• بادئ الموضوع بادئ الموضوع maya99
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,023

maya99

زيزوومى متألق
إنضم
11 يونيو 2008
المشاركات
298
مستوى التفاعل
30
النقاط
370
غير متصل
استعمل برنامج الحماية( )نزلت عدة ادواة من هذا المنتدى للقضاء على الفيروسات ولكن دون جدوى هل محركات البحث عندي مصابة؟ وكيف انظف الحاسوب بشكل جيد؟ هذا جزء من بعض الفيروسات التي تصيبني وشكرا لكم سلفا.
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[1].txt Deleted 04/01/2009, 19.38.13 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Found Tracking ******.Statcounter C:\Documents and Settings\Windows\******s\windows@statcounter[2].txt Deleted 04/01/2009, 19.38.13 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Trojan horse SHeur2.JHJ F:\برامج صوت + صورة\Software.KMPlayer.2.9.4.1434.Multilanguage.(Portable).exe Reboot is required to finish the action 05/01/2009, 17.48.41 file C:\Programmi\Mozilla Firefox\firefox.exe
Trojan horse SHeur2.JHJ F:\برامج صوت + صورة\Software.KMPlayer.2.9.4.1434.Multilanguage.(Portable).exe Moved to Virus Vault 05/01/2009, 17.52.28 file C:\Programmi\Mozilla Firefox\firefox.exe
Found Tracking ******.Adbrite C:\Documents and Settings\Windows\******s\windows@adbrite[2].txt Deleted 05/01/2009, 20.13.02 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Found Tracking ******.Yieldmanager C:\Documents and Settings\Windows\******s\windows@ad.yieldmanager[1].txt Deleted 07/01/2009, 20.26.17 file C:\Documents and Settings\Windows\Documenti\برامج الصيانة\برامج تنظيف الكمبيوتر\برامج تنظيف الكمبيوتر وازالة الاخطاء\Portable CCleaner v2.13.720\CCleaner.exe
Found Tracking ******.Adbrite C:\Documents and Settings\Windows\******s\windows@adbrite[2].txt Deleted 07/01/2009, 20.26.17 file C:\Documents and Settings\Windows\Documenti\برامج الصيانة\برامج تنظيف الكمبيوتر\برامج تنظيف الكمبيوتر وازالة الاخطاء\Portable CCleaner v2.13.720\CCleaner.exe
Found Tracking ******.Yadro C:\Documents and Settings\Windows\******s\windows@yadro[1].txt Deleted 07/01/2009, 20.26.17 file C:\Documents and Settings\Windows\Documenti\برامج الصيانة\برامج تنظيف الكمبيوتر\برامج تنظيف الكمبيوتر وازالة الاخطاء\Portable CCleaner v2.13.720\CCleaner.exe
Virus identified Worm/Generic.QLR C:\Documents and Settings\Windows\Impostazioni locali\Temp\Rar$EX12.672\AutoExtract.exe Moved to Virus Vault 09/01/2009, 15.25.35 file C:\Programmi\WinRAR\WinRAR.exe
Virus identified Worm/Generic.QLR C:\Documents and Settings\Windows\Impostazioni locali\Temp\Rar$EX00.125\AutoExtract.exe Moved to Virus Vault 09/01/2009, 15.39.01 file C:\Programmi\WinRAR\WinRAR.exe
Virus identified Worm/Generic.QLR C:\Documents and Settings\Windows\Impostazioni locali\Temp\Rar$EX22.344\AutoExtract.exe Moved to Virus Vault 09/01/2009, 15.42.05 file C:\Programmi\WinRAR\WinRAR.exe
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[1].txt Deleted 09/01/2009, 17.56.37 file C:\Programmi\Internet Explorer\IEXPLORE.EXE
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[2].txt Deleted 09/01/2009, 18.03.42 file C:\Documents and Settings\Windows\Dati applicazioni\Thinstall\XoftSpySE\400000b900002i\XoftSpy.exe
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[2].txt Deleted 09/01/2009, 21.35.07 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Virus identified Worm/Generic.QLR C:\Documents and Settings\Windows\Impostazioni locali\Temp\Rar$EX00.125\AutoExtract.exe Moved to Virus Vault 09/01/2009, 21.35.09 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Found Tracking ******.Yieldmanager C:\Documents and Settings\Windows\******s\windows@ad.yieldmanager[1].txt Deleted 10/01/2009, 23.02.14 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Found Tracking ******.Yieldmanager C:\Documents and Settings\Windows\******s\windows@ad.yieldmanager[1].txt Deleted 11/01/2009, 18.59.00 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Trojan horse Dropper.Agent.GXX C:\Documents and Settings\Windows\Documenti\برامج الصيانة\tutto hardDisk\tutto harddisk 1-2009\P._PTDD_Partition_Table_Doctor_3.5.exe Moved to Virus Vault 14/01/2009, 18.45.23 file C:\Programmi\Mozilla Firefox\firefox.exe
Trojan horse Dropper.Agent.GXX C:\Documents and Settings\Windows\Documenti\برامج الصيانة\tutto hardDisk\tutto harddisk 1-2009\P._PTDD_Partition_Table_Doctor_3.5.exe Moved to Virus Vault 14/01/2009, 18.45.42 file C:\WINDOWS\Explorer.EXE
Trojan horse Dropper.Agent.GXX C:\Documents and Settings\Windows\Documenti\برامج الصيانة\tutto hardDisk\tutto harddisk 1-2009\P._PTDD_Partition_Table_Doctor_3.5.exe Moved to Virus Vault 14/01/2009, 18.46.30 file C:\WINDOWS\Explorer.EXE
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[2].txt Deleted 18/01/2009, 16.40.58 file C:\Programmi\Internet Explorer\IEXPLORE.EXE
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[2].txt Deleted 18/01/2009, 21.11.37 file C:\Documents and Settings\Windows\Desktop\CCleaner.exe
Found Tracking ******.Yieldmanager C:\Documents and Settings\Windows\******s\windows@ad.yieldmanager[1].txt Deleted 23/01/2009, 23.28.48 file C:\DOCUME~1\Windows\IMPOST~1\Temp\Rar$EX00.360\CCleaner Portable\CCleaner.exe
Found Tracking ******.Atdmt C:\Documents and Settings\Windows\******s\windows@atdmt[1].txt Deleted 24/01/2009, 20.37.01 file C:\Documents and Settings\Windows\Documenti\برامج الحماية\Portable XoftSpySE AntiSpyWare 4.33\Portable XoftSpySE AntiSpyWare 4.33\XoftSpySE.exe
Found Tracking ******.Doubleclick C:\Documents and Settings\Windows\******s\windows@doubleclick[2].txt Deleted 24/01/2009, 21.52.33 file C:\Programmi\CCleaner\CCleaner.exe
 

وعليكم السلام

عطني تقرير للهايجاك


HijackThis1.gif

حمل هذا الآداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
 
توقيع : ابـــو عــبــد الــلــه
جزيل الشكر الى ابو ريما والى جميع اعضاء المنتدى وهذا التقرير.

Logfile of HijackThis v1.99.1
Scan saved at 9.49.03, on 25/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Windows\Documenti\برامج تسريع الانترنت\Portable SpeedConnect Internet Accelerator 7.5\SpeedConnect Internet Accelerator.exe
C:\Programmi\PoivY.com\PoivY\PoivY.exe
C:\Documents and Settings\Windows\Dati applicazioni\Thinstall\SpeedConnect Internet Accelerator v.7.5.COMPANY-D66B\10000002200002i\wmiapsrv.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\DOCUME~1\Windows\IMPOST~1\Temp\Rar$EX01.156\Ad Muncher 4.71 Build 28140 1835\AdMunch.exe
C:\DOCUME~1\Windows\IMPOST~1\Temp\Rar$EX00.562\SMP.EXE
C:\Documents and Settings\Windows\Documenti\محركات البحث\1-2009\اسطورة البحث في الجهاز Portable File Seeker\Portable File Seeker\FSeeker.exe
C:\Documents and Settings\Windows\Documenti\محركات البحث\1-2009\اسطورة البحث في الجهاز Portable File Seeker\Portable File Seeker\FSeekerDBUpdater.exe
C:\Documents and Settings\Windows\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\Windows\Dati applicazioni\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\Windows\Dati applicazioni\CyberScrub\Privacy Suite"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - Unknown owner - C:\Programmi\Hard Drive Inspector\HDDSvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
 
اليك التقرير مرة ثانيةاذا كان ناقص ارشدني على الخطأ وشكرا

Logfile of HijackThis v1.99.1
Scan saved at 10.08.24, on 25/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Windows\Documenti\برامج تسريع الانترنت\Portable SpeedConnect Internet Accelerator 7.5\SpeedConnect Internet Accelerator.exe
C:\Programmi\PoivY.com\PoivY\PoivY.exe
C:\Documents and Settings\Windows\Dati applicazioni\Thinstall\SpeedConnect Internet Accelerator v.7.5.COMPANY-D66B\10000002200002i\wmiapsrv.exe
C:\Programmi\Skype\Phone\Skype.exe
C:\Programmi\Skype\Plugin Manager\skypePM.exe
C:\DOCUME~1\Windows\IMPOST~1\Temp\Rar$EX01.156\Ad Muncher 4.71 Build 28140 1835\AdMunch.exe
C:\DOCUME~1\Windows\IMPOST~1\Temp\Rar$EX00.562\SMP.EXE
C:\Documents and Settings\Windows\Documenti\محركات البحث\1-2009\اسطورة البحث في الجهاز Portable File Seeker\Portable File Seeker\FSeeker.exe
C:\Documents and Settings\Windows\Documenti\محركات البحث\1-2009\اسطورة البحث في الجهاز Portable File Seeker\Portable File Seeker\FSeekerDBUpdater.exe
C:\Documents and Settings\Windows\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmi\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Programmi\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\Windows\Dati applicazioni\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\Windows\Dati applicazioni\CyberScrub\Privacy Suite"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmi\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDD Information Service (HDDSvc) - Unknown owner - C:\Programmi\Hard Drive Inspector\HDDSvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
 
اعمل فحص بالاداة في الوضع الامن


حمل اداة الكاسبر من الرابط التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل

تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير


zyzoom-7ce8879e89.png


zyzoom-cdd75c8aa3.png


zyzoom-89156f000e.png


zyzoom-6d533c4f2e.png


zyzoom-f20f3644d0.png


ثم قم بضغط التقرير ورفعه هنا>>>>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 
توقيع : ابـــو عــبــد الــلــه
عودة
أعلى