الجهاز يعيد التشغيل و رسائل خطأ - يوجد تقرير -

  • بادئ الموضوع بادئ الموضوع قوت
  • تاريخ البدء تاريخ البدء
  • المشاهدات 4,644
ق

قوت

زيزوومي نشيط
إنضم
12 يناير 2009
المشاركات
105
مستوى التفاعل
0
النقاط
120
غير متصل
السلام عليكم
جهازي يقوم باعادة التشغيل من نفسه بعد ما يقارب نصف ساعة !
و احيانا عندما تظهر رسائل خطأ في بداية التشغيل هذه صورتها :

zyzoom-c4fdf8758e.jpg




و مباشرة يظهر بعدها مربع يطلب حفظ العمل لان الجهاز سينطفئ بعد ثواني و يبدا عد تنازلي ثم يعيد التشغيل !

هذا تقرير الهايجك ربما يمكنكم اكتشاف الخطأ :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:19:41 ص, on 15/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\System.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\HD\Desktop\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: UserInit=userinit.exe ,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderAdvise - {97421d0d-e07f-40df-8f07-99597b9585ad} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll
O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKLM\..\Run: [3PMmUpdate] rundll32 "C:\WINDOWS\Update.dll",Main
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [MPMKrnl] rundll32 "C:\WINDOWS\MKMKrnl.dll",KMainProc
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: add to amv converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: mediamanager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: nidaiolj.dll,fcggofbn.dll,depfjjnn.dll,nkcndbnm.dll,ahnhefmg.dll,khcdmhoi.dll,gnbcmgcp.dll,fcbgckdl.dll,obogkolh.dll,aglpppfm.dll,abnjmoij.dll,lkdjpcnn.dll,mdhlhabp.dll,ddedkeoo.dll,geklddoj.dll,HBmhly.dll,HBSHQ.dll,HBWULIN2.dll,HBZHUXIAN.dll,HBCHIBI.dll,jcjjnnfa.dll,glfcegbc.dll,gccpaoel.dll,pdhonaog.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O21 - SSODL: 1C9375DB - {1C9375DB-93A1-4644-80F9-5B75E0EEDCC6} - C:\WINDOWS\system32\hcpjnldb.dll (file missing)
O21 - SSODL: E8F893C5 - {E8F893C5-6187-4FD5-BF51-DA060DCF15A9} - C:\WINDOWS\system32\eofopjcl.dll (file missing)
O21 - SSODL: C3BC90D4 - {C3BC90D4-412D-47A9-A3B5-B11DAEF9C496} - C:\WINDOWS\system32\cjbcpgdk.dll (file missing)
O21 - SSODL: FBDA1790 - {FBDA1790-F810-4CF7-A354-5670AF32B6AD} - C:\WINDOWS\system32\fbdahnpg.dll (file missing)
O21 - SSODL: msnmsg - {DA191DE0-AA86-4ED0-4B87-293D48B2AE99} - C:\Program Files\Messenger\msgmr.dll
O21 - SSODL: AB736823 - {AB736823-3D1F-42B2-AD67-FDA376C1345B} - C:\WINDOWS\system32\abnjmoij.dll
O21 - SSODL: A171EF60 - {A171EF60-89D6-4C15-BD7B-C9A145EDD53E} - C:\WINDOWS\system32\ahnhefmg.dll
O21 - SSODL: 6D151AB9 - {6D151AB9-8295-4819-9525-53DE3EE1D3CB} - C:\WINDOWS\system32\mdhlhabp.dll
O21 - SSODL: 0CC9A8E5 - {0CC9A8E5-747B-49E1-AA6B-E64EF96C567D} - C:\WINDOWS\system32\gccpaoel.dll
O21 - SSODL: 74C7DB76 - {74C7DB76-7505-4934-8C04-58439D101425} - C:\WINDOWS\system32\nkcndbnm.dll
O21 - SSODL: DDED4E88 - {DDED4E88-5CD0-4615-B3BA-EBAFE58DC4A5} - C:\WINDOWS\system32\ddedkeoo.dll
O21 - SSODL: 0E45DD83 - {0E45DD83-03E6-4BFD-A5CA-5093E8B54667} - C:\WINDOWS\system32\geklddoj.dll
O21 - SSODL: 54D39C77 - {54D39C77-CE20-41C8-9280-E58A6C063231} - C:\WINDOWS\system32\lkdjpcnn.dll
O21 - SSODL: 41CD6182 - {41CD6182-19BB-4493-8495-F8CD733386AD} - C:\WINDOWS\system32\khcdmhoi.dll
O21 - SSODL: FCB0C4D5 - {FCB0C4D5-1F94-4C35-A5C2-5F6388EF2BBF} - C:\WINDOWS\system32\fcbgckdl.dll
O21 - SSODL: 8B804851 - {8B804851-76B0-4C75-ADB3-22CC0FF9CAB7} - C:\WINDOWS\system32\obogkolh.dll
O21 - SSODL: 07BC60C9 - {07BC60C9-67D6-482D-9DC9-29600C735CA0} - C:\WINDOWS\system32\gnbcmgcp.dll
O21 - SSODL: A05999F6 - {A05999F6-C7F4-43FE-809C-F1DEA2ED37DE} - C:\WINDOWS\system32\aglpppfm.dll
O21 - SSODL: 05FCE0BC - {05FCE0BC-CD1F-4171-840F-7741EB71618A} - C:\WINDOWS\system32\glfcegbc.dll
O21 - SSODL: FC008FB7 - {FC008FB7-B97C-4282-84E3-98AAB6A39588} - C:\WINDOWS\system32\fcggofbn.dll
O21 - SSODL: 3C3377FA - {3C3377FA-FF22-4029-9975-DF8CCBA8ECA2} - C:\WINDOWS\system32\jcjjnnfa.dll
O21 - SSODL: DE9F3377 - {DE9F3377-E652-4B15-B675-209ED0C223EF} - C:\WINDOWS\system32\depfjjnn.dll
O21 - SSODL: 72DA2853 - {72DA2853-9931-44F0-8ABF-47B47291CCB0} - C:\WINDOWS\system32\nidaiolj.dll
O21 - SSODL: 9D187A80 - {9D187A80-6D23-4725-A134-EC732CD8817D} - C:\WINDOWS\system32\pdhonaog.dll
O21 - SSODL: ThunderAdvise - {97421D0D-E07F-40DF-8F07-99597B9585AD} - C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer (servicelayer) - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7861 bytes


بانتظاركم على أحر من الجمر :f:
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
توقيع : KoNaMi
تأييد 0
ahmosis قال:
مشاركة بسيطة بعد ادن استاذي الكريم ماكس

بخصوص
ملفات
host
حيت ان اصابات الجهاز
تغير مسارها كما يشير الى \لك التقرير الاخير
فالاداة التالية تصحح المسار
بعد تحميل الاداة من
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

15-01-2009%2022-41-43.png

15-01-2009%2022-42-01.png
أنقر للتوسيع...

بارك الله فيك
الاداة هذه بعد انتهاء الفحص بالكاسبر

لا هنت
 
تأييد 0
بالأنتظار يا الغلاا بتقرير الكاسبر في الوضع الامن ثم تطبيق الأداة في المشاركه السابقه ثم تقرير هايجاك جديد
 
توقيع : AbOdy
تأييد 0
مرحبا و عذرا للتأخير ,
هذا تقرير الكاسبر بعد الفحص في الوضع الآمن :

Scan
----
Scanned: 229126
Detected: 12
Untreated: 1
Start time: 16/01/2009 11:37:23 ص
Duration: 03:18:59
Finish time: 16/01/2009 02:56:22 م

Detected
--------
Status ******
------ ------
will be deleted when the computer is restarted: Trojan program Trojan-Downloader.Win32.Agent.atpy File: C:\WINDOWS\system32\oleadp.dll
deleted: Trojan program Rootkit.Win32.Agent.enb File: c:\windows\system32\drivers\e696f15e.sys
deleted: Trojan program Trojan-Downloader.Win32.Agent.yuv File: c:\program files\messenger\msgmr.dll
deleted: Trojan program Trojan-Downloader.Win32.Murlo.nn File: C:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll
deleted: Trojan program Trojan-Downloader.Win32.Murlo.nn File: C:\Documents and Settings\HD\Local Settings\Temporary Internet Files\*******.IE5\CDYBG9UB\gbu[1].gif
deleted: Trojan program Trojan-Downloader.Win32.Small.aacq File: C:\Documents and Settings\HD\Local Settings\Temporary Internet Files\*******.IE5\CDYBG9UB\update[1].gif//UPX
deleted: Trojan program Trojan-Downloader.Win32.Murlo.nn File: C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\934GO2JD\gbu[21].gif
deleted: Trojan program Trojan-Downloader.Win32.Small.aacq File: C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\WHIR4XY3\update[1].gif//UPX
will be deleted when the computer is restarted: Trojan program Trojan-Downloader.Win32.Small.yvn File: C:\WINDOWS\Fonts\Framdee.ttf
detected: Trojan program Trojan.Win32.Agent.amdi File: C:\WINDOWS\system32\ntos.exe
deleted: Trojan program Trojan-Downloader.Win32.Small.aacq File: C:\WINDOWS\Temp\QQ_Update.cab//UPX
deleted: Trojan program Trojan-Downloader.Win32.Murlo.nn File: C:\WINDOWS\Temp\wmsetup.dll

Events
------
Time Name Status Reason
---- ---- ------ ------
16/01/2009 11:37:48 ص Running module: smss.exe\smss.exe ok scanned

Statistics
----------
****** Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Disinfect, delete if disinfection fails
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE ******s All
Skip if ****** is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes

Quarantine
----------
Status ****** Size Added
------ ------ ---- -----

Backup
------
Status ****** Size
------ ------ ----
Infected: Trojan program Trojan.Win32.SmallGame.cb C:\WINDOWS\system32\HBCHIBI.dll 24 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uhbq C:\WINDOWS\system32\abnjmoij.dll 236 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpe C:\WINDOWS\system32\nkcndbnm.dll 27 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ufye C:\WINDOWS\system32\jcjjnnfa.dll 25 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ueiw C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\4Z658XEV\05[1].exe 10.4 KB
Infected: Trojan program Trojan.Win32.Agent.amdi C:\WINDOWS\system32\wsnpoem 0 bytes
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpd C:\WINDOWS\system32\mdhlhabp.dll 29 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uiwu C:\WINDOWS\system32\pdhonaog.dll 28.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ufmu C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\934GO2JD\03[1].exe 10.2 KB
Infected: adware not-a-virus:AdWare.Win32.BHO.dai C:\WINDOWS\Downloaded Program Files\ThunderAdvise.dll 44 KB
Infected: Trojan program Trojan-Dropper.Win32.Agent.aefo C:\WINDOWS\Temp\~0a88b7.~~~ 33.5 KB
Infected: Trojan program Trojan-GameThief.Win32.WOW.eih C:\Documents and Settings\HD\Local Settings\Temp\WowInitcode.dat 23 KB
Infected: Trojan program Trojan-GameThief.Win32.MultiFirst.ah C:\WINDOWS\system32\System.exe 7.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uiwr C:\WINDOWS\system32\gccpaoel.dll 46 KB
Infected: Trojan program Trojan.Win32.Agent.bgnk C:\WINDOWS\system32\fcggofbn.dll 40 KB
Infected: Trojan program Trojan-Dropper.Win32.Agent.adwb C:\WINDOWS\Temp\~0a2d58.~~~ 28.5 KB
Infected: Trojan program Trojan-PSW.Win32.Delf.dea C:\Documents and Settings\HD\Local Settings\Temp\element.dll 35.4 KB
Infected: Trojan program Trojan-Downloader.Win32.Small.yvn C:\WINDOWS\Fonts\Framdee.ttf 9.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uhbb C:\WINDOWS\system32\geklddoj.dll 240 KB
Infected: Trojan program Trojan-Downloader.Win32.Agent.yuv c:\program files\messenger\msgmr.dll 15.5 KB
Infected: Trojan program Trojan-Dropper.Win32.Agent.aejk C:\WINDOWS\Temp\~0a19e0.~~~ 31 KB
Infected: Trojan program Trojan-Downloader.Win32.Small.aacq C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\WHIR4XY3\update[1].gif 10.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpc C:\WINDOWS\system32\ddedkeoo.dll 240 KB
Infected: Trojan program Trojan.Win32.Qhost.kmd C:\WINDOWS\Update.dll 232 KB
Infected: Trojan program Trojan.Win32.Agent.amdi C:\WINDOWS\system32\ntos.exe 350.5 KB
Infected: Trojan program Trojan-Downloader.Win32.Murlo.nn C:\WINDOWS\Temp\wmsetup.dll 5.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpi C:\Documents and Settings\HD\Local Settings\Temp\mirlinit.dat 13.4 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ujrl C:\WINDOWS\system32\fcbgckdl.dll 29 KB
Infected: Trojan program Trojan-Downloader.Win32.Murlo.nn C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\934GO2JD\gbu[21].gif 5.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ubsp C:\WINDOWS\system32\HBmhly.dll 19.5 KB
Infected: Trojan program Trojan-Dropper.Win32.Agent.aepo C:\WINDOWS\Temp\26.exe 20.6 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ujug C:\WINDOWS\system32\nidaiolj.dll 240 KB
Infected: Trojan program Trojan-GameThief.Win32.WOW.eih C:\WINDOWS\Temp\WowInitcode.dat 23 KB
Infected: Trojan program Trojan.Win32.SmallGame.bn C:\WINDOWS\system32\HBZHUXIAN.dll 24 KB
Infected: Trojan program Trojan.Win32.SmallGame.bz C:\WINDOWS\system32\HBWULIN2.dll 24 KB
Infected: Trojan program Trojan.Win32.SmallGame.bp C:\WINDOWS\system32\HBSHQ.dll 24 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.ufmu C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*******.IE5\4PMBG9UF\04[1].exe 11.4 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uiwo C:\WINDOWS\system32\khcdmhoi.dll 240 KB
Infected: Trojan program Trojan-Dropper.Win32.Agent.aejk C:\WINDOWS\Temp\~0a07b0.~~~ 32.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uhvp C:\WINDOWS\system32\glfcegbc.dll 240 KB
Infected: Trojan program Trojan-Downloader.Win32.Murlo.nn C:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll 5.5 KB
Infected: Trojan program Trojan-Downloader.Win32.Agent.atpy C:\WINDOWS\system32\oleadp.dll 21.5 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uhce C:\WINDOWS\system32\cocgnckn(2).dll 40 KB
Infected: Trojan program Trojan.Win32.Agent.amol C:\WINDOWS\MKMKrnl.dll 10 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpg C:\WINDOWS\system32\obogkolh.dll 36 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.bkpf C:\WINDOWS\system32\lkdjpcnn.dll 240 KB
Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uhce C:\WINDOWS\system32\aglpppfm.dll 40 KB


و هذا تقرير الهايجاك بعد تطبيق أداة الاخ العزيز في المشاركة السابقة :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:10:57 م, on 16/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\HD\Desktop\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: UserInit=userinit.exe ,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderAdvise - {97421d0d-e07f-40df-8f07-99597b9585ad} - (no file)
O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: is-I2BO6.lnk = C:\Documents and Settings\HD\Desktop\Virus Removal Tool\is-I2BO6\startup.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: add to amv converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: mediamanager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: gnbcmgcp.dll,khcdmhoi.dll,ahnhefmg.dll,nkcndbnm.dll,depfjjnn.dll,fcggofbn.dll,nidaiolj.dll,geklddoj.dll,ddedkeoo.dll,mdhlhabp.dll,lkdjpcnn.dll,abnjmoij.dll,aglpppfm.dll,obogkolh.dll,fcbgckdl.dll,hbmhly.dll,hbshq.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,jcjjnnfa.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,glfcegbc.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,gccpaoel.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,HBmhly.dll,HBSHQ.dll,HBWULIN2.dll,HBZHUXIAN.dll,HBCHIBI.dll,pdhonaog.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O21 - SSODL: 1C9375DB - {1C9375DB-93A1-4644-80F9-5B75E0EEDCC6} - C:\WINDOWS\system32\hcpjnldb.dll (file missing)
O21 - SSODL: E8F893C5 - {E8F893C5-6187-4FD5-BF51-DA060DCF15A9} - C:\WINDOWS\system32\eofopjcl.dll (file missing)
O21 - SSODL: C3BC90D4 - {C3BC90D4-412D-47A9-A3B5-B11DAEF9C496} - C:\WINDOWS\system32\cjbcpgdk.dll (file missing)
O21 - SSODL: FBDA1790 - {FBDA1790-F810-4CF7-A354-5670AF32B6AD} - C:\WINDOWS\system32\fbdahnpg.dll (file missing)
O21 - SSODL: AB736823 - {AB736823-3D1F-42B2-AD67-FDA376C1345B} - C:\WINDOWS\system32\abnjmoij.dll (file missing)
O21 - SSODL: A171EF60 - {A171EF60-89D6-4C15-BD7B-C9A145EDD53E} - C:\WINDOWS\system32\ahnhefmg.dll
O21 - SSODL: 6D151AB9 - {6D151AB9-8295-4819-9525-53DE3EE1D3CB} - C:\WINDOWS\system32\mdhlhabp.dll (file missing)
O21 - SSODL: 0CC9A8E5 - {0CC9A8E5-747B-49E1-AA6B-E64EF96C567D} - C:\WINDOWS\system32\gccpaoel.dll (file missing)
O21 - SSODL: 74C7DB76 - {74C7DB76-7505-4934-8C04-58439D101425} - C:\WINDOWS\system32\nkcndbnm.dll (file missing)
O21 - SSODL: DDED4E88 - {DDED4E88-5CD0-4615-B3BA-EBAFE58DC4A5} - C:\WINDOWS\system32\ddedkeoo.dll (file missing)
O21 - SSODL: 0E45DD83 - {0E45DD83-03E6-4BFD-A5CA-5093E8B54667} - C:\WINDOWS\system32\geklddoj.dll (file missing)
O21 - SSODL: 54D39C77 - {54D39C77-CE20-41C8-9280-E58A6C063231} - C:\WINDOWS\system32\lkdjpcnn.dll (file missing)
O21 - SSODL: 41CD6182 - {41CD6182-19BB-4493-8495-F8CD733386AD} - C:\WINDOWS\system32\khcdmhoi.dll (file missing)
O21 - SSODL: FCB0C4D5 - {FCB0C4D5-1F94-4C35-A5C2-5F6388EF2BBF} - C:\WINDOWS\system32\fcbgckdl.dll (file missing)
O21 - SSODL: 8B804851 - {8B804851-76B0-4C75-ADB3-22CC0FF9CAB7} - C:\WINDOWS\system32\obogkolh.dll (file missing)
O21 - SSODL: 07BC60C9 - {07BC60C9-67D6-482D-9DC9-29600C735CA0} - C:\WINDOWS\system32\gnbcmgcp.dll
O21 - SSODL: A05999F6 - {A05999F6-C7F4-43FE-809C-F1DEA2ED37DE} - C:\WINDOWS\system32\aglpppfm.dll (file missing)
O21 - SSODL: 05FCE0BC - {05FCE0BC-CD1F-4171-840F-7741EB71618A} - C:\WINDOWS\system32\glfcegbc.dll (file missing)
O21 - SSODL: 3C3377FA - {3C3377FA-FF22-4029-9975-DF8CCBA8ECA2} - C:\WINDOWS\system32\jcjjnnfa.dll (file missing)
O21 - SSODL: DE9F3377 - {DE9F3377-E652-4B15-B675-209ED0C223EF} - C:\WINDOWS\system32\depfjjnn.dll
O21 - SSODL: 9D187A80 - {9D187A80-6D23-4725-A134-EC732CD8817D} - C:\WINDOWS\system32\pdhonaog.dll (file missing)
O21 - SSODL: 72DA2853 - {72DA2853-9931-44F0-8ABF-47B47291CCB0} - C:\WINDOWS\system32\nidaiolj.dll (file missing)
O21 - SSODL: FC008FB7 - {FC008FB7-B97C-4282-84E3-98AAB6A39588} - C:\WINDOWS\system32\fcggofbn.dll (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer (servicelayer) - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8147 bytes
 
تأييد 0
طيب يا الغلاا ,, اعمل التالي الأن في الوضع الأمن



شوف ياغالي ,,, حمل هذه الاداة ,,
واتبع الشرح التالي ,, لتنظيف جهازك من هذه الدعايات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,

رابط تحميل آخر تحديث للاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



شرح الاستخدام ,,,,,,
قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

000.png





001.png





002.png





003.png





004.png





005.png




بعد ما تخلص عطني تقرير هذه الأداة وتقرير هايجاك جديد



بالأنتظار
 
توقيع : AbOdy
تأييد 0
حملت الاداة و لما جيت اشغلها في الوضع الآمن و الوضع العادي ظهرت لي هالنافذة

zyzoom-7b3000266f.jpg


بعدها :

zyzoom-f77ddf092b.jpg


ولو تركتها ما يتغير شي ولو ضغطت على اي كلمة تختفي كلها :?:!
 
تأييد 0
طيب يا الغلاا ,,

هذا من اعراض الفايروس ,,

نزل هذه الأداة لتنظيف الجهاز من الملفات المؤقته ,,

نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

002.png





بعدين ارجع حمل الأداة من هالرابط ,,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



وجرب شغلها مرة اخرى ,,

بالأنتظار لعمل المطلوب
 
توقيع : AbOdy
تأييد 0
اهلين اخ عبودي
سويت كل اللي قلت لي و فعلا البرنامج اشتغل ونظف الملفات كلها
لكن برنامج SmitfraudFix يطلع لي نفس اول مرة يعني ما تغير شيء !
الزد شير مو راضي يحمل معي , لكن هو نفس البرنامج صح ؟
هذا تقرير جديد لعل و عسى فرق شي :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:44:08 م, on 16/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Documents and Settings\HD\Desktop\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: UserInit=userinit.exe ,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderAdvise - {97421d0d-e07f-40df-8f07-99597b9585ad} - (no file)
O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKLM\..\Run: [avg8_tray] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: add to amv converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: mediamanager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: gnbcmgcp.dll,khcdmhoi.dll,ahnhefmg.dll,nkcndbnm.dll,depfjjnn.dll,fcggofbn.dll,nidaiolj.dll,geklddoj.dll,ddedkeoo.dll,mdhlhabp.dll,lkdjpcnn.dll,abnjmoij.dll,aglpppfm.dll,obogkolh.dll,fcbgckdl.dll,hbmhly.dll,hbshq.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,jcjjnnfa.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,glfcegbc.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,gccpaoel.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,HBmhly.dll,HBSHQ.dll,HBWULIN2.dll,HBZHUXIAN.dll,HBCHIBI.dll,pdhonaog.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O21 - SSODL: 1C9375DB - {1C9375DB-93A1-4644-80F9-5B75E0EEDCC6} - C:\WINDOWS\system32\hcpjnldb.dll (file missing)
O21 - SSODL: E8F893C5 - {E8F893C5-6187-4FD5-BF51-DA060DCF15A9} - C:\WINDOWS\system32\eofopjcl.dll (file missing)
O21 - SSODL: C3BC90D4 - {C3BC90D4-412D-47A9-A3B5-B11DAEF9C496} - C:\WINDOWS\system32\cjbcpgdk.dll (file missing)
O21 - SSODL: FBDA1790 - {FBDA1790-F810-4CF7-A354-5670AF32B6AD} - C:\WINDOWS\system32\fbdahnpg.dll (file missing)
O21 - SSODL: AB736823 - {AB736823-3D1F-42B2-AD67-FDA376C1345B} - C:\WINDOWS\system32\abnjmoij.dll (file missing)
O21 - SSODL: A171EF60 - {A171EF60-89D6-4C15-BD7B-C9A145EDD53E} - C:\WINDOWS\system32\ahnhefmg.dll
O21 - SSODL: 6D151AB9 - {6D151AB9-8295-4819-9525-53DE3EE1D3CB} - C:\WINDOWS\system32\mdhlhabp.dll (file missing)
O21 - SSODL: 0CC9A8E5 - {0CC9A8E5-747B-49E1-AA6B-E64EF96C567D} - C:\WINDOWS\system32\gccpaoel.dll (file missing)
O21 - SSODL: 74C7DB76 - {74C7DB76-7505-4934-8C04-58439D101425} - C:\WINDOWS\system32\nkcndbnm.dll (file missing)
O21 - SSODL: DDED4E88 - {DDED4E88-5CD0-4615-B3BA-EBAFE58DC4A5} - C:\WINDOWS\system32\ddedkeoo.dll (file missing)
O21 - SSODL: 0E45DD83 - {0E45DD83-03E6-4BFD-A5CA-5093E8B54667} - C:\WINDOWS\system32\geklddoj.dll (file missing)
O21 - SSODL: 54D39C77 - {54D39C77-CE20-41C8-9280-E58A6C063231} - C:\WINDOWS\system32\lkdjpcnn.dll (file missing)
O21 - SSODL: 41CD6182 - {41CD6182-19BB-4493-8495-F8CD733386AD} - C:\WINDOWS\system32\khcdmhoi.dll (file missing)
O21 - SSODL: FCB0C4D5 - {FCB0C4D5-1F94-4C35-A5C2-5F6388EF2BBF} - C:\WINDOWS\system32\fcbgckdl.dll (file missing)
O21 - SSODL: 8B804851 - {8B804851-76B0-4C75-ADB3-22CC0FF9CAB7} - C:\WINDOWS\system32\obogkolh.dll (file missing)
O21 - SSODL: 07BC60C9 - {07BC60C9-67D6-482D-9DC9-29600C735CA0} - C:\WINDOWS\system32\gnbcmgcp.dll
O21 - SSODL: A05999F6 - {A05999F6-C7F4-43FE-809C-F1DEA2ED37DE} - C:\WINDOWS\system32\aglpppfm.dll (file missing)
O21 - SSODL: 05FCE0BC - {05FCE0BC-CD1F-4171-840F-7741EB71618A} - C:\WINDOWS\system32\glfcegbc.dll (file missing)
O21 - SSODL: 3C3377FA - {3C3377FA-FF22-4029-9975-DF8CCBA8ECA2} - C:\WINDOWS\system32\jcjjnnfa.dll (file missing)
O21 - SSODL: DE9F3377 - {DE9F3377-E652-4B15-B675-209ED0C223EF} - C:\WINDOWS\system32\depfjjnn.dll
O21 - SSODL: 9D187A80 - {9D187A80-6D23-4725-A134-EC732CD8817D} - C:\WINDOWS\system32\pdhonaog.dll (file missing)
O21 - SSODL: 72DA2853 - {72DA2853-9931-44F0-8ABF-47B47291CCB0} - C:\WINDOWS\system32\nidaiolj.dll (file missing)
O21 - SSODL: FC008FB7 - {FC008FB7-B97C-4282-84E3-98AAB6A39588} - C:\WINDOWS\system32\fcggofbn.dll (file missing)
O21 - SSODL: msnmsg - {DA191DE0-AA86-4ED0-4B87-293D48B2AE99} - C:\Program Files\Messenger\msgmr.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer (servicelayer) - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8239 bytes
 
تأييد 0
الاصابة لم تحذف

حمل الاداة من هذا الموضوع
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها واختر خيار التنظيف

واصبر حتى تنتهي لوحدها ويخرج التقرير
ارفع التقرير على مركز الرفع وارفقه بمشاركتك القادمة
 
تأييد 0
ان شاءالله . سأعود بعد تنفيذ المطلوب بإذن الله
 
تأييد 0
بالأنتظار يا الغالي
 
توقيع : AbOdy
تأييد 0
يعطيكم العافية هذا تقرير المكافي بعد الفحص :

Engine Version : 5300.2777
Engine Load Time : 45297 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

Memory : Clean
Please wait ... building list of critical files to scan
File : C:\DOCUME~1\HD\Desktop\VIRUSR~1\is-I2BO6\startup.exe : contains "Trojan" called "Generic PWS.y" (No Action Taken )
File : C:\Program Files\Messenger\msgmr.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
File : C:\WINDOWS\system32\actxprxy.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
Critical : Infected
Scanning the computer's ****** directories
******s : Clean
c:\hiberfil.sys : Scan Failed
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\All Users\Application Data\avg8\AvgAm\avgam.lck : Scan Failed
c:\Documents and Settings\HD\ntuser.dat : Scan Failed
c:\Documents and Settings\HD\ntuser.dat.LOG : Scan Failed
File : c:\Documents and Settings\HD\Desktop\Virus Removal Tool\is-I2BO6\startup.exe : contains "Trojan" called "Generic PWS.y" (No Action Taken )
c:\Documents and Settings\HD\Desktop\Virus Removal Tool\is-I2BO6\startup.exe : No action taken
c:\Documents and Settings\HD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\HD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\HD\Local Settings\Temp\Perflib_Perfdata_a54.dat : Scan Failed
File : c:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
c:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll : No action taken
c:\Documents and Settings\LocalService\ntuser.dat : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
File : c:\Program Files\Messenger\msgmr.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
c:\Program Files\Messenger\msgmr.dll : No action taken
File : c:\Program Files\Real_SC\opt.exe : contains "Virus" called "W32/Sdbot.worm" (No Action Taken )
c:\Program Files\Real_SC\opt.exe : No action taken
File : c:\WINDOWS\system32\actxprxy.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
c:\WINDOWS\system32\actxprxy.dll : No action taken
File : c:\WINDOWS\system32\oleadp.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
c:\WINDOWS\system32\oleadp.dll : No action taken
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\system32\drivers\fidbox.dat : Scan Failed
c:\WINDOWS\system32\drivers\fidbox.idx : Scan Failed
File : c:\WINDOWS\Temp\wmsetup.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
c:\WINDOWS\Temp\wmsetup.dll : No action taken
Scanning the registry
Registry : Clean

Summary :-
FilesFound : 34627
FilesScanned : 19616
FilesNotScanned : 15011

******sFound : 70649
******sInfected : 10
******sCleaned : 0
******sDeleted : 0

FilesInfected : 7
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 01:16:46 ص 17 يناير, 2009
Ended at : 01:50:25 ص 17 يناير, 2009
Duration : 33 minutes 38 seconds
3437 MB scanned in 2018 seconds = 1744 KB/s
Engine Version : 5300.2777
Engine Load Time : 46078 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

File : d:\Virus Removal Tool\is-I2BO6\startup.exe : contains "Trojan" called "Generic PWS.y" (No Action Taken )
d:\Virus Removal Tool\is-I2BO6\startup.exe : No action taken

Summary :-
FilesFound : 2494
FilesScanned : 1891
FilesNotScanned : 603

******sFound : 2546
******sInfected : 1
******sCleaned : 0
******sDeleted : 0

FilesInfected : 1
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 01:51:13 ص 17 يناير, 2009
Ended at : 01:52:00 ص 17 يناير, 2009
Duration : 46 seconds
119 MB scanned in 46 seconds = 2 MB/s
Engine Version : 5300.2777
Engine Load Time : 45844 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP251\A0447728.exe : contains "Trojan" called "Generic Downloader.x" (No Action Taken )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP251\A0447728.exe : No action taken
File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523701.exe : contains "Trojan" called "Generic Dropper" (No Action Taken )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523701.exe : No action taken
File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523702.exe : contains "Trojan" called "Generic.dx" (No Action Taken )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523702.exe : No action taken
File : f:\خاص\m u s i c\Nod اصلي\NOD32.FiX.v2.2.exe : contains "Trojan" called "Generic.dx" (No Action Taken )
f:\خاص\m u s i c\Nod اصلي\NOD32.FiX.v2.2.exe : No action taken

Summary :-
FilesFound : 15768
FilesScanned : 9773
FilesNotScanned : 5995

******sFound : 18730
******sInfected : 4
******sCleaned : 0
******sDeleted : 0

FilesInfected : 4
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 01:52:48 ص 17 يناير, 2009
Ended at : 02:03:44 ص 17 يناير, 2009
Duration : 10 minutes 56 seconds
1912 MB scanned in 656 seconds = 2 MB/s
 
تأييد 0
اخي اختر خيار التنظيف وليس الفحص
 
تأييد 0


يعطيكم الف عافية استاذي ماكس والغالي عبوودي

>>>>> يتفقد احوال الرعية
 
توقيع : فارس الملاك
تأييد 0
متابع للاستفاده
بارك الله فيكم على مجهودكم الاكثر من الرائع
 
تأييد 0
هذا تقرير التنظيف , وعذرا كنت أتصور أن الفحص يعقبه تنظيف من البرنامج :

Engine Version : 5300.2777
Engine Load Time : 78578 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

Memory : Clean
Please wait ... building list of critical files to scan
File : C:\DOCUME~1\HD\Desktop\VIRUSR~1\is-I2BO6\startup.exe : contains "Trojan" called "Generic PWS.y" (Deleted )
File : C:\Program Files\Messenger\msgmr.dll : contains "Trojan" called "Generic Downloader.x" (Deleted )
File : C:\WINDOWS\system32\actxprxy.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken (Clean failed) )
Critical : Repair Failed
Scanning the computer's ****** directories
******s : Clean
c:\hiberfil.sys : Scan Failed
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\All Users\Application Data\avg8\AvgAm\avgam.lck : Scan Failed
c:\Documents and Settings\HD\ntuser.dat : Scan Failed
c:\Documents and Settings\HD\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\HD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\HD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\HD\Local Settings\Temp\Perflib_Perfdata_d44.dat : Scan Failed
File : c:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll : contains "Trojan" called "Generic Downloader.x" (Deleted )
c:\Documents and Settings\HD\Local Settings\Temp\wmsetup.dll : Deleted
c:\Documents and Settings\LocalService\ntuser.dat : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
File : c:\Program Files\Real_SC\opt.exe : contains "Virus" called "W32/Sdbot.worm" (Deleted )
c:\Program Files\Real_SC\opt.exe : Deleted
File : c:\WINDOWS\system32\actxprxy.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken (Clean failed) )
c:\WINDOWS\system32\actxprxy.dll : Repair Failed
File : c:\WINDOWS\system32\oleadp.dll : contains "Trojan" called "Generic Downloader.x" (No Action Taken (Clean failed) )
c:\WINDOWS\system32\oleadp.dll : Repair Failed
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\system32\drivers\fidbox.dat : Scan Failed
c:\WINDOWS\system32\drivers\fidbox.idx : Scan Failed
File : c:\WINDOWS\Temp\wmsetup.dll : contains "Trojan" called "Generic Downloader.x" (Deleted )
c:\WINDOWS\Temp\wmsetup.dll : Deleted
Scanning the registry
Registry : Clean

Summary :-
FilesFound : 34625
FilesScanned : 19641
FilesNotScanned : 14984

******sFound : 70701
******sInfected : 8
******sCleaned : 0
******sDeleted : 5

FilesInfected : 5
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 3

Started at : 10:55:57 ص 17 يناير, 2009
Ended at : 11:32:26 ص 17 يناير, 2009
Duration : 36 minutes 28 seconds
3438 MB scanned in 2188 seconds = 1609 KB/s
Engine Version : 5300.2777
Engine Load Time : 46906 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

File : d:\Virus Removal Tool\is-I2BO6\startup.exe : contains "Trojan" called "Generic PWS.y" (Deleted )
d:\Virus Removal Tool\is-I2BO6\startup.exe : Deleted

Summary :-
FilesFound : 2494
FilesScanned : 1891
FilesNotScanned : 603

******sFound : 2546
******sInfected : 1
******sCleaned : 0
******sDeleted : 1

FilesInfected : 1
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 1

Started at : 11:33:15 ص 17 يناير, 2009
Ended at : 11:34:03 ص 17 يناير, 2009
Duration : 47 seconds
119 MB scanned in 47 seconds = 2 MB/s
Engine Version : 5300.2777
Engine Load Time : 46172 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 11 يناير, 2009
Extra DAT : 0 detections

File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP251\A0447728.exe : contains "Trojan" called "Generic Downloader.x" (Deleted )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP251\A0447728.exe : Deleted
File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523701.exe : contains "Trojan" called "Generic Dropper" (Deleted )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523701.exe : Deleted
File : f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523702.exe : contains "Trojan" called "Generic.dx" (Deleted )
f:\System Volume Information\_restore{AF5F31F6-5D50-472B-873B-F0699C8BBD2D}\RP267\A0523702.exe : Deleted
File : f:\خاص\m u s i c\Nod اصلي\NOD32.FiX.v2.2.exe : contains "Trojan" called "Generic.dx" (Deleted )
f:\خاص\m u s i c\Nod اصلي\NOD32.FiX.v2.2.exe : Deleted

Summary :-
FilesFound : 15768
FilesScanned : 9773
FilesNotScanned : 5995

******sFound : 18730
******sInfected : 4
******sCleaned : 0
******sDeleted : 4

FilesInfected : 4
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 4

Started at : 11:34:51 ص 17 يناير, 2009
Ended at : 11:45:51 ص 17 يناير, 2009
Duration : 11 minutes 0 seconds
1912 MB scanned in 660 seconds = 2 MB/s
 
تأييد 0

الحين عطنا تقرير هايجاك لاهنت
 
توقيع : فارس الملاك
تأييد 0
بالأنتظار
 
توقيع : AbOdy
تأييد 0
تفضلوا :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:25:30 م, on 17/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cmd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HD\Desktop\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: UserInit=userinit.exe ,C:\WINDOWS\system32\ntos.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderAdvise - {97421d0d-e07f-40df-8f07-99597b9585ad} - (no file)
O2 - BHO: AVG Security Toolbar - {a057a204-bacc-4d26-9990-79a187e2698e} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [HBService32] System.exe
O4 - HKLM\..\Run: [avg8_tray] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: add to amv converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: mediamanager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{34343FBC-D32A-468B-B6FE-2824C643CEE1}: NameServer = 195.226.228.72 195.226.228.74
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: gnbcmgcp.dll,khcdmhoi.dll,ahnhefmg.dll,nkcndbnm.dll,depfjjnn.dll,fcggofbn.dll,nidaiolj.dll,geklddoj.dll,ddedkeoo.dll,mdhlhabp.dll,lkdjpcnn.dll,abnjmoij.dll,aglpppfm.dll,obogkolh.dll,fcbgckdl.dll,hbmhly.dll,hbshq.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,jcjjnnfa.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,glfcegbc.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,gccpaoel.dll,hbmhly.dll,hbshq.dll,hbwulin2.dll,hbzhuxian.dll,hbchibi.dll,HBmhly.dll,HBSHQ.dll,HBWULIN2.dll,HBZHUXIAN.dll,HBCHIBI.dll,pdhonaog.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O21 - SSODL: 1C9375DB - {1C9375DB-93A1-4644-80F9-5B75E0EEDCC6} - C:\WINDOWS\system32\hcpjnldb.dll (file missing)
O21 - SSODL: E8F893C5 - {E8F893C5-6187-4FD5-BF51-DA060DCF15A9} - C:\WINDOWS\system32\eofopjcl.dll (file missing)
O21 - SSODL: C3BC90D4 - {C3BC90D4-412D-47A9-A3B5-B11DAEF9C496} - C:\WINDOWS\system32\cjbcpgdk.dll (file missing)
O21 - SSODL: FBDA1790 - {FBDA1790-F810-4CF7-A354-5670AF32B6AD} - C:\WINDOWS\system32\fbdahnpg.dll (file missing)
O21 - SSODL: AB736823 - {AB736823-3D1F-42B2-AD67-FDA376C1345B} - C:\WINDOWS\system32\abnjmoij.dll (file missing)
O21 - SSODL: A171EF60 - {A171EF60-89D6-4C15-BD7B-C9A145EDD53E} - C:\WINDOWS\system32\ahnhefmg.dll
O21 - SSODL: 6D151AB9 - {6D151AB9-8295-4819-9525-53DE3EE1D3CB} - C:\WINDOWS\system32\mdhlhabp.dll (file missing)
O21 - SSODL: 0CC9A8E5 - {0CC9A8E5-747B-49E1-AA6B-E64EF96C567D} - C:\WINDOWS\system32\gccpaoel.dll (file missing)
O21 - SSODL: 74C7DB76 - {74C7DB76-7505-4934-8C04-58439D101425} - C:\WINDOWS\system32\nkcndbnm.dll (file missing)
O21 - SSODL: DDED4E88 - {DDED4E88-5CD0-4615-B3BA-EBAFE58DC4A5} - C:\WINDOWS\system32\ddedkeoo.dll (file missing)
O21 - SSODL: 0E45DD83 - {0E45DD83-03E6-4BFD-A5CA-5093E8B54667} - C:\WINDOWS\system32\geklddoj.dll (file missing)
O21 - SSODL: 54D39C77 - {54D39C77-CE20-41C8-9280-E58A6C063231} - C:\WINDOWS\system32\lkdjpcnn.dll (file missing)
O21 - SSODL: 41CD6182 - {41CD6182-19BB-4493-8495-F8CD733386AD} - C:\WINDOWS\system32\khcdmhoi.dll (file missing)
O21 - SSODL: FCB0C4D5 - {FCB0C4D5-1F94-4C35-A5C2-5F6388EF2BBF} - C:\WINDOWS\system32\fcbgckdl.dll (file missing)
O21 - SSODL: 8B804851 - {8B804851-76B0-4C75-ADB3-22CC0FF9CAB7} - C:\WINDOWS\system32\obogkolh.dll (file missing)
O21 - SSODL: 07BC60C9 - {07BC60C9-67D6-482D-9DC9-29600C735CA0} - C:\WINDOWS\system32\gnbcmgcp.dll
O21 - SSODL: A05999F6 - {A05999F6-C7F4-43FE-809C-F1DEA2ED37DE} - C:\WINDOWS\system32\aglpppfm.dll (file missing)
O21 - SSODL: 05FCE0BC - {05FCE0BC-CD1F-4171-840F-7741EB71618A} - C:\WINDOWS\system32\glfcegbc.dll (file missing)
O21 - SSODL: 3C3377FA - {3C3377FA-FF22-4029-9975-DF8CCBA8ECA2} - C:\WINDOWS\system32\jcjjnnfa.dll (file missing)
O21 - SSODL: DE9F3377 - {DE9F3377-E652-4B15-B675-209ED0C223EF} - C:\WINDOWS\system32\depfjjnn.dll
O21 - SSODL: 9D187A80 - {9D187A80-6D23-4725-A134-EC732CD8817D} - C:\WINDOWS\system32\pdhonaog.dll (file missing)
O21 - SSODL: 72DA2853 - {72DA2853-9931-44F0-8ABF-47B47291CCB0} - C:\WINDOWS\system32\nidaiolj.dll (file missing)
O21 - SSODL: FC008FB7 - {FC008FB7-B97C-4282-84E3-98AAB6A39588} - C:\WINDOWS\system32\fcggofbn.dll (file missing)
O21 - SSODL: msnmsg - {DA191DE0-AA86-4ED0-4B87-293D48B2AE99} - (no file)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer (servicelayer) - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8511 bytes
 
تأييد 0
لاحظت من أمس حدوث مشاكل صغيرة , مثلا لا أستطيع فتح رابط عبر رايت كلك و فتح في نافذة جديدة
كذلك اختفت ايقونة اللغة من التاسك بار !
: (
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى