لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
السلام عليكم ورحمة الله وبركاته
عندي مشكله بالمسنجر التاسع بعد ماثبته
وافتح الماسنجر تظهر هالصورة وبعدها يتقفل وش الحل
ودي واحترامي
- بادئ الموضوع لـــيالـــي
- تاريخ البدء
- 1,186
- الحالة
وعليكم السلام
حمل هذا البرنامج
OR
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة ==> انسخه والصقه بردك القادم
بالآآنتظآآر ,,
حمل هذا البرنامج
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
OR
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة ==> انسخه والصقه بردك القادم
بالآآنتظآآر ,,
توقيع : أعتز بك
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:26 م, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\User\Application Data\Real\RealPlayer\Update\RealPlayer11.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 6640 bytes
Scan saved at 10:08:26 م, on 01/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\VTTimer.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\vsnpstd.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Documents and Settings\User\Application Data\Real\RealPlayer\Update\RealPlayer11.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 6640 bytes
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
حذفت التاسع ونزلت الثامن
هل المشكله في الماسنجر فقط أو في برامج آآخر
ومن التقرير قمي بحذف التالي
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
ثم نزل هذه الاداة واتبع الشرح التالي
او
التوافق : ويندوز اكسبي فقط
شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
وقومي بعمل
عطل جميع برامج الحمايه >>> تأكد من وقت وتاريخ الجهاز
>>> لاتغير اسم الاداة واحفظها على سطح المكتب
وحمل هذه الاداة واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
وبعدها
أغلقي برنامج الحمايه
وحملي هذه الأداة
بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل
تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير
بالآآنتظآآر ,,
ومن التقرير قمي بحذف التالي
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
ثم نزل هذه الاداة واتبع الشرح التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
او
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
التوافق : ويندوز اكسبي فقط
شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
وقومي بعمل
عطل جميع برامج الحمايه >>> تأكد من وقت وتاريخ الجهاز
>>> لاتغير اسم الاداة واحفظها على سطح المكتب
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
وبعدها
أغلقي برنامج الحمايه
وحملي هذه الأداة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل
تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير
بالآآنتظآآر ,,
توقيع : أعتز بك
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
اسفه على التاخير في الرد
هذا التقرير
ComboFix 09-05-02.4 - User 05/02/2009 17:47.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.3326.2725 [GMT 3:00]
Running from: c:\documents and settings\User\Desktop\برنامج1.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\windows\IE4 Error Log.txt
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\olhrwef.exe
c:\windows\system32\x64
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2009-04-02 to 2009-05-02 )))))))))))))))))))))))))))))))
.
2009-05-03 22:26 . 2007-10-18 07:14 41288 ----a-w c:\windows\system32\drivers\ikfilesec.sys
2009-05-03 22:26 . 2009-05-03 00:30 74240 ----a-w c:\windows\system32\drivers\iksyssec.sys
2009-05-03 22:26 . 2007-10-18 07:16 29000 ----a-w c:\windows\system32\drivers\kcom.sys
2009-05-03 22:26 . 2009-05-03 00:30 56832 ----a-w c:\windows\system32\drivers\iksysflt.sys
2009-05-03 22:26 . 2009-05-01 01:02 -------- d-----w c:\program files\Spyware Doctor
2009-05-03 22:26 . 2009-05-03 22:26 -------- d-----w c:\documents and settings\User\Application Data\PC Tools
2009-05-03 22:26 . 2005-09-23 15:29 626688 ----a-w c:\windows\system32\msvcr80.dll
2009-05-03 22:13 . 2009-05-03 22:13 -------- d-----w c:\program files\Windows Live SkyDrive
2009-05-03 22:01 . 2009-05-01 18:54 -------- d-----w c:\program files\GVR
2009-05-03 21:53 . 2009-05-03 21:53 -------- d-----w c:\documents and settings\All Users\Application Data\nView_Profiles
2009-05-03 21:44 . 2009-05-03 21:44 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 21:44 . 2009-05-03 21:44 -------- d-----w c:\program files\Java
2009-05-03 21:38 . 2009-05-03 21:38 -------- d-s---w c:\documents and settings\User\UserData
2009-05-02 13:51 . 2009-05-02 14:24 -------- d-----w c:\windows\system32\CatRoot_bak
2009-05-02 13:48 . 2009-05-02 13:48 -------- d-----w c:\documents and settings\User\Application Data\CyberScrub
2009-05-02 13:47 . 2009-05-02 13:47 -------- d-----w c:\documents and settings\User\Application Data\cleaner
2009-05-02 12:04 . 2009-05-02 12:04 -------- d-----w c:\program files\cFosSpeed
2009-05-02 11:45 . 2009-02-06 17:22 2136064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-02 11:45 . 2009-02-06 17:24 2180480 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-02 11:45 . 2009-02-06 16:49 2015744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-02 11:45 . 2009-02-06 16:49 2057728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-05-02 11:19 . 2008-06-13 13:10 272128 -c----w c:\windows\system32\dllcache\bthport.sys
2009-05-02 11:19 . 2008-06-13 13:10 272128 ------w c:\windows\system32\drivers\bthport.sys
2009-05-01 20:58 . 2008-10-24 11:10 453632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-05-01 20:08 . 2008-10-16 11:06 208744 ----a-w c:\windows\system32\muweb.dll
2009-05-01 20:08 . 2008-10-16 11:06 268648 ----a-w c:\windows\system32\mucltui.dll
2009-05-01 19:54 . 2009-05-01 20:25 -------- d-----w c:\documents and settings\User\Application Data\Paltalk
2009-05-01 19:54 . 2009-05-01 20:25 -------- d-----w c:\program files\Paltalk Messenger
2009-05-01 19:29 . 2009-05-01 19:29 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-01 19:17 . 2009-05-01 19:17 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Real
2009-05-01 19:17 . 2009-05-01 19:17 -------- d-----w c:\program files\Common Files\xing shared
2009-05-01 19:15 . 2009-05-01 19:15 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-01 19:15 . 2009-05-01 19:27 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Google
2009-05-01 19:15 . 2009-05-01 19:16 -------- d-----w c:\program files\Google
2009-05-01 19:08 . 2009-05-01 19:08 -------- d-----w c:\program files\Trend Micro
2009-05-01 18:47 . 2009-08-13 04:31 108169 --sh--r C:\husyu8n.exe
2009-05-01 18:16 . 2009-05-01 18:17 -------- d-----w c:\program files\Windows Live
2009-05-01 17:50 . 2009-05-01 17:50 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-01 15:09 . 2004-08-03 22:56 221184 ----a-w c:\windows\system32\wmpns.dll
2009-05-01 13:47 . 2009-05-01 13:47 -------- d-----w c:\documents and settings\User\Application Data\Ahead
2009-05-01 13:34 . 2009-05-01 13:34 -------- d-----w c:\windows\Sun
2009-05-01 13:19 . 2009-05-01 13:19 -------- d-----w c:\documents and settings\User\Application Data\Nokia
2009-05-01 13:00 . 2009-05-01 13:00 -------- d-----w c:\program files\DIFX
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Common Files\Nokia
2009-05-01 12:59 . 2009-05-01 13:00 -------- d-----w c:\documents and settings\User\Application Data\PC Suite
2009-05-01 12:59 . 2009-05-01 13:00 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Common Files\PCSuite
2009-05-01 12:59 . 2006-05-29 05:26 13312 ----a-w c:\windows\system32\drivers\nmwcdcm.sys
2009-05-01 12:59 . 2006-05-29 05:26 8704 ----a-w c:\windows\system32\drivers\nmwcdc.sys
2009-05-01 12:59 . 2006-05-29 05:26 30720 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-05-01 12:59 . 2006-05-29 05:26 127488 ----a-w c:\windows\system32\drivers\nmwcd.sys
2009-05-01 12:59 . 2006-05-29 05:26 4608 ----a-w c:\windows\system32\nmwcdlog.dll
2009-05-01 12:59 . 2006-05-29 05:26 50688 ----a-w c:\windows\system32\nmwcdcls.dll
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Nokia
2009-05-01 11:24 . 2009-05-01 14:47 -------- d-----w c:\program files\MSECACHE
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\windows\Album
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\program files\VideoCAM Trek
2009-05-01 10:43 . 2004-02-16 10:59 61440 ----a-w c:\windows\system32\csnpstd.dll
2009-05-01 10:43 . 2004-09-24 07:58 36864 ----a-w c:\windows\system32\vsnpstd.dll
2009-05-01 10:43 . 2005-06-20 18:27 390912 ----a-w c:\windows\system32\drivers\snpstd.sys
2009-05-01 10:43 . 2004-05-06 08:22 53248 ----a-w c:\windows\system32\dsnpstd.dll
2009-05-01 10:43 . 2005-04-15 03:20 98304 ----a-w c:\windows\system32\rsnpstd.dll
2009-05-01 10:43 . 2004-06-10 10:48 286720 ----a-w c:\windows\vsnpstd.exe
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\program files\Common Files\VCAMTrek
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\windows\system32\AGEIA
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\program files\AGEIA Technologies
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-01 09:46 . 2009-05-01 09:46 -------- d-----w c:\windows\nview
2009-05-01 09:46 . 2008-09-17 01:55 453152 ----a-r c:\windows\system32\nvuninst.exe
2009-05-01 09:46 . 2008-09-17 01:55 453152 ----a-w c:\windows\system32\nvudisp.exe
2009-05-01 09:45 . 2007-08-24 03:03 159744 ----a-r c:\windows\system32\igfxres.dll
2009-05-01 08:03 . 2009-05-01 08:03 0 ----a-w c:\windows\nsreg.dat
2009-05-01 08:03 . 2009-05-01 08:03 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Mozilla
2009-05-01 08:03 . 2009-05-01 08:03 -------- d-----w c:\documents and settings\User\Application Data\Avant Profiles
2009-05-01 08:03 . 2009-05-03 21:58 -------- d-----w c:\program files\Avant Browser
2009-05-01 01:40 . 2009-05-01 17:19 -------- d-----w c:\documents and settings\User\Contacts
2009-05-01 01:14 . 2009-05-01 01:39 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-05-01 01:14 . 2009-05-01 15:40 -------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-05-01 01:04 . 2009-05-02 13:17 -------- d--h--w c:\windows\$hf_mig$
2009-05-01 00:47 . 2009-05-02 14:46 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-30 23:29 . 2009-04-30 23:29 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Yahoo
2009-04-30 23:18 . 2009-04-30 23:18 -------- d-----w c:\documents and settings\User\Application Data\ACD Systems
2009-04-30 22:56 . 2009-05-01 18:19 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-30 22:55 . 2009-05-01 18:09 -------- d-----w c:\documents and settings\User\Tracing
2009-04-30 22:40 . 2009-05-02 14:46 -------- d--h--w C:\$AVG8.VAULT$
2009-04-30 22:24 . 2009-04-30 22:24 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-27 13:35 . 2004-08-04 07:56 21504 ----a-w c:\windows\system32\hidserv.dll
2009-04-27 13:35 . 2004-08-04 06:07 59264 -c--a-w c:\windows\system32\dllcache\usbaudio.sys
2009-04-27 13:35 . 2004-08-04 06:07 59264 ----a-w c:\windows\system32\drivers\USBAUDIO.sys
2009-04-27 13:34 . 2004-08-04 06:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys
2009-04-27 13:34 . 2004-08-04 06:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
2009-04-14 08:51 . 2001-08-17 20:57 16128 -c--a-w c:\windows\system32\dllcache\modemcsa.sys
2009-04-14 08:51 . 2001-08-17 20:57 16128 ----a-w c:\windows\system32\drivers\MODEMCSA.sys
2009-04-14 08:51 . 2006-11-07 01:54 172032 ----a-r c:\windows\system32\Uci32114.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-03 22:15 . 2008-07-03 03:02 95216 ----a-w c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-02 14:49 . 2009-05-01 19:15 878 ----a-w c:\windows\Tasks\GoogleUpdateTaskMachine.job
2009-05-02 14:49 . 2008-07-03 02:54 6 ---ha-w c:\windows\Tasks\SA.DAT
2009-05-01 19:16 . 2008-07-26 23:31 -------- d-----w c:\program files\Common Files\Real
2009-05-01 10:43 . 2008-07-03 04:15 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-30 23:14 . 2008-07-26 21:27 -------- d-----w c:\program files\Yahoo!
2009-04-30 22:28 . 2008-07-26 23:30 -------- d-----w c:\program files\DivX
2009-04-30 22:27 . 2008-07-26 21:06 -------- d-----w c:\program files\CyberLink
2009-03-07 08:26 . 2009-03-07 08:26 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-03-06 14:44 . 2004-08-03 22:56 283648 ----a-w c:\windows\system32\pdh.dll
2009-03-03 17:42 . 2008-07-03 02:50 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-02-20 08:30 . 2004-08-03 22:56 659456 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:30 . 2004-08-03 22:56 81920 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 10:20 . 2004-08-03 22:56 399360 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:20 . 2004-08-03 22:56 723456 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:20 . 2004-08-03 22:56 616960 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:20 . 2004-08-03 22:56 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:19 . 2004-08-03 21:17 1846272 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:22 . 2004-08-03 21:20 2136064 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 17:14 . 2004-08-03 22:56 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 16:54 . 2001-08-23 15:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-06 16:49 . 2004-08-03 22:59 2015744 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-06 15:52 . 2009-02-06 15:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-05 01:50 . 2009-02-05 01:50 16376 ----a-w c:\windows\gdrv.sys
2009-02-03 20:08 . 2004-08-03 22:56 55808 ----a-w c:\windows\system32\secur32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-06 4347120]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-03 1177368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-03 148888]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-01 198160]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-09-22 53248]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-06-11 176128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-05 16380416]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 gupdate1c9ca913f2fd3dc;خدمة تحديث Google (gupdate1c9ca913f2fd3dc);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 133104]
R3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys [2007-07-11 714240]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\svcntaux.exe [2007-11-03 311112]
R3 WMP300Nv2;Linksys Wireless-N PCI Adapter WMP300Nv2 Service;c:\windows\system32\DRIVERS\WMP300Nv2.sys [2007-07-30 743424]
S0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-10-18 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-10-18 52224]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2008-12-03 96520]
S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-03-16 13696]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-03 902424]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-03 282904]
S2 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2008-12-03 75272]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29c09096-364c-11de-8fcd-00241d08c3bb}]
\Shell\AutoRun\command - F:\husyu8n.exe
\Shell\open\Command - F:\husyu8n.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bec789f6-b041-11dd-872b-806d6172696f}]
\Shell\AutoRun\command - E:\CDSetup.exe
.
Contents of the 'Scheduled Tasks' folder
2009-05-02 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 19:15]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe
HKLM-Run-Device Detector - DevDetect.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://paltalk.myway.com
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\g59qu2lz.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
.
------- File Associations -------
.
txtfile=c:\windows\notepad.exe %1
.
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1348)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSAR.DLL
c:\windows\system32\msi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\nvcpl.dll
c:\windows\system32\NVRSAR.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\nvapi.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
c:\windows\system32\igfxres.dll
c:\windows\system32\igfxress.dll
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\nvshell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\ACD Systems\EN\DevDetect.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\windows\system32\rundll32.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Common Files\PCSuite\Services\ServiceLayer.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\windows\system32\igfxsrvc.exe
C:\
.
**************************************************************************
.
Completion time: 2009-05-02 17:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-02 14:51
Pre-Run: 258,479,345,664 bytes free
Post-Run: 258,513,612,800 bytes free
269 --- E O F --- 2009-05-02 13:17
هذا التقرير
ComboFix 09-05-02.4 - User 05/02/2009 17:47.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.3326.2725 [GMT 3:00]
Running from: c:\documents and settings\User\Desktop\برنامج1.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated)
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\windows\IE4 Error Log.txt
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\olhrwef.exe
c:\windows\system32\x64
D:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2009-04-02 to 2009-05-02 )))))))))))))))))))))))))))))))
.
2009-05-03 22:26 . 2007-10-18 07:14 41288 ----a-w c:\windows\system32\drivers\ikfilesec.sys
2009-05-03 22:26 . 2009-05-03 00:30 74240 ----a-w c:\windows\system32\drivers\iksyssec.sys
2009-05-03 22:26 . 2007-10-18 07:16 29000 ----a-w c:\windows\system32\drivers\kcom.sys
2009-05-03 22:26 . 2009-05-03 00:30 56832 ----a-w c:\windows\system32\drivers\iksysflt.sys
2009-05-03 22:26 . 2009-05-01 01:02 -------- d-----w c:\program files\Spyware Doctor
2009-05-03 22:26 . 2009-05-03 22:26 -------- d-----w c:\documents and settings\User\Application Data\PC Tools
2009-05-03 22:26 . 2005-09-23 15:29 626688 ----a-w c:\windows\system32\msvcr80.dll
2009-05-03 22:13 . 2009-05-03 22:13 -------- d-----w c:\program files\Windows Live SkyDrive
2009-05-03 22:01 . 2009-05-01 18:54 -------- d-----w c:\program files\GVR
2009-05-03 21:53 . 2009-05-03 21:53 -------- d-----w c:\documents and settings\All Users\Application Data\nView_Profiles
2009-05-03 21:44 . 2009-05-03 21:44 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 21:44 . 2009-05-03 21:44 -------- d-----w c:\program files\Java
2009-05-03 21:38 . 2009-05-03 21:38 -------- d-s---w c:\documents and settings\User\UserData
2009-05-02 13:51 . 2009-05-02 14:24 -------- d-----w c:\windows\system32\CatRoot_bak
2009-05-02 13:48 . 2009-05-02 13:48 -------- d-----w c:\documents and settings\User\Application Data\CyberScrub
2009-05-02 13:47 . 2009-05-02 13:47 -------- d-----w c:\documents and settings\User\Application Data\cleaner
2009-05-02 12:04 . 2009-05-02 12:04 -------- d-----w c:\program files\cFosSpeed
2009-05-02 11:45 . 2009-02-06 17:22 2136064 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-02 11:45 . 2009-02-06 17:24 2180480 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-02 11:45 . 2009-02-06 16:49 2015744 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-02 11:45 . 2009-02-06 16:49 2057728 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-05-02 11:19 . 2008-06-13 13:10 272128 -c----w c:\windows\system32\dllcache\bthport.sys
2009-05-02 11:19 . 2008-06-13 13:10 272128 ------w c:\windows\system32\drivers\bthport.sys
2009-05-01 20:58 . 2008-10-24 11:10 453632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-05-01 20:08 . 2008-10-16 11:06 208744 ----a-w c:\windows\system32\muweb.dll
2009-05-01 20:08 . 2008-10-16 11:06 268648 ----a-w c:\windows\system32\mucltui.dll
2009-05-01 19:54 . 2009-05-01 20:25 -------- d-----w c:\documents and settings\User\Application Data\Paltalk
2009-05-01 19:54 . 2009-05-01 20:25 -------- d-----w c:\program files\Paltalk Messenger
2009-05-01 19:29 . 2009-05-01 19:29 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-01 19:17 . 2009-05-01 19:17 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Real
2009-05-01 19:17 . 2009-05-01 19:17 -------- d-----w c:\program files\Common Files\xing shared
2009-05-01 19:15 . 2009-05-01 19:15 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-01 19:15 . 2009-05-01 19:27 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Google
2009-05-01 19:15 . 2009-05-01 19:16 -------- d-----w c:\program files\Google
2009-05-01 19:08 . 2009-05-01 19:08 -------- d-----w c:\program files\Trend Micro
2009-05-01 18:47 . 2009-08-13 04:31 108169 --sh--r C:\husyu8n.exe
2009-05-01 18:16 . 2009-05-01 18:17 -------- d-----w c:\program files\Windows Live
2009-05-01 17:50 . 2009-05-01 17:50 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-01 15:09 . 2004-08-03 22:56 221184 ----a-w c:\windows\system32\wmpns.dll
2009-05-01 13:47 . 2009-05-01 13:47 -------- d-----w c:\documents and settings\User\Application Data\Ahead
2009-05-01 13:34 . 2009-05-01 13:34 -------- d-----w c:\windows\Sun
2009-05-01 13:19 . 2009-05-01 13:19 -------- d-----w c:\documents and settings\User\Application Data\Nokia
2009-05-01 13:00 . 2009-05-01 13:00 -------- d-----w c:\program files\DIFX
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Common Files\Nokia
2009-05-01 12:59 . 2009-05-01 13:00 -------- d-----w c:\documents and settings\User\Application Data\PC Suite
2009-05-01 12:59 . 2009-05-01 13:00 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Common Files\PCSuite
2009-05-01 12:59 . 2006-05-29 05:26 13312 ----a-w c:\windows\system32\drivers\nmwcdcm.sys
2009-05-01 12:59 . 2006-05-29 05:26 8704 ----a-w c:\windows\system32\drivers\nmwcdc.sys
2009-05-01 12:59 . 2006-05-29 05:26 30720 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-05-01 12:59 . 2006-05-29 05:26 127488 ----a-w c:\windows\system32\drivers\nmwcd.sys
2009-05-01 12:59 . 2006-05-29 05:26 4608 ----a-w c:\windows\system32\nmwcdlog.dll
2009-05-01 12:59 . 2006-05-29 05:26 50688 ----a-w c:\windows\system32\nmwcdcls.dll
2009-05-01 12:59 . 2009-05-01 12:59 -------- d-----w c:\program files\Nokia
2009-05-01 11:24 . 2009-05-01 14:47 -------- d-----w c:\program files\MSECACHE
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\windows\Album
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\program files\VideoCAM Trek
2009-05-01 10:43 . 2004-02-16 10:59 61440 ----a-w c:\windows\system32\csnpstd.dll
2009-05-01 10:43 . 2004-09-24 07:58 36864 ----a-w c:\windows\system32\vsnpstd.dll
2009-05-01 10:43 . 2005-06-20 18:27 390912 ----a-w c:\windows\system32\drivers\snpstd.sys
2009-05-01 10:43 . 2004-05-06 08:22 53248 ----a-w c:\windows\system32\dsnpstd.dll
2009-05-01 10:43 . 2005-04-15 03:20 98304 ----a-w c:\windows\system32\rsnpstd.dll
2009-05-01 10:43 . 2004-06-10 10:48 286720 ----a-w c:\windows\vsnpstd.exe
2009-05-01 10:43 . 2009-05-01 10:43 -------- d-----w c:\program files\Common Files\VCAMTrek
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\windows\system32\AGEIA
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\program files\AGEIA Technologies
2009-05-01 09:48 . 2009-05-01 09:48 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-01 09:46 . 2009-05-01 09:46 -------- d-----w c:\windows\nview
2009-05-01 09:46 . 2008-09-17 01:55 453152 ----a-r c:\windows\system32\nvuninst.exe
2009-05-01 09:46 . 2008-09-17 01:55 453152 ----a-w c:\windows\system32\nvudisp.exe
2009-05-01 09:45 . 2007-08-24 03:03 159744 ----a-r c:\windows\system32\igfxres.dll
2009-05-01 08:03 . 2009-05-01 08:03 0 ----a-w c:\windows\nsreg.dat
2009-05-01 08:03 . 2009-05-01 08:03 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Mozilla
2009-05-01 08:03 . 2009-05-01 08:03 -------- d-----w c:\documents and settings\User\Application Data\Avant Profiles
2009-05-01 08:03 . 2009-05-03 21:58 -------- d-----w c:\program files\Avant Browser
2009-05-01 01:40 . 2009-05-01 17:19 -------- d-----w c:\documents and settings\User\Contacts
2009-05-01 01:14 . 2009-05-01 01:39 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-05-01 01:14 . 2009-05-01 15:40 -------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-05-01 01:04 . 2009-05-02 13:17 -------- d--h--w c:\windows\$hf_mig$
2009-05-01 00:47 . 2009-05-02 14:46 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-30 23:29 . 2009-04-30 23:29 -------- d-----w c:\documents and settings\User\Local Settings\Application Data\Yahoo
2009-04-30 23:18 . 2009-04-30 23:18 -------- d-----w c:\documents and settings\User\Application Data\ACD Systems
2009-04-30 22:56 . 2009-05-01 18:19 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-30 22:55 . 2009-05-01 18:09 -------- d-----w c:\documents and settings\User\Tracing
2009-04-30 22:40 . 2009-05-02 14:46 -------- d--h--w C:\$AVG8.VAULT$
2009-04-30 22:24 . 2009-04-30 22:24 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-27 13:35 . 2004-08-04 07:56 21504 ----a-w c:\windows\system32\hidserv.dll
2009-04-27 13:35 . 2004-08-04 06:07 59264 -c--a-w c:\windows\system32\dllcache\usbaudio.sys
2009-04-27 13:35 . 2004-08-04 06:07 59264 ----a-w c:\windows\system32\drivers\USBAUDIO.sys
2009-04-27 13:34 . 2004-08-04 06:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys
2009-04-27 13:34 . 2004-08-04 06:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
2009-04-14 08:51 . 2001-08-17 20:57 16128 -c--a-w c:\windows\system32\dllcache\modemcsa.sys
2009-04-14 08:51 . 2001-08-17 20:57 16128 ----a-w c:\windows\system32\drivers\MODEMCSA.sys
2009-04-14 08:51 . 2006-11-07 01:54 172032 ----a-r c:\windows\system32\Uci32114.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-03 22:15 . 2008-07-03 03:02 95216 ----a-w c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-02 14:49 . 2009-05-01 19:15 878 ----a-w c:\windows\Tasks\GoogleUpdateTaskMachine.job
2009-05-02 14:49 . 2008-07-03 02:54 6 ---ha-w c:\windows\Tasks\SA.DAT
2009-05-01 19:16 . 2008-07-26 23:31 -------- d-----w c:\program files\Common Files\Real
2009-05-01 10:43 . 2008-07-03 04:15 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-30 23:14 . 2008-07-26 21:27 -------- d-----w c:\program files\Yahoo!
2009-04-30 22:28 . 2008-07-26 23:30 -------- d-----w c:\program files\DivX
2009-04-30 22:27 . 2008-07-26 21:06 -------- d-----w c:\program files\CyberLink
2009-03-07 08:26 . 2009-03-07 08:26 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-03-06 14:44 . 2004-08-03 22:56 283648 ----a-w c:\windows\system32\pdh.dll
2009-03-03 17:42 . 2008-07-03 02:50 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-02-20 08:30 . 2004-08-03 22:56 659456 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:30 . 2004-08-03 22:56 81920 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 10:20 . 2004-08-03 22:56 399360 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:20 . 2004-08-03 22:56 723456 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:20 . 2004-08-03 22:56 616960 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:20 . 2004-08-03 22:56 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:19 . 2004-08-03 21:17 1846272 ----a-w c:\windows\system32\win32k.sys
2009-02-06 17:22 . 2004-08-03 21:20 2136064 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 17:14 . 2004-08-03 22:56 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 16:54 . 2001-08-23 15:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-06 16:49 . 2004-08-03 22:59 2015744 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-06 15:52 . 2009-02-06 15:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-05 01:50 . 2009-02-05 01:50 16376 ----a-w c:\windows\gdrv.sys
2009-02-03 20:08 . 2004-08-03 22:56 55808 ----a-w c:\windows\system32\secur32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-06 4347120]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-03 1177368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-03 148888]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-01 198160]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-09-22 53248]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-06-11 176128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-05 16380416]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 gupdate1c9ca913f2fd3dc;خدمة تحديث Google (gupdate1c9ca913f2fd3dc);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 133104]
R3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys [2007-07-11 714240]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\svcntaux.exe [2007-11-03 311112]
R3 WMP300Nv2;Linksys Wireless-N PCI Adapter WMP300Nv2 Service;c:\windows\system32\DRIVERS\WMP300Nv2.sys [2007-07-30 743424]
S0 ViBus;ViBus;c:\windows\system32\DRIVERS\ViBus.sys [2007-10-18 16896]
S0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\DRIVERS\ViPrt.sys [2007-10-18 52224]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2008-12-03 96520]
S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2005-03-16 13696]
S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-03 902424]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-03 282904]
S2 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2008-12-03 75272]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29c09096-364c-11de-8fcd-00241d08c3bb}]
\Shell\AutoRun\command - F:\husyu8n.exe
\Shell\open\Command - F:\husyu8n.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bec789f6-b041-11dd-872b-806d6172696f}]
\Shell\AutoRun\command - E:\CDSetup.exe
.
Contents of the 'Scheduled Tasks' folder
2009-05-02 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-01 19:15]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe
HKLM-Run-Device Detector - DevDetect.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://paltalk.myway.com
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\g59qu2lz.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.
.
------- File Associations -------
.
txtfile=c:\windows\notepad.exe %1
.
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1348)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSAR.DLL
c:\windows\system32\msi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\nvcpl.dll
c:\windows\system32\NVRSAR.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\nvapi.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
c:\windows\system32\igfxres.dll
c:\windows\system32\igfxress.dll
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\nvshell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\ACD Systems\EN\DevDetect.exe
c:\windows\system32\rundll32.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\windows\system32\rundll32.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Common Files\PCSuite\Services\ServiceLayer.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\windows\system32\igfxsrvc.exe
C:\
.
**************************************************************************
.
Completion time: 2009-05-02 17:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-02 14:51
Pre-Run: 258,479,345,664 bytes free
Post-Run: 258,513,612,800 bytes free
269 --- E O F --- 2009-05-02 13:17
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
بالآآنتظآآر ,,
Scan
----
Scanned: 322723
Detected: 116
Untreated: 0
Start time: 08/05/1430 05:57:57 م
Duration: 00:35:41
Finish time: 08/05/1430 06:33:38 م
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\husyu8n.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\Qoobox\Quarantine\C\WINDOWS\system32\nmdfgds0.dll.vir
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\Qoobox\Quarantine\C\WINDOWS\system32\nmdfgds1.dll.vir
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\Qoobox\Quarantine\C\WINDOWS\system32\olhrwef.exe.vir
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0011353.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0011354.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0011362.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0011363.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012362.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012363.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012371.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012372.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012385.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012422.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012425.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012713.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0013420.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0013421.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP38\A0013429.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP39\A0013446.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013561.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013700.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013701.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013713.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013715.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP41\A0013737.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP42\A0013745.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0013750.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0013767.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0013768.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0014767.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0014770.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0015768.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0015790.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP44\A0015800.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP45\A0015833.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP46\A0015906.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP47\A0015961.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP47\A0015965.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP48\A0016023.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP49\A0016049.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP49\A0016064.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP49\A0016076.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP50\A0016135.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP51\A0016187.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP52\A0016191.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP53\A0016373.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP54\A0016378.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016546.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016628.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016629.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016637.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016639.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016713.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016715.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0017111.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0017113.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0018111.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0018114.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP57\A0018188.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP57\A0018194.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP58\A0018208.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP59\A0018214.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018456.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018460.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018535.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018537.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0019535.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0019537.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020535.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020538.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azza File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020558.dll
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020559.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: C:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020633.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\husyu8n.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0011365.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012365.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP36\A0012374.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012387.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0012427.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP37\A0013423.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP38\A0013432.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP39\A0013448.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013563.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013703.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP40\A0013717.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP41\A0013738.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP42\A0013747.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0013752.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP43\A0013770.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP44\A0015802.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP45\A0015835.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP46\A0015908.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP47\A0015967.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP48\A0016025.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP49\A0016051.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP49\A0016078.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP50\A0016137.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP51\A0016189.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP52\A0016193.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP53\A0016375.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP54\A0016380.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016548.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016631.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016641.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0016717.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0017115.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP56\A0018116.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP57\A0018196.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP58\A0018210.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP59\A0018216.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018462.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0018539.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0019539.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020540.exe
deleted: Trojan program Trojan-GameThief.Win32.Magania.azbl File: D:\System Volume Information\_restore{14D6CEE7-E0AB-41BE-B78C-2F2ACC64E831}\RP60\A0020635.exe
Events
------
Time Name Status Reason
---- ---- ------ ------
08/05/1430 05:58:02 م Running module: smss.exe\smss.exe ok scanned
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Disinfect, delete if disinfection fails
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
باقي نفس المشكله بالنسبه للماسنجر التاسع
على العموم أختي
طبقي هذه الحلول بالترتيب
أول شي >> احذفي الماسنجر بهذا البرنامج
وبعد الحذف شوفي هذا الموضوع ويوجد أخر شي ملف اسمه الريجستري قومي بأتباع الشرح واحذفي منه
وبعد التطبيق عطيني الأصدار اللي تبينه وانا راح اجيبه لكي
بالآآنتظآآر ,,
طبقي هذه الحلول بالترتيب
أول شي >> احذفي الماسنجر بهذا البرنامج
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وبعد الحذف شوفي هذا الموضوع ويوجد أخر شي ملف اسمه الريجستري قومي بأتباع الشرح واحذفي منه
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وبعد التطبيق عطيني الأصدار اللي تبينه وانا راح اجيبه لكي
بالآآنتظآآر ,,
توقيع : أعتز بك
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
الاصدار الثامن لانه كل ماثبتت التاسع مايشتغل
اوك الثامن شغال او في مشاكل ؟؟
واذا كان تبي التاسع اعمل مثل ما قلت لكي في الرد السابق
بالتوفيق اختي
توقيع : أعتز بك
لـــيالـــي
زيزوومي جديد
- إنضم
- 1 مايو 2009
- المشاركات
- 39
- مستوى التفاعل
- 0
- النقاط
- 40
غير متصل
مشكور ياخوي الحين اشتغل معي الاصدار التاسع
يعطيك الف عافية اتعبتك معي
بارك الله فيك
- الحالة