جهازي مايفتح وصعوبه با الدخول للوندوز

  • بادئ الموضوع بادئ الموضوع سوكره
  • تاريخ البدء تاريخ البدء
  • المشاهدات 2,256
الحالة
مغلق و غير مفتوح للمزيد من الردود.
س

سوكره

زيزوومي جديد
إنضم
10 أبريل 2008
المشاركات
92
مستوى التفاعل
0
النقاط
110
غير متصل
السلام عليكم ورحمة الله وبركاته

ماستغني عنكم ابدآآ :er:

جهازي اذا شغلته ياخذ علي الاقل 20 دقيقه علي مايشتل واوقات ماتفتح صفحه

سودا مكتوب فيها خيارين للوندوز ومايفتح يعني تجلس الصفحه السودا طول الوقت :er:

سويت فحص وطلع معاي كذا





Engine Version : 5300.2777
Engine Load Time : 26031 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 15 محرم, 1430
Extra DAT : 0 detections

Process : C:\WINDOWS\Explorer.EXE : contains "Trojan" called "BackDoor-DKI!mem" (No Action Taken )
Memory : Infected
Please wait ... building list of critical files to scan
Critical : Clean
Scanning the computer's cookie directories
Cookies : Clean
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\LocalService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\ntuser.dat : Scan Failed
c:\Documents and Settings\USer\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\Perflib_Perfdata_f84.dat : Scan Failed
File : c:\Program Files\Internet Download Manager\Patch.exe : contains "Trojan" called "Generic.dx" (No Action Taken )
c:\Program Files\Internet Download Manager\Patch.exe : No action taken
File : c:\Program Files\Real_SC\opt.exe : contains "Virus" called "W32/Sdbot.worm" (No Action Taken )
c:\Program Files\Real_SC\opt.exe : No action taken
c:\WINDOWS\system32\system32.exe : Scan Failed
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\Temp\Perflib_Perfdata_23c.dat : Scan Failed
Scanning the registry
Engine Version : 5300.2777
Engine Load Time : 22828 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 15 محرم, 1430
Extra DAT : 0 detections

Process : C:\WINDOWS\Explorer.EXE : contains "Trojan" called "BackDoor-DKI!mem" (No Action Taken )
Memory : Infected
Please wait ... building list of critical files to scan
Critical : Clean
Scanning the computer's cookie directories
Cookies : Clean
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\LocalService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\ntuser.dat : Scan Failed
c:\Documents and Settings\USer\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application \tmp.edb : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\Perflib_Perfdata_124.dat : Scan Failed
c:\WINDOWS\system32\system32.exe : Scan Failed
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\Temp\Perflib_Perfdata_22c.dat : Scan Failed
Scanning the registry
Registry : Clean

Summary :-
FilesFound : 94349
FilesScanned : 60461
FilesNotScanned : 33888

ObjectsFound : 148913
ObjectsInfected : 1
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 0
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 12:49:43 م 25 صفر, 1430
Ended at : 01:45:56 م 25 صفر, 1430
Duration : 56 minutes 12 seconds
7577 MB scanned in 3372 seconds = 2 MB/s
Engine Version : 5300.2777
Engine Load Time : 23875 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 15 محرم, 1430
Extra DAT : 0 detections


Summary :-
FilesFound : 430
FilesScanned : 314
FilesNotScanned : 116

ObjectsFound : 447
ObjectsInfected : 0
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 0
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 01:46:23 م 25 صفر, 1430
Ended at : 01:46:39 م 25 صفر, 1430
Duration : 15 seconds
85 MB scanned in 15 seconds = 5 MB/s
Engine Version : 5300.2777
Engine Load Time : 23328 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 15 محرم, 1430
Extra DAT : 0 detections

Process : C:\WINDOWS\Explorer.EXE : contains "Trojan" called "BackDoor-DKI!mem" (No Action Taken )
Memory : Infected
Please wait ... building list of critical files to scan
Critical : Clean
Scanning the computer's cookie directories
Cookies : Clean
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\LocalService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\ntuser.dat : Scan Failed
c:\Documents and Settings\USer\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Safe Browsing-journal : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\History Index 2009-04-journal : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\History-journal : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\Thumbnails-journal : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\Visited Links : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data-journal : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Messenger\al-
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Messenger\al-\dfsr.db : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Messenger\al-\SharingMetadata\Working\database_141C_362F_72A0_7BC1\fsr.log : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Messenger\\SharingMetadata\Working\database_141C_362F_72A0_7BC1\fsrtmp.log : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Messenger\al-\SharingMetadata\Working\database_141C_362F_72A0_7BC1\tmp.edb : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\USer\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\etilqs_6fjGDy9a7tOtiYH : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\etilqs_GYDQEvyMvwB9psv : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\Perflib_Perfdata_b14.dat : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\~DF6EA1.tmp : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\~DF6EB3.tmp : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\~DFADC2.tmp : Scan Failed
c:\Documents and Settings\USer\Local Settings\Temp\~DFADD7.tmp : Scan Failed
c:\WINDOWS\system32\system32.exe : Scan Failed
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\Temp\Perflib_Perfdata_4e8.dat : Scan Failed
Scanning the registry
Registry : Clean

Summary :-
FilesFound : 78633
FilesScanned : 49422
FilesNotScanned : 29211

ObjectsFound : 136863
ObjectsInfected : 1
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 0
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 14:45:47 07 ربيع الثاني, 1430
Ended at : 15:32:03 07 ربيع الثاني, 1430
Duration : 46 minutes 16 seconds
6136 MB scanned in 2776 seconds = 2 MB/s
Engine Version : 5300.2777
Engine Load Time : 24937 milliseconds
AV DAT Version : 5492.0000 488805 detections Built 15 محرم, 1430
Extra DAT : 0 detections

File : d:\Documents and Settings\USer\My Documents\آحدث اصدار لعملاق برامج التحميل داونلود منيجر\الكراك\Patch & keygen\Patch\IDMan Crack.exe : contains "Trojan" called "Generic.dx" (No Action Taken )
d:\Documents and Settings\USer\My Documents\آحدث اصدار لعملاق برامج التحميل داونلود منيجر\الكراك\Patch & keygen\Patch\IDMan Crack.exe : No action taken

Summary :-
FilesFound : 13313
FilesScanned : 8055
FilesNotScanned : 5258

ObjectsFound : 14718
ObjectsInfected : 1
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 1
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 15:32:31 07 ربيع الثاني, 1430
Ended at : 15:36:31 07 ربيع الثاني, 1430
Duration : 3 minutes 59 seconds
656 MB scanned in 239 seconds = 2 MB/s
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
طلع لي هذي الصفحه لما جيت انزل الاداه ومكتوب داونلود ولافيه اي شي جنبه لقيت رابط نسخته بصفحه ثانيه نفس الشي

ماعرفت احمل من ها الصفحه :(



924192456.jpg
 

تأييد 0
بس تفتحي الرابط

اضغطي على

dl_langsam.gif

free user


بيطلع لك العد التنازلي

انتظريه لحتى يخلص واضغطي على داون لود وحملي الأداة
 
توقيع : AbOdy
تأييد 0
هذا التقرير حق البرنامج الاخير


a-squared Command Line Scanner - Version 3.5
Last update: N/A
Scan settings:
Objects: Memory, Traces, Cookies, C:\, D:\
Scan archives: On
Heuristics: On
ADS Scan: On
Scan start: 10/04/2009 12:10:20 ص
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run --> windows detected: Trace.Registry.EagleBoy
C:\Documents and Settings\USer\Cookies\user@doubleclick[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\USer\Cookies\user@google.com[1].txt detected: Trace.TrackingCookie
C:\Documents and Settings\USer\Cookies\user@statcounter[1].txt detected: Trace.TrackingCookie
Scanned
Files: 191938
Traces: 181783
Cookies: 75
Processes: 45
Found
Files: 0
Traces: 1
Cookies: 3
Processes: 0
Quarantined
Files: 0
Traces: 1
Cookies: 3
Processes: 0
Scan end: 10/04/2009 01:45:41 ص
Scan time: 1:35:21
 
تأييد 0
الله يعطيكي العافية يارب

عطيني تقرير جديد للهايجاك
 
توقيع : AbOdy
تأييد 0
الله يعطيك العافيه انت اخوي ماقصرت معاي

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:50:40 ص, on 10/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\USer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\ManyCam 2.3\ManyCam.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEMonitor.exe
C:\PROGRA~1\AVANTB~1\avant.exe
C:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\USer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\USer\My Documents\Downloads\Programs\HiJackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [windows] C:\WINDOWS\system32\system32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\USer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Startup: is-8P0RK.lnk = C:\Documents and Settings\USer\Desktop\Virus Removal Tool2\is-8P0RK\startup.exe
O4 - Startup: is-KQJDC.lnk = C:\Documents and Settings\USer\Desktop\Virus Removal Tool1\is-KQJDC\startup.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7837 bytes
 
تأييد 0
الأصابه الى الأن موجوده

ومالي طالع من الموضوع قبل لا اطلع بعمرها :q:

شوفي

ادخلي على الوضع الأمن


اعد التشغيل وقبل ظهور شاشة الويندوز

اضغط باستمرار على زر f8


wh_62195183.png


ستاتيك شاشة فيهاا عدة خيارات اختر منهاا

safemode

wh_39783481.png



ثم اختر التالي

wh_12507056.png



wh_11747871.png



من الشاشة التالية اختر حساب الادمن او اي حساب تريد


wh_85829423.png



اخيرا اضغط موافق للدخول لسطح المكتب


wh_64184495.png






وبعد الدخول للوضع الأمن احذفي هالقيمه وانتي في الوضع الأمن


O4 - HKLM\..\Run: [windows] C:\WINDOWS\system32\system32.exe



طريقة الحذف




mg%20%283%29.png


mg%20%284%29.png





وبعدها ادخلي على الوضع العادي للجهاز وعطيني تقرير جديد
 
توقيع : AbOdy
تأييد 0
كيف ادخل علي الوضع الامن مافهمت؟؟
 
تأييد 0
توقيع : AbOdy
تأييد 0
ههههههههههههههههههههههههههههه من النوم والله اللي فيني اي فهمت خلاص وسويت

وهذا التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:45:26 ص, on 10/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\USer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\ManyCam 2.3\ManyCam.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEMonitor.exe
C:\PROGRA~1\AVANTB~1\avant.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\USer\My Documents\Downloads\Programs\HiJackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [windows] C:\WINDOWS\system32\system32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\USer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Startup: is-8P0RK.lnk = C:\Documents and Settings\USer\Desktop\Virus Removal Tool2\is-8P0RK\startup.exe
O4 - Startup: is-KQJDC.lnk = C:\Documents and Settings\USer\Desktop\Virus Removal Tool1\is-KQJDC\startup.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7623 bytes
 
تأييد 0
سوكره قال:
ههههههههههههههههههههههههههههه من النوم والله اللي فيني اي فهمت خلاص وسويت
أنقر للتوسيع...


:bleh:

خلاص قومي نامي ,, ونكمل بوكرة :smile:
 
توقيع : AbOdy
تأييد 0
AbOdy قال:
:bleh:

خلاص قومي نامي ,, ونكمل بوكرة :smile:
أنقر للتوسيع...


صباح الخير :smile:

حمل هذه الاداة من هنا
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد تنزيل الاداة دبل كلك ستظهر لديك مثل هذه النافذة خذ صورة لها وارفقها بردك القادم مع ابقاء الاداة تعمل الى ان ارد عليك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 
التعديل الأخير بواسطة المشرف:
توقيع : AbOdy
تأييد 0
صباح النور والسرور

البارحه من النوم ماقدرت حتي ارد اسفه :q:



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
معذوره

تمااام

الأن من الصوره

شيلي علامه الصح من على البرامج التاليه


ابدأي,,

6 واحد شيلي الصح عنه

8 واحد شيلي الصح عنه

9 واحد شيلي الصح عنه

11 شيلي الصح عنه

واخر واحد شيلي الصح عنه


رح تجيكي رساله توكيد ,, وافقي عليها

بعد عمل المطلوب ,, اعيدي تشغيل الجهاز وارفعي لي تقرير هايجاك جديد
 
توقيع : AbOdy
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:04:23 م, on 10/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ManyCam 2.3\ManyCam.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Documents and Settings\USer\My Documents\Downloads\Programs\HiJackThis.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEMonitor.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [windows] C:\WINDOWS\system32\system32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 6957 bytes
 
تأييد 0
لا حول الله

ركزي معاي شوي الله يخليكي


تابعي الصور

من ابدأ ختر run واكتب الامر التالي

msconfig

ثم اوكي

ستظهر شاشة التطبيق

system configuration utility


اعمل كما يلي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





ثم وافق على اعادة التغشيل



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي







انتي ماعليكي من الشرح الي على الصور ارفع علامه الصح عن كل المربعات

انا فقط اريد ترفعي علامه الصح عن مربع واحد

وهذا رح يكون اسم المربع windows

ومساره C:\WINDOWS\system32\system32.exe


بس تشوفيه شيلي من عليه علامه الصح مثل ما هو موجود في الشرح

وبعد عمل المطلوب واعادة تشغيل الجهاز ارفعي لي تقرير جديد للهايجاك
 
توقيع : AbOdy
تأييد 0
نهائي مو موجود با القائمه !!
 
تأييد 0
طيب اعملي لي نفس هالصورة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



بحيث تكون كبيره اقدر اشوف الأسماء والمسارات كلها
 
توقيع : AbOdy
تأييد 0
321244467.jpg





273727950.jpg

 
تأييد 0
اسف على التأخير لظروف خارجه عن ارادتي

من هالصورة

321244467.jpg





سادس برنامج ,, طبقي عليه هذا الشرح


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




بس شيلي الصح عن البرنامج الي قلت عنه

واعيدي تشغيل الجهاز وارفعي لي تقرير جديد
 
توقيع : AbOdy
تأييد 0
وانا مثلك بعد
والسبب المنتدى مايفتح معاي ..!



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:28:47 م, on 12/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ManyCam 2.3\ManyCam.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEMonitor.exe
C:\Documents and Settings\USer\My Documents\Downloads\Programs\HiJackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [windows] C:\WINDOWS\system32\system32.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.3\ManyCam.exe"
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Documents and Settings\Default User\Local Settings\Temp\bh11ySa6d\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7745 bytes
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى