شموس
زيزوومي جديد
غير متصل
السلام عليكم
بجد انا زهقت من فيروس الاوتورن والريسيكلد ..
الجهاز بطىء جداااااااااااااا بقالى ساعة عشان افتح الجهاز كل شوية يهنج
مش عايزة احمل برامج كتيرة انا عايزة برنامج يقضيلى عليهم ...مع العلم انى حاولت فى الموضوعات اللى فى القسم بخصوص هذا الفيروس بدون فايدة حملت الملف اللى حجمة 13 ميجا وهو تجميعة من البرامج للقضاء على الفيروس ولا فايدة ..
انا عايزة خطوات تحذفهم الى الابد وبرنامج للحفاظ عليهم ..(لا أثق فى اى برنامج حماية ..) عندى الافيرا ولا كأنه موجود :no:
وكان عندى AVG بلا فايدة :cr:
مش عارفة اتعامل مع الجهاز خالص وشغلى عطلان ...
وده تقرير الهيجاك لو محتاجينه
....................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:16, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\National Instruments\MAX\nimxs.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
E:\oracle\product\10.1.0\db_2\bin\isqlplussvc.exe
E:\oracle\product\10.1.0\db_2\jdk\bin\java.exe
E:\oracle\product\10.1.0\db_2\BIN\TNSLSNR.exe
E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
e:\oracle\product\10.1.0\db_2\bin\ORACLE.EXE
C:\WINDOWS\system32\wuauclt.exe
E:\oracle\product\10.1.0\db_2\bin\nmesrvc.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\product\10.1.0\db_2\perl\5.6.1\bin\MSWin32-x86\perl.exe
E:\oracle\product\10.1.0\db_2\bin\emagent.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\oracle\product\10.1.0\db_2\jdk\bin\java.exe
C:\WINDOWS\Explorer.exe
F:\w.i.s\حماية الجهاز\HiJackThis.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\product\10.1.0\db_2\bin\emdctl.exe
E:\oracle\product\10.1.0\db_2\bin\nmupm.exe
E:\oracle\product\10.1.0\db_2\bin\nmupm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Soltek] C:\WINDOWS\system32\autorun.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\eng_kmu\LOCALS~1\Temp\Rar$EX05.938\Port.IDM.Ar\Portable\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager -
O8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager -
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager -
O8 - Extra context menu item: تحميل بواسطة Free Download Manager -
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: OracleCSService - Unknown owner - E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
O23 - Service: OracleDBConsoleorcl - Oracle Corporation - E:\oracle\product\10.1.0\db_2\bin\nmesrvc.exe
O23 - Service: OracleOraDb10g_home2iSQL*Plus - Oracle - E:\oracle\product\10.1.0\db_2\bin\isqlplussvc.exe
O23 - Service: OracleOraDb10g_home2SNMPPeerEncapsulator - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\ENCSVC.EXE
O23 - Service: OracleOraDb10g_home2SNMPPeerMasterAgent - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\AGNTSVC.EXE
O23 - Service: OracleOraDb10g_home2TNSListener - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\TNSLSNR.exe
O23 - Service: OracleOraDb10g_home3iSQL*Plus - Oracle - E:\oracle\product\10.1.0\db_3\bin\isqlplussvc.exe
O23 - Service: OracleOraDb10g_home3SNMPPeerEncapsulator - Unknown owner - E:\oracle\product\10.1.0\db_3\BIN\ENCSVC.EXE
O23 - Service: OracleOraDb10g_home3SNMPPeerMasterAgent - Unknown owner - E:\oracle\product\10.1.0\db_3\BIN\AGNTSVC.EXE
O23 - Service: OracleServiceORAL - Oracle Corporation - e:\oracle\product\10.1.0\db_3\bin\ORACLE.EXE
O23 - Service: OracleServiceORCL - Oracle Corporation - e:\oracle\product\10.1.0\db_2\bin\ORACLE.EXE
--
End of file - 10744 bytes
........................
جزاكم الله خير
بجد انا زهقت من فيروس الاوتورن والريسيكلد ..
الجهاز بطىء جداااااااااااااا بقالى ساعة عشان افتح الجهاز كل شوية يهنج
مش عايزة احمل برامج كتيرة انا عايزة برنامج يقضيلى عليهم ...مع العلم انى حاولت فى الموضوعات اللى فى القسم بخصوص هذا الفيروس بدون فايدة حملت الملف اللى حجمة 13 ميجا وهو تجميعة من البرامج للقضاء على الفيروس ولا فايدة ..
انا عايزة خطوات تحذفهم الى الابد وبرنامج للحفاظ عليهم ..(لا أثق فى اى برنامج حماية ..) عندى الافيرا ولا كأنه موجود :no:
وكان عندى AVG بلا فايدة :cr:
مش عارفة اتعامل مع الجهاز خالص وشغلى عطلان ...
وده تقرير الهيجاك لو محتاجينه
....................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:51:16, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
C:\Program Files\National Instruments\MAX\nimxs.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
E:\oracle\product\10.1.0\db_2\bin\isqlplussvc.exe
E:\oracle\product\10.1.0\db_2\jdk\bin\java.exe
E:\oracle\product\10.1.0\db_2\BIN\TNSLSNR.exe
E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
e:\oracle\product\10.1.0\db_2\bin\ORACLE.EXE
C:\WINDOWS\system32\wuauclt.exe
E:\oracle\product\10.1.0\db_2\bin\nmesrvc.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\product\10.1.0\db_2\perl\5.6.1\bin\MSWin32-x86\perl.exe
E:\oracle\product\10.1.0\db_2\bin\emagent.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\oracle\product\10.1.0\db_2\jdk\bin\java.exe
C:\WINDOWS\Explorer.exe
F:\w.i.s\حماية الجهاز\HiJackThis.exe
C:\WINDOWS\system32\cmd.exe
E:\oracle\product\10.1.0\db_2\bin\emdctl.exe
E:\oracle\product\10.1.0\db_2\bin\nmupm.exe
E:\oracle\product\10.1.0\db_2\bin\nmupm.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Soltek] C:\WINDOWS\system32\autorun.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\eng_kmu\LOCALS~1\Temp\Rar$EX05.938\Port.IDM.Ar\Portable\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlfvideo.htmO8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htmO8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: تحميل بواسطة Free Download Manager -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htmO8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{30959CE6-6945-46FE-B105-7C7CA0EC451A}: NameServer = 212.210.150.1,1.0.0.0
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: OracleCSService - Unknown owner - E:\oracle\product\10.1.0\db_2\bin\ocssd.exe
O23 - Service: OracleDBConsoleorcl - Oracle Corporation - E:\oracle\product\10.1.0\db_2\bin\nmesrvc.exe
O23 - Service: OracleOraDb10g_home2iSQL*Plus - Oracle - E:\oracle\product\10.1.0\db_2\bin\isqlplussvc.exe
O23 - Service: OracleOraDb10g_home2SNMPPeerEncapsulator - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\ENCSVC.EXE
O23 - Service: OracleOraDb10g_home2SNMPPeerMasterAgent - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\AGNTSVC.EXE
O23 - Service: OracleOraDb10g_home2TNSListener - Unknown owner - E:\oracle\product\10.1.0\db_2\BIN\TNSLSNR.exe
O23 - Service: OracleOraDb10g_home3iSQL*Plus - Oracle - E:\oracle\product\10.1.0\db_3\bin\isqlplussvc.exe
O23 - Service: OracleOraDb10g_home3SNMPPeerEncapsulator - Unknown owner - E:\oracle\product\10.1.0\db_3\BIN\ENCSVC.EXE
O23 - Service: OracleOraDb10g_home3SNMPPeerMasterAgent - Unknown owner - E:\oracle\product\10.1.0\db_3\BIN\AGNTSVC.EXE
O23 - Service: OracleServiceORAL - Oracle Corporation - e:\oracle\product\10.1.0\db_3\bin\ORACLE.EXE
O23 - Service: OracleServiceORCL - Oracle Corporation - e:\oracle\product\10.1.0\db_2\bin\ORACLE.EXE
--
End of file - 10744 bytes
........................
جزاكم الله خير
