جاني فيروس TR/Crypt.XPACK.Gen اش الحل

♫►Caramilla►♫

زيزوومي جديد
إنضم
4 يوليو 2009
المشاركات
808
مستوى التفاعل
0
النقاط
0
غير متصل
السلام عليكم ورحمة الله وبركاته

باختصار شديد الافيرا حذر من الفايروس انا سويت قبول بعدين حذر مرة ثانية سّويت مسح المهم الفايروس انمسح لكن الى الان والافيرا قاعد يقول ايش تبغى تسوي بالفايروس TR/Crypt.XPACK.Gen اعمله ديليت ويرجع وديليت ويرجع ...
 

توقيع : ♫►Caramilla►♫
ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : البارون
تأييد 0
هذا هو التقرير اتمنى انكم تفيدوني :



ComboFix 09-07-03.03 - Alaameri 07/04/2009 20:25.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.447.192 [GMT 3:00]
Running from: c:\documents and settings\Alaameri\سطح المكتب\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira Firewall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\sce.exe
c:\windows\Installer\16ce6ac.msi

.
((((((((((((((((((((((((( Files Created from 2009-06-04 to 2009-07-04 )))))))))))))))))))))))))))))))
.

2009-07-04 16:49 . 2009-07-04 16:49 212992 ----a-w- c:\windows\system32\SemaUninstall.exe
2009-07-04 16:48 . 2009-07-04 16:48 -------- d-----w- c:\windows\Lhsp
2009-07-04 16:46 . 2009-07-04 17:11 -------- d-----w- c:\program files\Semanoor
2009-07-02 17:43 . 1997-07-28 11:41 315904 ----a-w- c:\windows\system32\glu.dll
2009-07-02 17:43 . 1997-07-28 11:41 1213440 ----a-w- c:\windows\system32\opengl.dll
2009-07-02 17:43 . 2009-07-02 17:43 -------- d-----w- C:\OGLSDK
2009-07-02 17:42 . 1996-11-05 13:13 299008 ----a-w- c:\windows\uninst.exe
2009-07-02 17:42 . 2009-07-02 17:42 -------- d-----w- c:\documents and settings\Alaameri\WINDOWS
2009-07-02 16:00 . 2006-08-11 19:42 208896 ----a-w- c:\windows\system32\nvudisp.exe
2009-07-02 16:00 . 2006-08-16 14:55 208896 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-07-02 12:43 . 2009-07-02 12:43 -------- d-----w- c:\documents and settings\Alaameri\Application Data\Pointstone
2009-07-01 23:35 . 2009-07-01 23:35 -------- d-----w- c:\program files\Pointstone
2009-07-01 23:35 . 2009-07-01 23:35 -------- d-----w- c:\program files\Common Files\Pointstone
2009-07-01 16:17 . 2009-07-01 16:17 390664 ----a-w- c:\documents and settings\Alaameri\Application Data\Real\RealPlayer\setup\AU_setup.exe
2009-06-28 05:50 . 2009-06-28 05:50 -------- d-----w- C:\Hotspot Shield
2009-06-26 18:59 . 2009-06-26 18:59 -------- d-----w- c:\program files\IObit
2009-06-24 06:12 . 2009-06-28 05:50 -------- d-----w- c:\program files\Hotspot Shield
2009-06-24 04:54 . 2009-06-24 04:54 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-23 08:10 . 2009-06-23 08:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-23 08:10 . 2007-12-24 10:47 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-06-23 08:10 . 2007-11-29 09:52 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-06-23 08:10 . 2009-06-23 08:10 -------- d-----w- c:\program files\ffdshow
2009-06-23 08:10 . 2007-02-05 09:00 761856 ----a-w- c:\windows\system32\xvidcore.dll
2009-06-23 08:10 . 2007-02-05 09:00 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2009-06-23 08:10 . 2007-02-05 09:00 135168 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-23 07:56 . 2009-06-23 07:57 -------- d-----w- c:\program files\AVI to 3GP
2009-06-21 21:34 . 2009-06-21 21:34 -------- d-----w- c:\documents and settings\Alaameri\Application Data\vlc
2009-06-21 21:07 . 2009-06-21 21:07 131072 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{68DB5366-1481-4277-B3A9-DA63A279DB29}\NewShortcut11_68DB536614814277B3A9DA63A279DB29.exe
2009-06-20 20:41 . 2009-06-20 20:41 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-06-20 20:32 . 2009-06-27 18:00 -------- d-----w- c:\program files\CyberLink
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
2009-06-18 23:39 . 2009-06-18 23:39 25214 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{CC016F21-3970-11DE-B878-005056806466}\ARPPRODUCTICON.exe
2009-06-18 23:03 . 2009-06-18 23:03 7680 ----a-w- c:\documents and settings\Alaameri\Application Data\Thinstall\Driver Genius Professional Edition\4000005100002i\Liveupdate.exe
2009-06-18 23:03 . 2009-06-21 07:24 -------- d-----w- c:\documents and settings\Alaameri\Application Data\Thinstall
2009-06-18 23:03 . 2009-06-18 23:03 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Thinstall
2009-06-18 18:40 . 2009-06-18 18:40 0 ----a-w- c:\windows\system32\cd.dat
2009-06-18 16:50 . 2009-06-18 16:50 -------- d-----w- c:\documents and settings\Alaameri\Application Data\AdobeUM
2009-06-18 16:50 . 2009-06-18 16:50 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Adobe
2009-06-18 16:49 . 2009-06-18 16:49 -------- d-----w- c:\windows\Cache
2009-06-17 19:59 . 2009-06-17 19:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-06-17 19:59 . 2009-06-18 23:39 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Google
2009-06-17 19:59 . 2009-06-18 23:39 -------- d-----w- c:\program files\Google
2009-06-17 19:16 . 2009-06-17 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-17 18:23 . 2009-06-19 01:56 -------- d-----w- c:\program files\Circle Devlopement
2009-06-17 18:22 . 2009-07-04 16:51 -------- d-----w- c:\documents and settings\Alaameri\Tracing
2009-06-17 18:20 . 2009-06-17 18:20 -------- d-----w- c:\program files\Microsoft
2009-06-17 18:20 . 2009-06-17 18:20 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-17 18:04 . 2009-06-17 18:04 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-17 17:04 . 2009-06-17 17:33 -------- d-----w- C:\VAIO
2009-06-16 21:47 . 2009-06-16 21:47 -------- d-----w- c:\program files\Kristanix
2009-06-16 19:53 . 2009-06-16 19:53 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Help
2009-06-16 17:58 . 2009-06-16 20:08 -------- d-----w- c:\windows\system32\Adobe
2009-06-16 16:26 . 2004-08-03 21:56 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-06-16 16:25 . 2001-08-17 10:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2009-06-16 16:25 . 2001-09-18 11:05 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-06-16 16:25 . 2001-09-18 11:05 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2009-06-16 16:25 . 2001-08-17 10:28 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2009-06-16 16:25 . 2004-08-03 21:45 31872 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2009-06-16 16:25 . 2004-08-03 19:29 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2009-06-16 16:25 . 2001-08-17 09:10 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2009-06-16 16:11 . 2004-08-03 21:44 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2009-06-16 16:10 . 2001-08-17 09:51 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2009-06-16 16:09 . 2004-08-03 19:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2009-06-16 16:08 . 2001-09-18 11:04 43520 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll
2009-06-16 16:07 . 2001-08-17 11:00 2944 -c--a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-06-16 16:06 . 2001-08-17 19:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-06-16 16:05 . 2004-08-03 19:41 1041536 -c--a-w- c:\windows\system32\dllcache\hsfdpsp2.sys
2009-06-16 16:04 . 2004-08-03 19:31 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2009-06-16 16:03 . 2004-08-03 21:55 250880 -c--a-w- c:\windows\system32\dllcache\ctmasetp.dll
2009-06-16 16:02 . 2001-09-18 11:03 87552 -c--a-w- c:\windows\system32\dllcache\avmcoxp.dll
2009-06-16 16:01 . 2001-08-17 10:53 7424 -c--a-w- c:\windows\system32\dllcache\adicvls.sys
2009-06-14 21:19 . 2009-06-14 21:19 -------- d-----w- c:\windows\snaps
2009-06-14 21:19 . 2009-06-14 21:19 -------- d-----w- c:\windows\sav
2009-06-14 21:19 . 2009-06-14 21:19 -------- d-----w- c:\windows\gameinfo
2009-06-14 21:19 . 2009-06-14 21:19 -------- d-----w- c:\windows\fcs
2009-06-14 21:19 . 2009-06-14 21:19 -------- d-----w- c:\windows\cheats
2009-06-14 21:17 . 2004-08-27 21:13 629760 ----a-w- c:\windows\Nes.exe
2009-06-14 20:09 . 2009-06-14 20:13 -------- d-----w- c:\program files\Bosco
2009-06-14 17:42 . 2009-06-14 17:43 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-14 17:42 . 2009-06-20 20:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 17:30 . 2009-06-14 17:30 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-14 11:09 . 2009-06-14 11:09 -------- d-----w- c:\program files\SystemRequirementsLab
2009-06-14 11:09 . 2009-06-14 11:13 -------- d-----w- c:\documents and settings\Alaameri\Application Data\SystemRequirementsLab
2009-06-14 11:09 . 2009-06-14 11:09 207872 ----a-w- c:\documents and settings\Alaameri\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll
2009-06-14 11:09 . 2009-06-14 11:09 207872 ----a-w- c:\documents and settings\Alaameri\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll
2009-06-14 11:09 . 2009-06-14 11:09 207872 ----a-w- c:\documents and settings\Alaameri\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll
2009-06-14 11:09 . 2009-06-14 11:09 207872 ----a-w- c:\documents and settings\Alaameri\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll
2009-06-14 11:09 . 2009-06-14 11:09 -------- d-----w- c:\windows\Sun
2009-06-14 10:35 . 2009-06-14 10:35 0 ----a-w- c:\windows\nsreg.dat
2009-06-14 10:34 . 2009-06-14 10:34 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Mozilla
2009-06-14 09:01 . 2009-06-17 18:23 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-14 08:59 . 2009-06-17 18:20 -------- d-----w- c:\program files\Windows Live
2009-06-13 19:04 . 2009-06-13 19:04 -------- d-----w- c:\program files\Java
2009-06-13 19:00 . 2009-06-13 19:00 -------- d-----w- c:\program files\Common Files\Java
2009-06-13 18:09 . 2009-06-21 19:44 -------- d-----w- c:\program files\Multi Theft Auto
2009-06-13 18:00 . 2009-06-13 18:00 -------- d-----w- c:\program files\uTorrent
2009-06-13 16:25 . 2009-07-04 16:51 45232 ----a-w- c:\documents and settings\Alaameri\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-13 13:56 . 2009-06-13 13:56 120240 ----a-w- c:\documents and settings\Alaameri\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2009-06-10 19:09 . 2009-06-10 19:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-06-09 21:11 . 2009-06-09 21:11 -------- d-----w- c:\documents and settings\Alaameri\Application Data\Screaming Bee
2009-06-09 21:11 . 2009-06-09 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Screaming Bee
2009-06-09 21:09 . 2009-06-09 21:09 -------- d-----w- c:\program files\Screaming Bee
2009-06-09 21:09 . 2009-06-09 21:09 -------- d-----w- c:\program files\Common Files\Screaming Bee
2009-06-09 18:16 . 2009-06-09 18:16 -------- d-----w- c:\documents and settings\Alaameri\Application Data\Avira
2009-06-09 18:11 . 2009-06-13 18:07 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-06-09 18:11 . 2009-06-13 18:07 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-09 18:11 . 2009-06-13 18:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-09 18:11 . 2009-02-24 09:06 69632 ----a-w- c:\windows\system32\drivers\avfwim.sys
2009-06-09 18:11 . 2009-02-13 08:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-09 18:11 . 2009-02-13 08:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-09 18:11 . 2009-06-09 18:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-09 18:11 . 2009-06-09 18:11 -------- d-----w- c:\program files\Avira
2009-06-09 17:48 . 2009-07-02 12:43 -------- d-----w- c:\documents and settings\Alaameri\Application Data\uTorrent
2009-06-09 10:15 . 2009-06-13 11:25 -------- d-----w- c:\documents and settings\Alaameri\Application Data\TeraCopy
2009-06-09 10:14 . 2009-06-09 10:14 -------- d-----w- c:\program files\CCleaner
2009-06-09 10:13 . 2009-06-09 10:13 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-09 10:13 . 2009-06-20 20:32 505392 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-09 10:13 . 2009-06-09 10:13 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-09 10:13 . 2009-06-09 10:13 -------- d-----w- c:\program files\Common Files\Real
2009-06-09 10:13 . 2009-06-09 10:13 -------- d-----w- c:\program files\Real
2009-06-09 09:57 . 2009-06-09 09:57 -------- d-----w- c:\documents and settings\Alaameri\Local Settings\Application Data\Microsoft Help

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-04 17:27 . 2009-06-09 09:48 -------- d-----w- c:\documents and settings\Alaameri\Application Data\DMCache
2009-07-04 14:18 . 2009-06-21 20:00 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-06-29 05:55 . 2009-06-29 05:55 15841724 ---ha-w- c:\program files\raspudem.rar
2009-06-21 21:07 . 2009-06-21 21:07 131072 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{68DB5366-1481-4277-B3A9-DA63A279DB29}\NewShortcut1_68DB536614814277B3A9DA63A279DB29.exe
2009-06-21 21:07 . 2009-06-21 21:07 131072 ----a-r- c:\documents and settings\Alaameri\Application Data\Microsoft\Installer\{68DB5366-1481-4277-B3A9-DA63A279DB29}\ARPPRODUCTICON.exe
2009-06-21 21:07 . 2009-06-21 21:07 -------- d-----w- c:\program files\Neoretix
2009-06-21 20:00 . 2009-06-21 19:37 172032 ------w- c:\windows\Setup1.exe
2009-06-21 20:00 . 2009-06-21 19:37 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-21 07:26 . 2009-06-21 07:20 -------- d-----w- c:\program files\GoodOk YouTube FLV to AVI 3GP MP4 WMV ASF Converter
2009-06-21 07:25 . 2009-06-21 07:25 17408 ----a-w- c:\documents and settings\Alaameri\Application Data\Thinstall\Total Video Converter 3.11 070908\1000000fe00002i\explorer.exe
2009-06-21 07:24 . 2009-06-21 07:24 17408 ----a-w- c:\documents and settings\Alaameri\Application Data\Thinstall\Total Video Converter 3.11 070908\1000000600002i\regsvr32.exe
2009-06-21 07:21 . 2009-06-21 07:17 -------- d-----w- c:\documents and settings\Alaameri\Application Data\GetRightToGo
2009-06-21 07:20 . 2009-06-21 07:20 34 ---ha-w- c:\windows\system32\VideoConverter_sysquict.dat
2009-06-21 06:23 . 2009-06-09 09:48 -------- d-----w- c:\documents and settings\Alaameri\Application Data\IDM
2009-06-18 22:53 . 2001-09-19 12:00 58586 ----a-w- c:\windows\system32\perfc001.dat
2009-06-18 22:53 . 2001-09-19 12:00 328222 ----a-w- c:\windows\system32\perfh001.dat
2009-06-09 09:48 . 2009-06-09 09:48 2232 ----a-w- c:\windows\java\Packages\Data\DFLVFJ5F.DAT
2009-06-09 09:48 . 2009-06-09 09:48 155995 ----a-w- c:\windows\java\Packages\IZRZDB33.ZIP
2009-06-09 09:48 . 2009-06-09 09:48 2678 ----a-w- c:\windows\java\Packages\Data\UB1BFP7B.DAT
2009-06-09 09:48 . 2009-06-09 09:48 2678 ----a-w- c:\windows\java\Packages\Data\5B1B9BHN.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-06-24 06:12 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-09-16 2607616]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-09 185872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2009-04-15 53248]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2009-04-15 176128]
"SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2005-06-06 544768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-14 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\VModes.exe"=
"c:\\WINDOWS\\system32\\S3trayp.exe"=
"c:\\WINDOWS\\system32\\VTTimer.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [09/06/2009 09:11 م 97608]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [09/06/2009 09:11 م 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [09/06/2009 09:11 م 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [09/06/2009 09:11 م 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [09/06/2009 09:11 م 434945]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [01/06/2009 09:13 م 331312]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [09/06/2009 09:11 م 69632]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [06/06/2009 06:30 م 332928]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [06/06/2009 05:13 م 709632]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26/09/2006 11:21 م 21920]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [06/06/2009 05:12 م 208384]
S2 gupdate1c9f06c5abd2810;خدمة تحديث Google (gupdate1c9f06c5abd2810);c:\program files\Google\Update\GoogleUpdate.exe [19/06/2009 02:26 ص 133104]
S3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\gdgoi.sys --> c:\windows\system32\drivers\gdgoi.sys [?]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [01/06/2009 09:58 م 34352]
.
Contents of the 'Scheduled Tasks' folder

2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 23:27]

2009-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 23:27]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Windows API Control Center - winsystem.exe
Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 10.0.0.1:5555
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Alaameri\Application Data\Mozilla\Firefox\Profiles\aidaq1zw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - component: c:\documents and settings\Alaameri\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-07-04 20:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1580)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-07-04 20:28
ComboFix-quarantined-files.txt 2009-07-04 17:28

Pre-Run: 35,168,817,152 bytes free
Post-Run: 35,175,706,624 bytes free

269
 
توقيع : ♫►Caramilla►♫
تأييد 0
بعد أذن اخوي البارون

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : shaded
تأييد 0
وهذا التقرييير الثاني :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:47:49 م, on 04/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Bosco\slave.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:5555
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: خدمة تحديث Google (gupdate1c9f06c5abd2810) (gupdate1c9f06c5abd2810) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: Bosco - Module Esclave (slave) - Unknown owner - C:\Program Files\Bosco\slave.exe

--
End of file - 5955 bytes
 
توقيع : ♫►Caramilla►♫
تأييد 0
اعطيني صورة من مدير المهام اضغط alt + ctrl+ del وبعدين صورة لمدير العمليات
 
توقيع : البارون
تأييد 0
والله خوفتني المهم هذي الصورة الاولى لمدير العمليات بادارة المهام:


2monxfgbiygui2zhlrdz.jpg


وهذي الثانية لمدير العمليات بادارة المهام :


q1zqzz11eg2yrmtktnt3.jpg



 
توقيع : ♫►Caramilla►♫
تأييد 0
من بعد اذن الاخوان

اخوي اعمل الاتي


يرجى تحميل هذا الملف

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


بعد تشغيله ستظهر رساله نضغط موافق , ثم نعيد تشغيل الجهاز

وشوف بعدين تطلع الرساله ولا لا .. ؟؟
 
توقيع : KoNaMi
تأييد 0
طيب لحظة شوي احمل ملف الحين ما اقدر اعيد التشغيل بعد 15 ساعة واشغل الملف
 
توقيع : ♫►Caramilla►♫
تأييد 0
Konami تم اضافة ملفات التسجيل للمحرر لكن بعد التشغيل لم تظهر اي رسالة
 
توقيع : ♫►Caramilla►♫
تأييد 0
طيب اخوي هات تقرير جديد للهاجيك
 
توقيع : KoNaMi
تأييد 0
هذا تقرير الهايجاك لـKonami :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:14 م, on 04/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Bosco\slave.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:5555
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: خدمة تحديث Google (gupdate1c9f06c5abd2810) (gupdate1c9f06c5abd2810) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe (file missing)
O23 - Service: Bosco - Module Esclave (slave) - Unknown owner - C:\Program Files\Bosco\slave.exe

--
End of file - 5955 bytes
 
توقيع : ♫►Caramilla►♫
تأييد 0
روحي >> ابداء >>> بحث >>> Bosco البحث يكون موسع ويشمل ملفات النظام المخفية

اي شيء تلقينه بهذا الاسم احذفيه
 
توقيع : البارون
تأييد 0
وهذي العمليات للبارون :

الصورة الاولى للعمليات :


lmvmy3oyyxwgjzeimmmm.jpg



الصورة الثانية للعمليات :

xn0jnmnv2mithrlmgu0o.jpg

 
توقيع : ♫►Caramilla►♫
تأييد 0
انا كان عندي مثبت برنامج Bosco انا بيدي ثبته ليه مضر صراحة من زمان بجهازي ما خرب الجهاز المهم انا حذفته يعني راح الفايروس ؟!
 
توقيع : ♫►Caramilla►♫
تأييد 0
برنامج اختراق عن طريق الايبي المهم انا حذفته الحين يعني راح الفيروس المهم انا راح اسوي سكان ببرنامج افيرا وبرجع باي
 
توقيع : ♫►Caramilla►♫
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي





شوف المحدد بالاسود اضغط عليه وبعدين kill the process
 
توقيع : البارون
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى