شكرا لك.
اولا انا عملت فحص بيت ديفنتر اونلاين ومسك فيروسين
وبعدين شفت رعملت الي بدك اياه وهاد التقرير تبع البرنامج الاول
SmitFraudFix v2.277
Scan done at 19:04:19.29, Tue 01/29/2008
Run from C:\Documents and Settings\Arabic\My Documents\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
127.0.0.1
## added by CiD
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix.exe by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: SiS 900-Based PCI Fast Ethernet Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 9.9.9.1
Description: SiS 900-Based PCI Fast Ethernet Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 9.9.9.1
Description: SiS 900-Based PCI Fast Ethernet Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 9.9.9.1
Description: SiS 900-Based PCI Fast Ethernet Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 10.0.0.138
Description: SiS 900-Based PCI Fast Ethernet Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 9.9.9.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{16DD5152-2205-4251-A4BC-5CC78C010DCD}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CCS\Services\Tcpip\..\{2DB06783-C46B-4DF6-AC84-C1962B0CB75F}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{795BEEE9-D810-42E1-A746-DBF1C968EA47}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A8EF16BE-9EA4-4EB9-8DFB-E5C8FA8B6FEB}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{D1395BC6-BDE6-4F78-B025-807F4E924C74}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{16DD5152-2205-4251-A4BC-5CC78C010DCD}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\..\{2DB06783-C46B-4DF6-AC84-C1962B0CB75F}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{795BEEE9-D810-42E1-A746-DBF1C968EA47}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A8EF16BE-9EA4-4EB9-8DFB-E5C8FA8B6FEB}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D1395BC6-BDE6-4F78-B025-807F4E924C74}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{16DD5152-2205-4251-A4BC-5CC78C010DCD}: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\..\{2DB06783-C46B-4DF6-AC84-C1962B0CB75F}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{795BEEE9-D810-42E1-A746-DBF1C968EA47}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A8EF16BE-9EA4-4EB9-8DFB-E5C8FA8B6FEB}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D1395BC6-BDE6-4F78-B025-807F4E924C74}: DhcpNameServer=9.9.9.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.138
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
وبعدين تقرير الهايجاك:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:14:56 م, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Arabic\My Documents\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Stupid Data Dart Wave] C:\Documents and Settings\All Users\Application Data\flag ace stupid data\Cake Eq.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [info store] C:\DOCUME~1\Arabic\APPLIC~1\Showmeow\MpegTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\Arabic\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\Arabic\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Al-Mamoon - C:\PROGRA~1\Ramooz\AL-MAM~1\agent.dll
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) -
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5675 bytes
ملاحظة:انا حاسس انو الاعلانات بطلو يكلعو شكرا لك
مستني ردك
سؤال: ما هو اخف انتي فيروس والملائم ل 512 ذاكرة 2.4 caleron
(احتاج اخف انتي فايروس)!:iconmju17:
