CK) -> No action taken.
c:\Users\Yones\Desktop\prograam\نظام\babylon v8.0.2\Patch.exe (PUP.Hacktool.Patcher) -> No action taken.
c:\Users\Yones\Desktop\prograam\نظام\driver checker v2.7.3\Patch\keygen.exe (Trojan.Agent) -> No action taken.
c:\Users\Yones\Desktop\prograam\نظام\yamicsoft.vista.manager.v3.0.5\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
c:\Users\Yones\downloads\acoustica.mixcraft.v3.0.18. keygen\keygen.exe (Trojan.Downloader) -> No action taken.
c:\Users\Yones\downloads\new folder\acoustica.mixcraft.v3.0.18. keygen\keygen.exe (Trojan.Downloader) -> No action taken.
c:\Windows\downloaded program files\downloaderactivex.ocx (Trojan.Downloader) -> No action taken.
 
تأييد 0
الله يعطيك العاافية اخوي محمد الحنتووشي

سوف يتم المسح بااذن الله

شكرا لك
 
تأييد 0
اخوي لازم تحذف الاصابات طبق الشرح لاتمام عملية حذف الاصابات​
 
توقيع : البارون
تأييد 0
كيف اعرف الاصاابات يالغالي .. ووين الشرح
 
تأييد 0
اخوي الكلمه دي غير موجوده بعد ماعمل scan
Bifroce
 
تأييد 0
الله يعطيك العافيه يالغالي

بس كيف اعرف انه فيرووس عشان اقدر احذف
 
تأييد 0
ياخي عندك باتش محقون بالمتصفح

احذف الاصابات واترك عنك التعلم الان
 
توقيع : البارون
تأييد 0
اوك سوف يتم الحذف
 
تأييد 0
السلام عليكم

تم الفحص وتم الحذف الفيروسات الضارة وبعد ذلك تم فحص الجهاز بالبرنامج مالور والنتائج كالتالي :

Malwarebytes' Anti-Malware 1.51.2.1300
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

6/2/2012 09:09:10 م
mbam-log-2012-06-02 (21-09-10).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 391893
Time elapsed: 31 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 30

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.IRCBot) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C1ACFFD6-514E-49DA-B4FF-30D02FEEED14} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4BB1C10E-D349-4C48-A979-1C0E4704A7C5} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{F4355BF2-0E20-4F5D-916F-A4903A883A48} (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\DOWNLOADED PROGRAM FILES\DOWNLOADERACTIVEX.OCX (Trojan.Downloader) -> Value: DOWNLOADERACTIVEX.OCX -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\angel love\adobe photoshop cs4 me\Patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\more\ضغط الملفات\alzip v7.4.0.1\alzip.7.4.0.1-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\Users\Yones\Desktop\prograam\more\كتب الكترونية\pdf.protection.remover.3.0\Patch\Crack.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\internet.download.manager.v5.19\patch 5.xx (2008-12-06).exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\net.transport.v2.89.build.502\Patch\patch 2.xx.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\stuffit.deluxe.2010.v14.0.0.18-core\keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\انترنت\تحميل\stuffit.deluxe.2010.v14.0.0.18-core\keygen\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\انترنت\تسريع الانترنت\tweakmaster pro 3.0.1 build r2581\patch.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\انترنت\مسنجر\xchat v2.8.7c\Patch\xchat.v2.8.7c-nope.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\برامج الإستعادة\recover my files 4.4.8 build 578\CRACK\armaccess.dll (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\بورتابل\expert pdf editor pro 6.30.460\portable expert pdf editor pro v6.30.460\portable expert pdf editor pro v6.30.460.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\بورتابل\quicktime pro 7.3\quicktime\4000001900002i\iexplore.exe (Trojan.IRCBot) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\بورتابل\quicktime pro 7.3\quicktime\4000001b00002i\exportcontroller.exe (Trojan.IRCBot) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\aleosoft 3d flash slideshow creator v1.2\aleo.3d.flash.slideshow.creator.v1.2-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\flash.banner.creator.v1.10\Patch.exe (Malware.NSPack) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\koolmoves flash editor 5.2.4\CRACK\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\sothink swf quicker v3.0.71120\Keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\حماية\super anti spyware pro v4.27.1000\Activ\superantispyware.ubl.tool.v1.0-res-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\Users\Yones\Desktop\prograam\حماية\usb.virus.scan.v2.3\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\حماية\usb.virus.scan.v2.3\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\مالتيميديا\أدوات\latshaw systems absolute media\Crack\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\blazedvd professional v5.1.0.3\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\bs.player.pro.v2.43.build.1008\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\corel windvd pro v10.0.4.258\reg\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\مالتيميديا\مشغلات\divx pro v7.2.0 build 10.3.1.8\keygen_fff.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\نظام\babylon v8.0.2\Patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\Users\Yones\Desktop\prograam\نظام\yamicsoft.vista.manager.v3.0.5\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\Users\Yones\downloads\acoustica.mixcraft.v3.0.18. keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Yones\downloads\new folder\acoustica.mixcraft.v3.0.18. keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\downloaded program files\downloaderactivex.ocx (Trojan.Downloader) -> Quarantined and deleted successfully.
 
تأييد 0
هلا اخي اذهب الى هذة القائمة تجد الملفات المصابة حددها جميعها واعمل كما في الصورة
.
.
.


942c6b91ff169506f993add2690f82ed.png
 
توقيع : ۰۪۫B۪۫A۪۫B۪۫A۪۫۰۪۫S۪۫N۪۫F۪۫O۪۫R۪۫۰
تأييد 0
تم العمل وتم حذفهم يالغالي والتقرير كالتالي :

Malwarebytes' Anti-Malware 1.51.2.1300
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

6/2/2012 10:32:41 م
mbam-log-2012-06-02 (22-32-41).txt

Scan type: Full scan (C:\|D:\|F:\|)
Objects scanned: 392244
Time elapsed: 32 minute(s), 53 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Yones\Desktop\prograam\more\ضغط الملفات\alzip v7.4.0.1\alzip.7.4.0.1-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\more\كتب الكترونية\pdf.protection.remover.3.0\Patch\Crack.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\تصميم\فلاش\aleosoft 3d flash slideshow creator v1.2\aleo.3d.flash.slideshow.creator.v1.2-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\حماية\super anti spyware pro v4.27.1000\Activ\superantispyware.ubl.tool.v1.0-res-patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
c:\Users\Yones\Desktop\prograam\نظام\babylon v8.0.2\Patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
 
تأييد 0
حمل الاداة من هذا الموضوع
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعمل تقرير هايجاك + قائمة البرامج المثبتة

 
توقيع : البارون
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى