فايروس خطيير مجننى وجهازى ضرب ساعدونى

[@على المصرى@]

السلام عليكم


اخوانى فايروس مجننى


وكل لما افتح اى درايف يظهر الاتى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهذا تقرير الهايك


Logfile of HijackThis v1.99.1
Scan saved at 11:19:23 م, on 15/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\VoipCheapCom\VoipCheapCom.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\أفلام\برامج\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Spanish] C:\Learn To Speak German Demo V3.2\Study Conversation.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\VoipCheapCom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB0812A0-793E-4A9D-B8E0-7044FF58EE00}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

 

[الديبلوماسي]

طيب ونا خوك ::

وش هو برنامج الحمايه اللي عندك ؟؟

وهل انت محدثه ولا لا ؟؟؟

 

[@على المصرى@]

البرنامج افيرا


ومحدثه

 

[احمد 251]

ده فيروس الاتورن (Autorun.inf)
فى ادوات لازالة الفيروس ده فى المنتدى استخدمها او
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
الفيرس ده خل عندى و
انا ستخدمت الكمبوفكس وحل المشكلة الحمد لله​

 

[salim999]

اخي الكريم حمل الاداة التالية

ثم اضغط على remove

ثم اعد تشغيل الجهاز

في حااالة وجود usb flash

يجب تكرار العملية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

والله اعلم

 

[@على المصرى@]

هذا هو التقرير اخوى احمد

ComboFix 08-11-13.02 - Araby 11/15/2008 23:50:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.83 [GMT 2:00]
Running from: c:\documents and settings\Araby\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
C:\i.exe
c:\windows\mg.exe
C:\x.bat
C:\yg.cmd
D:\Autorun.inf
D:\x.bat
D:\yg.cmd
E:\Autorun.inf
E:\x.bat
E:\yg.cmd
.
((((((((((((((((((((((((( Files Created from 2008-10-15 to 2008-11-15 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-15 20:57 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-15 20:26 --------- d-----w c:\program files\Avira
2008-11-15 20:26 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
2008-11-15 20:24 84,992 ------w c:\windows\system32\kav320.dll
2008-11-12 18:42 84,992 --sh--r c:\windows\system32\kav321.dll
2008-11-07 13:24 --------- d-----w c:\documents and settings\Araby\Application Data\Winamp
2008-11-05 19:39 0 ----a-w C:\osy3.sys
2008-11-03 18:20 --------- d-----w c:\documents and settings\Araby\Application Data\VoipCheapCom
2008-11-01 17:43 104,927 --sh--r C:\vfjc8mxm.exe
2008-10-30 19:34 --------- d-----w c:\program files\JetAudio
2008-10-24 16:26 --------- d-----w c:\program files\Persiansat.tk
2008-10-24 14:40 --------- d-----w c:\program files\VoipCheapCom
2008-10-24 12:36 --------- d-----w c:\documents and settings\Araby\Application Data\Yahoo!
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-13 14:54 --------- d-----w c:\documents and settings\All Users\Application Data\OrbNetworks
2008-10-13 14:53 --------- d-----w c:\program files\Winamp
2008-10-13 14:52 --------- d-----w c:\program files\Winamp Toolbar
2008-10-13 14:52 --------- d-----w c:\program files\Winamp Remote
2008-10-13 14:52 --------- d-----w c:\documents and settings\All Users\Application Data\Winamp Toolbar
2008-09-29 06:55 --------- d-----w c:\documents and settings\Araby\Application Data\COWON
2008-09-29 06:54 --------- d-----w c:\program files\Common Files\COWON
2008-09-29 06:53 --------- d--h--w c:\program files\InstallShield Installation Information
2008-09-29 06:53 --------- d-----w c:\documents and settings\Araby\Application Data\InstallShield
2008-09-28 20:01 --------- d-----w c:\program files\Ectaco
2008-09-28 19:44 --------- d-----w c:\program files\DAP
2008-09-28 19:32 50,688 ----a-w c:\windows\system32\wbhelp2.dll
2008-09-28 19:32 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit
2008-09-26 12:01 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-09-26 11:27 --------- d-----w c:\program files\Yahoo!
2008-09-26 11:13 --------- d-----w c:\program files\MSN Messenger
2008-09-25 14:15 --------- d-----w c:\program files\Chicken Invaders 2 Christmas Edition
2008-09-24 22:21 --------- d-----w c:\program files\AskSBar
2008-09-24 20:53 --------- d-----w c:\program files\Google
2008-09-24 20:51 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2008-09-24 20:03 499,712 ----a-w c:\windows\system32\msvcp71.dll
2008-09-24 20:03 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-09-24 20:03 --------- d-----w c:\program files\Real
2008-09-24 20:03 --------- d-----w c:\program files\Common Files\xing shared
2008-09-24 20:03 --------- d-----w c:\program files\Common Files\Real
2008-09-24 16:23 --------- d-----w c:\program files\Kaspersky Lab
2008-09-24 16:22 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-24 16:15 --------- d-----w c:\program files\microsoft frontpage
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:42 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-20 05:38 659,456 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [07/16/2008 10:51 PM 1266992]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [09/28/2008 09:32 PM 32768]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [09/25/2008 12:21 AM 66912]
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
09/25/2008 12:21 AM 66912 --a------ c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/04/2008 09:33 PM 68856]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 05:43 PM 4670704]
"Spanish"="c:\learn to speak german demo v3.2\Study Conversation.exe" [07/30/2007 01:23 AM 548864]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [09/28/2008 09:32 PM 3065344]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:55 PM 5674352]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [04/01/2008 03:54 AM 507904]
"VoipCheapCom"="c:\program files\VoipCheapCom\VoipCheapCom.exe" [09/08/2008 11:39 AM 9218872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [04/01/2006 07:33 AM 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [04/01/2006 07:33 AM 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [04/01/2006 07:33 AM 114688]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [09/24/2008 10:03 PM 185896]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [08/04/2008 01:02 AM 36352]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [06/12/2008 02:28 PM 266497]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [08/04/2004 02:56 AM 15360]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= e:\اغانى\الحزانى\مروه\مروه.bmp
FriendlyName=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 01/19/2007 12:55 PM 5674352 c:\program files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 08/30/2007 05:43 PM 4670704 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"d:\\Games\\Copy of empir\\Empier Earth.exe"=
"d:\\Games\\NFS_Hot Persuit 2\\NFSHP2.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
R2 AntiVirMailService;Avira AntiVir Premium MailGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe" [2008-11-15 164097]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE" [2008-11-15 258305]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;"c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe" [2008-11-15 41217]
*Newly Created Service* - ANTIVIRMAILSERVICE
*Newly Created Service* - ANTIVIRSCHEDULER
*Newly Created Service* - ANTIVIRSERVICE
*Newly Created Service* - ANTIVIRWEBSERVICE
*Newly Created Service* - AVESERVICE
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
*Newly Created Service* - PROCEXP90
*Newly Created Service* - WS2IFSL
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.lyaly-moon.com/vb
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
O8 -: &Download with &DAP - c:\program files\DAP\dapextie.htm
O8 -: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 -: Download &all with DAP - c:\program files\DAP\dapextie2.htm
O17 -: HKLM\CCS\Interface\{EB0812A0-793E-4A9D-B8E0-7044FF58EE00}: NameServer = 163.121.128.134,163.121.128.135
O18 -: Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
O18 -: Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-11-15 23:51:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 11/15/2008 23:52:48
ComboFix-quarantined-files.txt 2008-11-15 21:52:44
Pre-Run: 653,213,696 bytes free
Post-Run: 774,520,832 bytes free
172 --- E O F --- 2008-11-13 08:00:06

 

[احمد 251]

دلوقتى انت كويس
الهارد بيفتح عادى
k:k:​

 

[@على المصرى@]

بيفتح

بس لسه فيه تروجان مو راضى يتحذف


الافيرا مو قادر علية

 

[salim999]

اذا عندك فلاش ميموري

حاول تسعمل الاداة الي حملتها

واعد تشغيل الجهاز

 

[@على المصرى@]

مو عندى فلاش ميمورى

 

[الديبلوماسي]

بيفتح

بس لسه فيه تروجان مو راضى يتحذف


الافيرا مو قادر علية

اخوي ::

ادخل على هالموضوع ::

وحمل هالبرنامج .. واي تروجان هالبرنامج يشوته على

طوووول .. وان شاء الله هدف . :d:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بالتوفيق يالغلاااا .

 

[@على المصرى@]

جزاكم الله خيرا


المشكلة انحلت

 

[الديبلوماسي]

جزاكم الله خيرا


المشكلة انحلت

طيب اخوي ::

كيف انحلت ؟؟

علمنا .. يمكن نستفيد ...

 

[salim999]

طيب حمل هذة الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم اتركها حتى يكتمل تحديثها

ثم اضغط على

protection

ثم اضغط على

Register

ثم ادخل الرقم السري

2KS55
5W1C-4UA3-GY67-C0XE

او

5QI81
19BG-P6XN-E004-PLHV

او
8WQ44
VWN8-GW2P-HXDV-NRJ9

ثم اذهب الي

scanner

ثم اضغط على اختيار

perform full scan

ثم

scan

 

[الديبلوماسي]

^

^

اخوي :: الله يصلحك ..

هو يقول :: انحلت المشكله .. :hh::hh:

 

[salim999]

صدقني حيرجع

ويقول عندي مشكلة



:b:

:no:

:y:

:hh:

:d:

:bleh:

 

[الديبلوماسي]

صدقني حيرجع

ويقول عندي مشكلة



:b:

:no:

:y:

:hh:

:d:

:bleh:

هههههههه


:getsmile.tmp0018977


وراك متأكد كذا ؟؟؟

شكله الفايروس .. انت اللي مسويه ؟؟ :bleh: