رسالة مزعجة من الـ avg

  • بادئ الموضوع بادئ الموضوع sama4u
  • تاريخ البدء تاريخ البدء
  • المشاهدات 2,439
الحالة
مغلق و غير مفتوح للمزيد من الردود.
S

sama4u

زيزوومي جديد
إنضم
3 فبراير 2009
المشاركات
28
مستوى التفاعل
0
النقاط
20
غير متصل
السلام عليكم

قبل فترة حملت برنامج اتضح انه مرفق معه فيروس .. كشفه لي الاي في جي وحذفت الملف قبل
يكمل التحميل وسويت سكان للجهاز كامل على طول.. سويت Heal لكل الملفات بس
صار يطلع لي رسايل كذا لما احاول افتح اي برنامج..

gzquie7v.jpg


هنا انا كنت راح افتح الفوتوشوب ..
مع ان العملية سليمة بس ما ادري ايش الضرر :no:

نزلت الاداة اللي تنصحون فيها كل اللي دخلوا هالقسم
وسويت فيها مسح .. بس مافي فايده

سويت مسح للجهاز ببرنامج Ad aware

ومسح ثاني Malaware byte

والحين حملت TuneUp Utilities
وبروح انظفه ..

من بعد السالفه هذي خرب عندي Media Player Classic وصار يطلع لي رسالة خطأ اذا
حاولت افتح فيه اي ملف.. حذفته ونزلت نسخة ثانية برضو نفس المشكلة :(

هل يمكن ان الفيروس ضرر جهازي ؟؟؟؟؟؟؟ :no:
ووشلون احذفه ؟؟ لاني احس انه الى الآن فيه بقايا :f:
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
ارفع تقرير هايجاك
 

تأييد 0
هذا التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:28:08 م, on 05/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Documents and Settings\nesnas\سطح المكتب\ادوات ازالة الفيروسات\Zyzoom_HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: IEVkbdBHO - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\TrayServer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download all links with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: Download FLV video ******* with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEExt.htm
O9 - Extra button: Web traffic protection statistics - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 8251 bytes
 
تأييد 0
هل انت متأكد من عدم وجود بروكسي بالمتصفح ؟
اذا موجود الغيه وجرب التحديث للكاسبر
 
تأييد 0
لا مافيه بروكسي بالمتصفح..
وجدار الحماية معطل .. لكن مع ذلك اضفت الكاسبر للاستثناءات
وبرضو ما في حل.. يمكن مو متوافق مع الاكس بي ؟؟؟؟؟
 
تأييد 0
طيب اعد الحذف مرة ثانية ولكن من الوضع الامن
واستخدم الاداة بالحذف

ثم اعد التشغيل وارفع تقرير ولا تثبته حتى اقولك

طريقة تشغيل الجهاز في الوضع الأمن



عند تشغيل الجهاز تبدأ بالضغط على F8


بشكل متكرر حتى تظهر هذه الشاشة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
التعديل الأخير بواسطة المشرف:
تأييد 0
اوكي رايح اجرب .. وان شاء الله يضبط..

مافيه خطوة ثانية ؟؟؟ :d
 
تأييد 0
هذا التقرير بعد الحذف من الوضع الآمن ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:22 م, on 05/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\nesnas\سطح المكتب\ادوات ازالة الفيروسات\Zyzoom_HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\TrayServer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download all links with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: Download FLV video ******* with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEExt.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 7377 bytes
 
تأييد 0
ودي انك تطبق هذا الشرح

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبعد الانتهاء حمل نسخة جديدة من الكاسبر
 
تأييد 0
والله الدرس طويل ..
يمكن المشكلة عدم توافق النسخة مع الاكس بي ..

طيب عندك روابط لنسخة جديدة مع المفاتيح ؟
 
تأييد 0
حمل الكاسبر من هذا الرابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


المفاتيح

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شرح التثبيت بالفيديووو

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثم ثبت ملف الاعدادات التالي للكاسبر

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
اول مشكلة وياليل ما اطولك :(

شغلت اول برنامج من الدرس.. وبدل مايطلع لي شاشة سودا .. يطلع لي المفكرة
وش السالفة ؟؟؟؟؟؟؟؟؟

شكلي راح اعدي هالخطوة وابدا بالافيرا ........
 
تأييد 0
sama4u قال:
اول مشكلة وياليل ما اطولك :(

شغلت اول برنامج من الدرس.. وبدل مايطلع لي شاشة سودا .. يطلع لي المفكرة
وش السالفة ؟؟؟؟؟؟؟؟؟

شكلي راح اعدي هالخطوة وابدا بالافيرا ........
أنقر للتوسيع...

يعني واجهة الاداة ما ظهرت ؟
 
تأييد 0
الواجهة طالعه بس لما اضغط على تنظيف يطلع
لي المفكرة .. والمفروض يطلع شاشة سوداء ويبدا ينظف :(
 
تأييد 0
اعد تحميل الادوات على جهاز سليم وانقلها بواسطة سيدي على الجهاز المصاب
 
تأييد 0
الافيرا رفض التثبيت ..
رحت وحملت النسخة الأخيرة من الاي في جي .. (النسخة المجانية)
حدثته وسويت سكان كامل للجهاز.. جيت الصبح مالقى فيه شي..

ظل الجهاز يشتغل عادي بس لما اليوم لما جيت افتح الفايرفوكس
قال .. عملية مشبوهة ومطلع لي مسار عملية firefox.exe
احط تجاهل بس ما ينفع .. أخرتها طلعت لي ان عملية services.exe
تم تعطيلها وسيتم ايقاف تشغيل الجهاز ..

لما يعيد التشغيل يوقف عند رسالة الترحيب وطبعا مافيه عملية services
فـ يطلع لي نفس الرسالة.. ويعيد التشغيل..

فتحت الوضع الآمن وسويت سكان بالاي في جي.. وسويت اصلاح بالأدوات اللي
قبل حملتها من هنا.. وسويت اصلاح للريجستري ببرنامج tuneup utitlities
وبرضو ما فيه فايدة

الفيروس اللي يطلع لي اسمه هو Virut.AJ.Dropper

حاولت ابحث عنه في الانترنت بس مالقيت نتيجة :no:

اكيد دخل الفيروس بملفات النظام .. :mad:
 
تأييد 0
حملت أداة حذف الفيروسات من الكاسبر وقاعد الحين يفحص
وطلع لي ان فيه تروجان اسمه
Trojan.Win32.Patched.bb

بانتظار اكمال الفحص .. والله يستر
 
تأييد 0
اخي الى الان لم تزودني باي تقرير
الرجاء تزويدي بتقرير المكافي على الاقل
وانتظر تقرير الكاسبر ايضا
 
تأييد 0
الكاسبر لسى يشتغل .. ما بعد خلص
لما يخلص راح ارفع لك تقرير..
والمكافي مع الافيرا راح اشغلهم بعد مايخلص الكاسبر من الفحص
وان شاء الله بعون الله يشتغل ..
 
تأييد 0
هذا تقرير الكاسبر..

Scan
[FONT=Courier New (Arabic)]----
[/FONT]Scanned:[FONT=Courier New (Arabic)] 804492
[/FONT]Detected:[FONT=Courier New (Arabic)] 24
[/FONT]Untreated:[FONT=Courier New (Arabic)] 1
[/FONT]Start time:[FONT=Courier New (Arabic)] 12/02/1430 12:57:05 م
[/FONT]Duration:[FONT=Courier New (Arabic)] 05:08:31
[/FONT]Finish time:[FONT=Courier New (Arabic)] 12/02/1430 06:05:36 م

[/FONT]Detected
[FONT=Courier New (Arabic)]--------
[/FONT]Status[FONT=Courier New (Arabic)] [/FONT]Object
[FONT=Courier New (Arabic)]------ ------
[/FONT]will be disinfected when the computer is restarted: Trojan program Trojan.Win32.Patched.bb[FONT=Courier New (Arabic)] [/FONT]File: C:\WINDOWS\system32\USER32.dll
deleted: riskware not-a-virus:Monitor.Win32.007SpySoft.342[FONT=Courier New (Arabic)] [/FONT]File: C:\Documents and Settings\nesnas\My Documents\docys\007SpySoftware.zip/007SpySoftware/007Spy Software v3.04.exe//data0002
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\Program Files\TuneUp Utilities 2006\PMLauncher.exe//PE_Patch
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\Program Files\TuneUp Utilities 2006\SystemControl.exe
deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004467.exe//stream//data0371//PE_Patch.UPX//UPX//vnchooks.dll
detected: riskware not-a-virus:Client-IRC.Win32.mIRC.63[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004468.msi//disk1.cab/mirc.exe
deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004534.exe//PE_Patch.UPX//UPX
deleted: malware HackTool.Win32.Agent.hq[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004969.exe
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005035.exe
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005036.exe//PE_Patch
quarantined: new threat Type_Win32 (modification)[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005037.exe
disinfected: Trojan program Trojan.Win32.Patched.bb[FONT=Courier New (Arabic)] [/FONT]File: C:\WINDOWS\system32\uqkagt
disinfected: Trojan program Trojan.Win32.Patched.bb[FONT=Courier New (Arabic)] [/FONT]File: C:\WINDOWS\system32\xwbleiit
disinfected: Trojan program Trojan.Win32.Patched.bb[FONT=Courier New (Arabic)] [/FONT]File: C:\WINDOWS\system32\dllcache\user32.dll
deleted: malware HackTool.Win32.Agent.hq[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\players and others\other[FONT=Courier New (Arabic)]\لكسر الوقت المحدد للبرامج.[/FONT]exe
deleted: Trojan program Trojan-PSW.Win32.QQPass.dio[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\players and others\other\URLs\FullURL2.13.
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\mpp-800-portable.paf.exe//stream//data0371//PE_Patch.UPX//UPX//vnchooks.dll
deleted: riskware not-a-virus:Client-IRC.Win32.mIRC.63[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\PhXTitanium.msi//disk1.cab/mirc.exe
deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\support.exe//PE_Patch.UPX//UPX//vnchooks.dll
disinfected: Trojan program Trojan.Win32.Patched.bb[FONT=Courier New (Arabic)] [/FONT]File: C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005038.dll
deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\mpp-800-portable.paf.exe
deleted: riskware not-a-virus:Client-IRC.Win32.mIRC.63[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\PhXTitanium.msi//disk1.cab
deleted: riskware not-a-virus:RemoteAdmin.Win32.WinVNC-based.c[FONT=Courier New (Arabic)] [/FONT]File: D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\support.exe//PE_Patch.UPX//UPX
[FONT=Courier New (Arabic)]
[/FONT]Events
[FONT=Courier New (Arabic)]------
[/FONT]Time[FONT=Courier New (Arabic)] [/FONT]Name[FONT=Courier New (Arabic)] [/FONT]Status[FONT=Courier New (Arabic)] [/FONT]Reason
[FONT=Courier New (Arabic)]---- ---- ------ ------

[/FONT]Statistics
[FONT=Courier New (Arabic)]----------
[/FONT]Object[FONT=Courier New (Arabic)] [/FONT]Scanned[FONT=Courier New (Arabic)] [/FONT]Detected[FONT=Courier New (Arabic)] [/FONT]Untreated[FONT=Courier New (Arabic)] [/FONT]Deleted[FONT=Courier New (Arabic)] [/FONT]Moved to Quarantine[FONT=Courier New (Arabic)] [/FONT]Archives[FONT=Courier New (Arabic)] [/FONT]Packed files[FONT=Courier New (Arabic)] [/FONT]Password protected[FONT=Courier New (Arabic)] [/FONT]Corrupted
[FONT=Courier New (Arabic)]------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

[/FONT]Settings
[FONT=Courier New (Arabic)]--------
[/FONT]Parameter[FONT=Courier New (Arabic)] [/FONT]Value
[FONT=Courier New (Arabic)]--------- -----
[/FONT]Security Level[FONT=Courier New (Arabic)] [/FONT]Recommended
Action[FONT=Courier New (Arabic)] [/FONT]Prompt for action when the scan is complete
Run mode[FONT=Courier New (Arabic)] [/FONT]Manually
File types[FONT=Courier New (Arabic)] [/FONT]Scan all files
Scan only new and changed files[FONT=Courier New (Arabic)] [/FONT]No
Scan archives[FONT=Courier New (Arabic)] [/FONT]All
Scan embedded OLE objects[FONT=Courier New (Arabic)] [/FONT]All
Skip if object is larger than[FONT=Courier New (Arabic)] [/FONT]No
Skip if scan takes longer than[FONT=Courier New (Arabic)] [/FONT]No
Parse email formats[FONT=Courier New (Arabic)] [/FONT]No
Scan password-protected archives[FONT=Courier New (Arabic)] [/FONT]No
Enable iChecker technology[FONT=Courier New (Arabic)] [/FONT]No
Enable iSwift technology[FONT=Courier New (Arabic)] [/FONT]No
Show detected threats on "Detected" tab[FONT=Courier New (Arabic)] [/FONT]Yes
Rootkits search[FONT=Courier New (Arabic)] [/FONT]Yes
Deep rootkits search[FONT=Courier New (Arabic)] [/FONT]No
Use heuristic analyzer[FONT=Courier New (Arabic)] [/FONT]Yes
[FONT=Courier New (Arabic)]
[/FONT]Quarantine
[FONT=Courier New (Arabic)]----------
[/FONT]Status[FONT=Courier New (Arabic)] [/FONT]Object[FONT=Courier New (Arabic)] [/FONT]Size[FONT=Courier New (Arabic)] [/FONT]Added
[FONT=Courier New (Arabic)]------ ------ ---- -----

[/FONT]Backup
[FONT=Courier New (Arabic)]------
[/FONT]Status[FONT=Courier New (Arabic)] [/FONT]Object[FONT=Courier New (Arabic)] [/FONT]Size
[FONT=Courier New (Arabic)]------ ------ ----
[/FONT]

-------------- وهذا تقرير a-squared

a-squared Free[FONT=Courier New (Arabic)] - نسخة 4.0
آخر تحديث: [/FONT]N/A
[FONT=Courier New (Arabic)]إعدادات الفحص:
العناصر: الذاكرة, الآثار, ملفات إرتباط, [/FONT]C:\, D:\, E[FONT=Courier New (Arabic)]:\
فحص الملفات المضغوطة: تشغيل
المنهج التجريبى : تشغيل
[/FONT]ADS[FONT=Courier New (Arabic)] فحص: تشغيل
بداية الفحص: 07/02/2009 06:38:39 م
[1032] [/FONT]C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1100] [/FONT]C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1140] [/FONT]C:\WINDOWS\System32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1280] [/FONT]C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1316] [/FONT]C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1576] [/FONT]C:\WINDOWS\system32\spoolsv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
[FONT=Courier New (Arabic)][1704] [/FONT]C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
[FONT=Courier New (Arabic)][1892] [/FONT]C:\WINDOWS\system32\wdfmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
[FONT=Courier New (Arabic)][136] [/FONT]C:\WINDOWS\System32\alg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
[FONT=Courier New (Arabic)][528] [/FONT]C:\WINDOWS\Explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
[FONT=Courier New (Arabic)][2240] [/FONT]C:\WINDOWS\system32\wbem\wmiprvse.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
c:\program files\webteh\bsplayer[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Directory.BSplayer!A2
Value: HKEY_USERS\s-1-5-21-1659004503-220523388-682003330-1003\Software\Microsoft\Internet Explorer\MenuExt\Download All Files by HiDownload --> Contexts[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Registry.HiDownload!A2
Value: HKEY_USERS\s-1-5-21-1659004503-220523388-682003330-1003\Software\Microsoft\Internet Explorer\MenuExt\Download by HiDownload --> Contexts[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Registry.HiDownload!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\HiDownload_is1 --> Changed[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Registry.HiDownload!A2
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HiDownload_is1 --> DisplayName[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Registry.HiDownload!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:66[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.doubleclick.net!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:93[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.ads.us.e-planning.net!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:173[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.ads.indiatimes.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:234[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.www7.addfreestats.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:314[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.azjmp.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:315[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.azjmp.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:316[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.azjmp.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:325[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.ads.contactmusic.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:557[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.myspace.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:558[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.myspace.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:559[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.myspace.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:560[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.myspace.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:561[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.myspace.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:562[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.aol.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:563[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.aol.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:585[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.eas.apm.emediate.eu!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:586[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.eas.apm.emediate.eu!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:616[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:617[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.www5.addfreestats.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:744[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.tag.contextweb.com!A2
C:\Documents and Settings\nesnas\Application Data\Mozilla\Firefox\Profiles\wwy83qcy.default\******s.txt:745[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trace.Tracking******.tag.contextweb.com!A2
C:\Documents and Settings\nesnas\My Documents\Photoshop CS-W-ENTER\APCS3ME\Keygen\Keygen.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Small!IK
C:\Documents and Settings\nesnas[FONT=Courier New (Arabic)]\سطح المكتب\ادوات ازالة الفيروسات\[/FONT]klwk.com[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Trojan!IK
C:\Documents and Settings\nesnas[FONT=Courier New (Arabic)]\سطح المكتب\ادوات ازالة الفيروسات\[/FONT]zyzoom-445428c8f8.zip/klwk.com[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Trojan!IK
C:\Program Files\Google\Google Earth\googleearth.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Constructor.Win32.Joiner.bf!IK
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\Program Files\Java\jre1.6.0_07\bin\java.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Bancos.AWF!IK
C:\Program Files\Java\jre1.6.0_07\bin\javacpl.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Bancos.AWF!IK
C:\Program Files\Java\jre1.6.0_07\bin\javaw.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Bancos.AWF!IK
C:\Program Files\Java\jre1.6.0_07\bin\javaws.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Bancos.AWF!IK
C:\Program Files\Macromedia\Flash 8\Players\Debug\SAFlashPlayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\Program Files\Macromedia\Flash 8\Players\Release\SAFlashPlayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\Program Files\Macromedia\Flash 8\Players\SAFlashPlayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\Program Files\Messenger\msmsgs.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Win32.Advertor!IK
C:\Program Files\Movie Maker\moviemk.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\NetMeeting\cb32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\Program Files\Orbitdownloader\Grab.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Email-Worm.Win32.Cheri!IK
C:\Program Files\Outlook Express\wab.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Dropper.Agent!IK
C:\Program Files\Outlook Express\wabmig.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\Program Files\StreamingStar\HiDownload\NPHDL.dll[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Adware.Win32.AdMedia.cc!A2
C:\Program Files\Windows Media Player\mplayer2.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\Program Files\Windows Media Player\setup_wm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\Program Files\Windows Media Player\wmplayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\Program Files\Windows Media Player\wmsetsdk.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\Program Files\Windows NT\Pinball\pinball.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\Program Files\WinRAR\Uninstall.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Win32.PoeBot.A!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000177.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000178.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000181.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000182.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000188.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000190.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000199.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000203.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000207.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Cadoiac.A!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000215.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-PWS.Win32.VB.ER!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000216.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000217.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.DeadCode.b!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000218.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000219.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000220.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virtob!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000221.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Email-Worm.Win32.Tanatos.B!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000228.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000229.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Socks.BA!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000233.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000235.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.8!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000251.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000252.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000255.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000261.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000265.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Dropper.Agent!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000266.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000267.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000270.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000271.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000281.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000282.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000285.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000287.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.8!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000290.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000291.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000295.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000300.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000302.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000303.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000310.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000311.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000341.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000345.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000346.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SillyW.1459!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000351.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000352.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000354.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000357.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0001372.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004504.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004519.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004520.dll[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.BlackCode.a!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004540.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004922.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004938.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0004954.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005008.EXE[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Pigeon!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005011.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Pigeon!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005026.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Small!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005033.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0005215.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Win32.Advertor!IK
C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virtob!IK
C:\WINDOWS\$NtUninstallKB887472$\msmsgs.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Win32.Advertor!IK
C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\SysFiles\12_explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\SysFiles\20_logon.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\SysFiles\26_mspaint.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\SysFiles\34_notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\BricoPacks\SysFiles\35_notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\BricoPacks\SysFiles\48_sndrec32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.DeadCode.b!IK
C:\WINDOWS\BricoPacks\SysFiles\52_sysocmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\BricoPacks\SysFiles\61_wiaacmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Spy.Win32.Banker.bkj!IK
C:\WINDOWS\BricoPacks\SysFiles\67_logonui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\SysFiles\68_iexplore.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\BricoPacks\SysFiles\71_wmplayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.VB.dl!IK
C:\WINDOWS\BricoPacks\SysFiles\7_cmd.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Spy.Win32.Banker.ciy!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\12_explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\20_logon.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\26_mspaint.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\34_notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\35_notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\52_sysocmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\PackFiles\67_logonui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\BricoPacks\Vista Inspirat\ResHacker\ResHacker.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Win32.Cabrotor.10.A!IK
C:\WINDOWS\explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
C:\WINDOWS\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\wordicon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\WINDOWS\LastGood\system32\fsquirt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\msagent\agentsvr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\system32\ahui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\WINDOWS\system32\alg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\arp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\asr_pfu.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\atmadm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\blastcln.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\bootok.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\chkntfs.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\cidaemon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\clipsrv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\clspack.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win9x.Merinos.1763!IK
C:\WINDOWS\system32\Com\comrereg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virut.R!IK
C:\WINDOWS\system32\compact.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\control.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\convert.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dcomcnfg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virut.R!IK
C:\WINDOWS\system32\diantz.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\diskperf.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\admin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Cadoiac.A!IK
C:\WINDOWS\system32\dllcache\agentsvr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\ahui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
C:\WINDOWS\system32\dllcache\alg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\arp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\asr_pfu.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\atmadm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\author.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Cadoiac.A!IK
C:\WINDOWS\system32\dllcache\bckgzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\blastcln.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\bootok.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\cb32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\cfgwiz.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\chkntfs.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\chkrzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\cidaemon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\clipsrv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\compact.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\comrereg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virut.R!IK
C:\WINDOWS\system32\dllcache\control.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\convert.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\dcomcnfg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virut.R!IK
C:\WINDOWS\system32\dllcache\diantz.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\diskperf.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\dllhost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\dmadmin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\dumprep.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\evcreate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\explorer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
C:\WINDOWS\system32\dllcache\fontview.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\dllcache\fp98swin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\fpremadm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\ftp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\gpupdate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\helpsvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\hrtzzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\imapi.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\imjpdct.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Cadoiac.A!IK
C:\WINDOWS\system32\dllcache\imjputy.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SillyW.1459!IK
C:\WINDOWS\system32\dllcache\ipconfig.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\ipv6.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\isignup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\lnkstub.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\locator.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\logon.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\logonui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\lpq.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\lpr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\magnify.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\makecab.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\migload.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\mmc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-PWS.Win32.VB.ER!IK
C:\WINDOWS\system32\dllcache\mnmsrvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\mobsync.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\moviemk.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\system32\dllcache\mplay32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.DeadCode.b!IK
C:\WINDOWS\system32\dllcache\mplayer2.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\dllcache\mpnotify.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\msiexec.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virtob!IK
C:\WINDOWS\system32\dllcache\msimn.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Email-Worm.Win32.Tanatos.B!IK
C:\WINDOWS\system32\dllcache\mspaint.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\mtstocom.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virut.R!IK
C:\WINDOWS\system32\dllcache\narrator.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\dllcache\net.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\netstat.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\system32\dllcache\nwscript.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\opnfiles.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\osk.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\pentnt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\perfmon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\powercfg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Socks.BA!IK
C:\WINDOWS\system32\dllcache\progman.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Spy.Win32.Banker.ciy!IK
C:\WINDOWS\system32\dllcache\rasdial.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\rcimlby.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\rcp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\rdshost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\reg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.8!IK
C:\WINDOWS\system32\dllcache\rexec.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\rsh.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\rsmui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ar!IK
C:\WINDOWS\system32\dllcache\rsvp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\rundll32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.2!IK
C:\WINDOWS\system32\dllcache\rvsezm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\savedump.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\sessmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\setup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\setup_wm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\system32\dllcache\sfc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\shmgrate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\shtml.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\shutdown.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\shvlzm.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\skeys.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\smbinst.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\smi2smir.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\sol.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Agent!IK
C:\WINDOWS\system32\dllcache\spnpinst.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\spoolsv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\srdiag.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\ssmarque.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\ssmyst.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
C:\WINDOWS\system32\dllcache\sysinfo.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Socks.BA!IK
C:\WINDOWS\system32\dllcache\sysocmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\tcmsetup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\tcptest.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Cadoiac.A!IK
C:\WINDOWS\system32\dllcache\tlntadmn.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dllcache\tracert.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\tsdiscon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\twunk_32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Clicker.Win32.NetBuie.H!IK
C:\WINDOWS\system32\dllcache\upnpcont.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\ups.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\dllcache\verifier.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\dllcache\vssadmin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\vssvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\wab.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Dropper.Agent!IK
C:\WINDOWS\system32\dllcache\wabmig.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\wextract.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Constructor.Win32.Agent.bm!IK
C:\WINDOWS\system32\dllcache\winlogon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Patched!IK
C:\WINDOWS\system32\dllcache\winmgmt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllcache\wmiadap.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.P!IK
C:\WINDOWS\system32\dllcache\wmiapsrv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.P!IK
C:\WINDOWS\system32\dllcache\wmiprvse.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dllcache\wmplayer.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Downloader.Win32.Banload!IK
C:\WINDOWS\system32\dllcache\wscntfy.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\dllhost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\dmadmin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\dumprep.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\eventcreate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\fontview.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\fsquirt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\ftp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\gpupdate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\imapi.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\ipconfig.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\ipv6.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\lnkstub.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\locator.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\logon.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\logonui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\lpq.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\lpr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\magnify.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\makecab.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\migpwd.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\mmc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-PWS.Win32.VB.ER!IK
C:\WINDOWS\system32\mnmsrvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.n!IK
C:\WINDOWS\system32\mobsync.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\mplay32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.DeadCode.b!IK
C:\WINDOWS\system32\mpnotify.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\msiexec.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virtob!IK
C:\WINDOWS\system32\mspaint.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\narrator.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\net.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\netstat.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\notepad.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Hupigon.MAP!IK
C:\WINDOWS\system32\nwscript.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\openfiles.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\osk.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\pentnt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\perfmon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\powercfg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Socks.BA!IK
C:\WINDOWS\system32\progman.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Spy.Win32.Banker.ciy!IK
C:\WINDOWS\system32\rasdial.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\rcimlby.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\rcp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\rdshost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\reg.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.8!IK
C:\WINDOWS\system32\Restore\srdiag.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\rexec.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\rsh.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\rsmui.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ar!IK
C:\WINDOWS\system32\rsvp.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\rundll32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.2!IK
C:\WINDOWS\system32\savedump.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\sessmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\setup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\sfc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\shmgrate.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\shutdown.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\skeys.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\smbinst.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\sol.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.Agent!IK
C:\WINDOWS\system32\spnpinst.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\spoolsv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\ssmarque.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\ssmyst.scr[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\svchost.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Loader.AK!IK
C:\WINDOWS\system32\sysocmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\systeminfo.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Socks.BA!IK
C:\WINDOWS\system32\tcmsetup.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\tlntadmn.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.SdBot.gen44!IK
C:\WINDOWS\system32\tracert.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\tsdiscon.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\upnpcont.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\ups.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.ak!IK
C:\WINDOWS\system32\usmt\migload.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\verifier.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Zezal.a!IK
C:\WINDOWS\system32\vssadmin.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\vssvc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\wbem\winmgmt.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\system32\wbem\wmiadap.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.P!IK
C:\WINDOWS\system32\wbem\wmiapsrv.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Win32.Virtob.P!IK
C:\WINDOWS\system32\wbem\wmiprvse.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\wdfmgr.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Virut.q!IK
C:\WINDOWS\system32\wextract.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Constructor.Win32.Agent.bm!IK
C:\WINDOWS\system32\wscntfy.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Crypt!IK
C:\WINDOWS\twunk_32.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan-Clicker.Win32.NetBuie.H!IK
D:\do\photoshop3\Keygen.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Small!IK
D:\do\software\My Progs\Downloaders\IDM\Internet Download Manager 5.12 Build 8\Retail Patch by UnReal\Patch Retail 5.xx.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Pigeon!IK
D:\do\software\My Progs\Downloaders\IDM\Internet Download Manager v5.12 build X.X.X - PATCHED.EXE[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.Pigeon!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\profiles\default\backup\mutu37.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\profiles\default\mutu37.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\profiles\MPP Sample\mutu37.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\mcc.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Trojan.Win32.VB!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\mutu37.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\nHTMLn.dll[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.BlackCode.a!IK
D:\do\software\My Progs\Sharing\mIRCPowerPack\app\mIRCPowerPack\system\mpp\recovery\mutu37.ini[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Backdoor.IRC.Zapchast!IK
D:\SoftIes\Video Edit Magic 4.3\Video Edit Magic.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Agent.aj!IK
D:\System Volume Information\_restore{39E388CC-73A9-4485-9C6A-4DD45E1FE3D7}\RP2\A0000368.exe[FONT=Courier New (Arabic)] المكتشفة: [/FONT]Virus.Win32.Agent.aj!IK
[FONT=Courier New (Arabic)]المفحوص
الملفات: 160052
الآثار: 468203
ملفات تعريف الإرتباط: 839
العمليات : 32
المكتشفة
الملفات: 369
الآثار: 5
ملفات تعريف الإرتباط: 21
العمليات : 11
مفاتيح الريجستري: 0
نهاية الفحص: 07/02/2009 07:27:24 م
وقت الفحص : 0:48:45
[/FONT]

--------------------- وهذا تقرير هايجاك ذس

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:11:32[FONT=Courier New (Arabic)] م, [/FONT]on 07/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600[FONT=Courier New (Arabic)])
[/FONT]MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180[FONT=Courier New (Arabic)])
[/FONT]Boot mode: Normal
[FONT=Courier New (Arabic)][/FONT]Running processes[FONT=Courier New (Arabic)]:
[/FONT]C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\a-squared Free\a2free.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Documents and Settings\nesnas[FONT=Courier New (Arabic)]\سطح المكتب\ادوات ازالة الفيروسات\[/FONT]Zyzoom_HijackThis.exe
[FONT=Courier New (Arabic)][/FONT]R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file[FONT=Courier New (Arabic)])
[/FONT]F2 - REG:system.ini: Shell=Explorer.exe[FONT=Courier New (Arabic)]
[/FONT]F2 - REG:system.ini: UserInit=userinit.exe[FONT=Courier New (Arabic)]
[/FONT]O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing[FONT=Courier New (Arabic)])
[/FONT]O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file[FONT=Courier New (Arabic)])
[/FONT]O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe[FONT=Courier New (Arabic)]"
[/FONT]O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\TrayServer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User[FONT=Courier New (Arabic)] '?')
[/FONT]O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user[FONT=Courier New (Arabic)]')
[/FONT]O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item[FONT=Courier New (Arabic)]: &تصدير إلى [/FONT]Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download All Files by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGetAll.htm
O8 - Extra context menu item: Download all links with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetAll.htm
O8 - Extra context menu item: Download by HiDownload - C:\Program Files\StreamingStar\HiDownload\HDGet.htm
O8 - Extra context menu item: Download FLV video ******* with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\nesnas\LOCALS~1\Temp\RarSFX95\IEExt.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button[FONT=Courier New (Arabic)]: بحث - {92780[/FONT]B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU[FONT=Courier New (Arabic)])
[/FONT]O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5d86ddb5-bdf9-441b-9e9e-d4730f4ee499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: QoS RSVP (RSVP) - Unknown owner - C:\WINDOWS\system32\rsvp.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing[FONT=Courier New (Arabic)])
[/FONT]O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing[FONT=Courier New (Arabic)])
--
[/FONT]End of file - 9748 bytes
[FONT=Courier New (Arabic)][/FONT]
 
تأييد 0
اخي ياليت ترفع مفكرة التقرير ليسهل قرائتها
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى