تم حل المشكلة هل يوجد ملفات تجسس ام انه فايروس ؟

الحالة
مغلق و غير مفتوح للمزيد من الردود.
ا

ابوٍعثمآإ‘نّ

زيزوومي نشيط
إنضم
3 أبريل 2008
المشاركات
101
مستوى التفاعل
11
النقاط
130
الإقامة
بلاد الحرمين
غير متصل
السلام عليكم

كيف الحال لي فترة طويلة جدا عن المنتدى ان شاء الله الجميع بصحة وعافية :)

انا ياشباب عندي مشكلة قبل اسبوع كان الجهاز له سنة بدون اي حماية وكانت الكاميرا تفتح بنفسها وانا شاك في ان الجهاز فيه ملفات تجسس، بعدين اشتريت كاسبر سكيورتي 14 اصلي وكل شي :Dوالصراحة برنامج جبار طلع فايروسات من الجهاز كثيرة :sneaky: ولكن الى الآن ابغى اعرف جهازي فيه ملفات تجسس ولالا.....وشكرا لكم
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
Where you know that your brother Mvirs and you said that it was removing the virus' There, it has been removed

Viruses

Alswl Do you feel anything strange in your
 
توقيع : hamhariiygood
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


من اين نعرف اخي ان جهازك مفيرس وانت قلت انة تم ازالة الفيرس عزيزي انة تم ازالة

الفيروسات

السؤل هل تشعر بأي شيء غريب في جهازك
 
توقيع : hamhariiygood
تأييد 0
نعم ازلت الفايروسات ولكن اشك ان جهازي توجد به ملفات تجسس ( قد تكون مشفره من الكاسبر ولا يستطيع ان يكشفها )
 
تأييد 0
لا تستعجل سيتم الرد عليك من الخبراء ولكن أعطهم قليلاً من الوقت

مثلك عارف الناس هذه كلهم محتسبين لا يأخذون أجر من أحد إلا من الله

فقليل من الصبر وأشغل نفسك بكثرة الاستغفار والتسبيح والتهليل تفرج بإذن الله تعالى
 
توقيع : أبو عائشهأبو عائشه is verified member.
تأييد 0
توقيع : Alp Arslan
تأييد 0
ابو عائشة جزاك الله خير ياغالي واكيد كل الشكر لاعضاء زيزوم الكرام وكلنا هنا أخوة نجتمع في خدمة بعضنا البعض
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 06:16:27 م, on 06/03/14
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\DELL\AppData\Local\iexplorer\Browsers Monitor\iexplorer_monitor.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HzP\Digital Imaging\bin\hpqbaam08.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\program files (x86)\plus-hd-7.6\plus-hd-7.6-bg.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=127.0.0.1:8118;http=127.0.0.1:8118;https=127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: DiGiSaverr - {5E955CA3-5300-CFED-E11E-BF1D1014CD33} - C:\ProgramData\DiGiSaverr\cUqo0nme_R.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-211575046-2903104165-3990168525-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-211575046-2903104165-3990168525-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: bm.lnk = C:\Users\DELL\AppData\Local\iexplorer\Browsers Monitor\iexplorer_monitor.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {0AA3D226-A014-4CBB-AD7F-7A11CC2343AA} (BMCVoice Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {40D6AEE4-54F1-4839-8452-179D7A7AE98F} (BMCVoice Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {4D174846-F9D9-439B-BFDE-A1D3B4D79C37} (BMCVoice Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {625CA666-935A-EC18-CCEC-CCE04C544778} (Sower Helper Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDBGame1X - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15281 bytes
 
التعديل الأخير:
تأييد 0
توقيع : Alp Arslan
تأييد 0
Malwarebytes Anti-Malware (Trial) 1.75.0.1300

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Database version: v2014.03.07.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
DELL :: DELL-PC [administrator]
Protection: Enabled
06/05/35 01:28:32 م
mbam-log-2014-03-07 (13-28-32).txt
Scan type: Full scan (B:\|C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 417637
Time elapsed: 1 hour(s), 19 minute(s), 42 second(s)
Memory Processes Detected: 1
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bg.exe (PUP.Optional.PlusHD.A) -> 6160 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 33
HKCR\CLSID\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440544074478} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550555075578} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0050778.BHO.1 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178} (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{5E955CA3-5300-CFED-E11E-BF1D1014CD33} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5E955CA3-5300-CFED-E11E-BF1D1014CD33} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5E955CA3-5300-CFED-E11E-BF1D1014CD33} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E955CA3-5300-CFED-E11E-BF1D1014CD33} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5E955CA3-5300-CFED-E11E-BF1D1014CD33} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ACEC5B69-F74E-445A-AC6C-CF621C680893} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{62CE079A-9E67-40B2-A4AB-FD75F6E88B8A} (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GeniusXX (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCR\CLSID\{EDBDC9B8-9495-9010-C096-0F6D1D840D1F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EDBDC9B8-9495-9010-C096-0F6D1D840D1F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EDBDC9B8-9495-9010-C096-0F6D1D840D1F} (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0050778.BHO (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0050778.Sandbox (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0050778.Sandbox.1 (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\Software\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
Registry Values Detected: 2
HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Quarantined and deleted successfully.
HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Data: awsafreezip121790 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 5
C:\Users\DELL\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6 (PUP.Optional.PlusHD.A) -> Delete on reboot.
C:\Users\DELL\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
Files Detected: 39
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bg.exe (PUP.Optional.PlusHD.A) -> Delete on reboot.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll (PUP.Optional.PlusHD.A) -> Delete on reboot.
C:\ProgramData\DiGiSaverr\cUqo0nme_R.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\GeniusXXAddon\GeniusXXIE.dll (PUP.Optional.OneWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\GeniusXXAddon\Uninstall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll (PUP.Optional.PlusHD.A) -> Delete on reboot.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-enabler.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-updater.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-validator.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\ProgramData\Broewse2ysuave\5154a795bdbe3.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\Broewse2ysuave\5154a7d69e07e.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\ProgramData\DiGiSaverr\cUqo0nme_R.x64.dll (PUP.Optional.MultiPlug.A) -> Delete on reboot.
C:\Users\DELL\AppData\Local\Bundled software uninstaller\biSetup5077.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Local\Temp\KMP_3.8.0.120.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Local\Temp\plus-hd-7-6row.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Local\Temp\Сodec Performer804225.exe (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Users\DELL\Downloads\CodecPerformerSetup.exe (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Users\DELL\Downloads\SoftonicDownloader_for_kmplayer.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Plus-HD-7.6-enabler.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Plus-HD-7.6-updater.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\Plus-HD-7.6-validator.job (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\50778.crx (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\50778.xpi (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\background.html (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Installer.log (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6.ico (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\Uninstall.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Plus-HD-7.6\utils.exe (PUP.Optional.PlusHD.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\DELL\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
(end)
 
تأييد 0
اخي الآن تقريرك سليم أحذف الميلويربايت حتى لايتعارض مع الكاسبر او في المرة القادمة
سطبه بدون تفعيل الفترة التجريبية
كمافي الصورة

zWeid.png


هل تبقى استفسارات أخي :whistle:
 
توقيع : Alp Arslan
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

الجهاز نظيف الآن يغلق لانتهاء المشكلة وفقك الله(y)
 
توقيع : Alp Arslan
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى