اخوااني انا يوم اثبت الكاسبر سكاي يظهر لي تقرير بالمفكره وبعد يوم اشغل كراك

ج

جوهر المحبه2008

زيزوومي جديد
إنضم
28 ديسمبر 2008
المشاركات
19
مستوى التفاعل
0
النقاط
20
الإقامة
الامارات
غير متصل
سلام عليكم

اشحالكم

عساكم يخيير وعاافيه

اخوااني انا يوم اثبت الكاسبر سكاي

يظهر لي تقرير بالمفكره وبعد يوم اشغل كراك

ارجوو المساعده

اخوكم محمد
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
الرجاء توضيح مشكلتك قليلا
لاني لم افهم شيئا منك
 
توقيع : simulator
تأييد 0
تم تعديل العنوان .. ونقل الموضوع لقسمه الانسب
 
توقيع : KoNaMi
تأييد 0
اخوي يعني الحين انت ثبت الكاسبر صح

تثبته بعدبن تشغيل من ابدا من هناك يوم اشغله تظهر لي المفكره تقرير
 
تأييد 0
بالعربي في فاللاب فيروسات تتعرض للتثبيت

وها تقرير

BitDefender QuickScan Beta 32-bit v0.9.9.5
------------------------------------------
Scan date: Tue Jun 01 23:25:26 2010
Machine ID: 48A98CD5
Process svchost.com (1108) - Trojan.Generic.2591950

Found 7 infected files!
-------------------------
D:\autorun.inf - Trojan.Autorun.AKY
C:\WINDOWS\system32\fdisk.com - Trojan.Generic.2591950
F:\autorun.inf - Trojan.Autorun.AKY
C:\Documents and Settings\الهواوي\Templates\cache\SFCsrvc.pif - Trojan.Generic.2591950
C:\Documents and Settings\الهواوي\Local Settings\Temp\svchost.com - Trojan.Generic.2591950
C:\autorun.inf - Trojan.Autorun.AKY
E:\autorun.inf - Trojan.Autorun.AKY

Processes
---------
<unsigned> Generic Host Process for Win32 Services 1108 C:\Documents and Settings\الهواوي\Local Settings\Temp\svchost.com
<unsigned> Hewlett-Packard hpotdd01 364 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
<unsigned> hp digital imaging - hp all-in-one seri 2284 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
<unsigned> hp digital imaging - hp all-in-one seri 408 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
<unsigned> hp digital imaging - hp all-in-one seri 2540 C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
<unsigned> MessengerDiscovery 2 3052 C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> SMax4PNP Application 380 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
<unsigned> SoundMAX Control Panel 1072 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
<unsigned> SoundMAX service agent 248 C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
<verified> Google Update 464 C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
<verified> Google Update 2016 C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
<verified> HP PML 3740 C:\WINDOWS\system32\HPZipm12.exe
<verified> hsssrv.exe 1728 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
<verified> hsswd.exe 2040 C:\Program Files\Hotspot Shield\bin\hsswd.exe
<verified> Microsoft® Windows® Operating System 1908 C:\WINDOWS\explorer.exe
<verified> Microsoft® Windows® Operating System 1568 C:\WINDOWS\System32\alg.exe
<verified> Microsoft® Windows® Operating System 1272 C:\WINDOWS\system32\csrss.exe
<verified> Microsoft® Windows® Operating System 2004 C:\WINDOWS\system32\ctfmon.exe
<verified> Microsoft® Windows® Operating System 1632 C:\WINDOWS\system32\lsass.exe
<verified> Microsoft® Windows® Operating System 1620 C:\WINDOWS\system32\services.exe
<verified> Microsoft® Windows® Operating System 632 C:\WINDOWS\System32\smss.exe
<verified> Microsoft® Windows® Operating System 840 C:\WINDOWS\system32\spoolsv.exe
<verified> Microsoft® Windows® Operating System 180 C:\WINDOWS\System32\svchost.exe
<verified> Microsoft® Windows® Operating System 220 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 356 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 448 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1652 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1872 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1952 C:\WINDOWS\system32\svchost.exe
<verified> Microsoft® Windows® Operating System 1536 C:\WINDOWS\system32\winlogon.exe
<verified> Microsoft® Windows® Operating System 120 C:\WINDOWS\system32\wscntfy.exe
<verified> Microsoft® Windows® Operating System 776 C:\WINDOWS\system32\wuauclt.exe
<verified> openvpnas.exe 1840 C:\Program Files\Hotspot Shield\bin\openvpnas.exe
<verified> TuneUp Utilities 1124 C:\WINDOWS\System32\TUProgSt.exe
<verified> Windows Live Communications Platform 1744 C:\Program Files\Windows Live\Contacts\wlcomm.exe
<verified> Windows Live Messenger 1168 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verified> Windows Live Toolbar 2492 C:\Program Files\Windows Live\Toolbar\wltuser.exe
<verified> Windows® Internet Explorer 2316 C:\Program Files\Internet Explorer\iexplore.exe

Network activity
----------------
Process iexplore.exe (2316) connected on port 80 (HTTP) - 87.248.217.253
Process iexplore.exe (2316) connected on port 80 (HTTP) - 92.122.5.115
Process iexplore.exe (2316) connected on port 80 (HTTP) - 92.123.156.20
Process iexplore.exe (2316) connected on port 80 (HTTP) - 66.235.143.121
Process iexplore.exe (2316) connected on port 80 (HTTP) - 91.199.104.31
Process iexplore.exe (2316) connected on port 80 (HTTP) - 91.199.104.31
Process iexplore.exe (2316) connected on port 80 (HTTP) - 74.125.79.102
Process iexplore.exe (2316) connected on port 80 (HTTP) - 66.220.145.35
Process MessengerDiscovery 2.exe (3052) connected on port 1863 (MSN) - by2msg1020717.gateway.edge.messenger.live.com
Process svchost.exe (1952) listens on ports: 135 (RPC)

Autoruns and critical files
---------------------------
<unsigned> FRU-Client Application C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
<unsigned> Generic Host Process for Win32 Services C:\Documents and Settings\الهواوي\Local Settings\Temp\svchost.com
<unsigned> Generic Host Process for Win32 Services C:\Documents and Settings\الهواوي\Templates\cache\SFCsrvc.pif
<unsigned> Generic Host Process for Win32 Services C:\WINDOWS\system32\fdisk.com
<unsigned> hp digital imaging - hp all-in-one seri C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqwrg.exe
<unsigned> SMax4PNP Application C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
<unsigned> SoundMAX Control Panel C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
<verified> Google Update C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\BROWSEUI.DLL
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\CRYPT32.DLL
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\CRYPTNET.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.DLL
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\SHELL32.DLL
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\STOBJECT.DLL
<verified> Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\WLNOTIFY.DLL
<verified> TuneUp Utilities C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
<verified> Watson Subscriber for SENS Network Noti C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
<verified> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verified> Windows® Internet Explorer C:\WINDOWS\System32\WEBCHECK.DLL

Browser plugins
---------------
<unsigned> FFExternalAlert.dll C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\FFExternalAlert.dll
<unsigned> RadioWMPCore.dll C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\RadioWMPCore.dll
<verified> Adobe® Flash® Player ActiveX C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
<verified> BitDefender QuickScan C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
<verified> BitDefender QuickScan C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
<verified> BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.ocx
<verified> Conduit Toolbar C:\Program Files\Hotspot_Shield\tbHot1.dll
<verified> getPlusPlus for Adobe 16260 C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
<verified> getPlusPlus for Adobe 16260 C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
<verified> HPDEXAXO C:\WINDOWS\Downloaded Program Files\HPDEXAXO.dll
<verified> HssIE.dll C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
<verified> Internet Download Manager Module C:\Documents and Settings\ƒT8fƒfn\LOCALS~1\Temp\RarSFX0\IDMIECC.dll
<verified> Messenger C:\Program Files\Messenger\msmsgs.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\MSWSOCK.DLL
<verified> Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
<verified> Microsoft® Windows® Operating System C:\WINDOWS\System32\WINRNR.DLL
<verified> Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
<verified> Windows Genuine Advantage C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
<verified> Windows Live Toolbar C:\Program Files\Windows Live\Toolbar\WLTCORE.DLL
<verified> Windows Live® Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
<verified> Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
<verified> Windows® Internet Explorer C:\WINDOWS\System32\IEFRAME.DLL

Missing files
-------------
File not found: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
referenced in: HLKM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450\"Path"
File not found: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
referenced in: HLKM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448\"Path"
File not found: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
referenced in: HLKM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448\"Path"

Scan
----
<unsigned> MD5: ebebdbf1df7621623bbc5af82b533542 C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\FFExternalAlert.dll
<unsigned> MD5: 696f6787818300362f15485d654f6887 C:\Documents and Settings\الهواوي\Application Data\Mozilla\Firefox\Profiles/cwkuvhb8.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\components\RadioWMPCore.dll
<unsigned> MD5: 55bc904db619eae2f89fb4a780dad65b C:\Documents and Settings\الهواوي\Local Settings\Temp\svchost.com
<unsigned> MD5: 55bc904db619eae2f89fb4a780dad65b C:\Documents and Settings\الهواوي\Templates\cache\SFCsrvc.pif
<unsigned> MD5: 3978f082274f723ad5a0a8058c2417dd C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
<unsigned> MD5: 38818b6e7e273c45e1a419661f164b72 C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
<unsigned> MD5: 50efc94102fa43a2a744371be4443709 C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
<unsigned> MD5: d76410c91b9e1129b8e679329e3f5dc4 C:\Program Files\Analog Devices\SoundMAX\SMWDMIF.DLL
<unsigned> MD5: d6d606effadebdf98202be3ec251bbb7 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpocxi08.dll
<unsigned> MD5: 75d20a469f1b3428167babab975357ee C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodio08.dll
<unsigned> MD5: ac52b1f37e39e7850581253c26a138b7 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodvb08.dll
<unsigned> MD5: 547b75e566792651a313956c299cf9c4 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpodvd08.dll
<unsigned> MD5: 169ff08d55e4477d28128e3c78d5f469 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
<unsigned> MD5: f3e93bb3dccf32e62a686210788e8856 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
<unsigned> MD5: 26edaf5fc9538c96002aa00af00dd7f6 C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
<unsigned> MD5: d06db54d295286716660e44113483d1a C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoSTS08.rsc
<unsigned> MD5: ea35dec2bda6310f48ea724b2cdc3ffe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
<unsigned> MD5: ce965a6a18285a2695d21801f9def414 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcob08.dll
<unsigned> MD5: cc9b2b1c42766a18a42226f41637b789 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxm08.dll
<unsigned> MD5: 9b82fa443b70783c40b2c928ec10b718 C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
<unsigned> MD5: 629bc752d93467e5d1640c1e3a9d8059 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtap08.dll
<unsigned> MD5: e872fdd17941cce96d3dfa882e611941 C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqwrg.exe
<unsigned> MD5: 1cd292e65d973d7ee568811aac8d9e44 C:\Program Files\Hotspot Shield\BIN\LIBCURL.DLL
<unsigned> MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files\Hotspot Shield\BIN\LIBEAY32.DLL
<unsigned> MD5: 21c2b1b55d24fbff03ecfb9788c0bb77 C:\Program Files\Hotspot Shield\BIN\libidn-11.dll
<unsigned> MD5: df49cc0f2a00fa5cd2c79abd9c269796 C:\Program Files\Hotspot Shield\BIN\LIBSSL32.DLL
<unsigned> MD5: 75430d2f8b2e204814247d62d9445ce4 C:\Program Files\Messenger Plus! Live\lame_enc.dll
<unsigned> MD5: 00742b11f1492d15a0a8ff25e36ab9be C:\Program Files\Messenger Plus! Live\libsndfile.dll
<unsigned> MD5: 22c6d9cc801238b45bb01ae0e5c4d900 C:\Program Files\Messenger Plus! Live\MPScripts.dll
<unsigned> MD5: 06660b9e648e4114486d921735889819 C:\Program Files\Messenger Plus! Live\MsgPlusLiveRes1.dll
<unsigned> MD5: 55c499f8004d63dd8adac79b883c3dcf C:\Program Files\MessengerDiscovery 2\FacebookChat.dll
<unsigned> MD5: 40a0bf95cb736aa613f1cc60de32f827 C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
<unsigned> MD5: 675df665b29327821f4d1e2a1b7b9734 C:\Program Files\MessengerDiscovery 2\MessengerDiscovery.dll
<unsigned> MD5: 91a93beee4e7e1234b4a914de4ce59ca C:\Program Files\Windows Live\Messenger\MSIMG32.dll
<unsigned> MD5: d223b2c353d7f5e31b9a9380f1b9bc21 C:\Program Files\Windows Live\Messenger\WINMM.dll
<unsigned> MD5: c1610dafadced530e45e4c68365dc972 C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d0245ba39eb2806ea34282696e2c8205\Microsoft.VisualBasic.ni.dll
<unsigned> MD5: fc6427ffb3d95cf1bb9babe68baa8385 C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
<unsigned> MD5: 1c76d07e8b204bde275ad672539cbb48 C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Configuration\ab9d88802d85839842486dabe8d9a23f\System.Configuration.ni.dll
<unsigned> MD5: 3c853c2a3ae1c3ad4316112f32fa9e7d C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Drawing\abbfdcd3581f68f18b712e0abe5a653c\System.Drawing.ni.dll
<unsigned> MD5: ea278457cbc28013be6251ba3f1c1569 C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2549d9ea048812ab2f2d0365664ea5d8\System.Runtime.Remoting.ni.dll
<unsigned> MD5: 7855d75b8ec34c436745d5c7e5a0a46a C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Web\d5d04247340b99716b2c67ebdfe4393e\System.Web.ni.dll
<unsigned> MD5: 7fb019c911ae38f8fccb5db9fad1772e C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8b16d6ae2f89cb7c7cebd5927ff46ddf\System.Windows.Forms.ni.dll
<unsigned> MD5: 873ace0e65a257585e242fc779d781ee C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System.Xml\6fd62d4921889852352e252fb983d970\System.Xml.ni.dll
<unsigned> MD5: e0d40e58af98e94df1b584685279dcf3 C:\WINDOWS\Assembly\NativeImages_v2.0.50727_32\System\d38506be7bf1215ef307a2585871c0a5\System.ni.dll
<unsigned> MD5: cde1f62fe63631b932ace2249fb11da0 C:\WINDOWS\system32\drivers\aeaudio.sys
<unsigned> MD5: 9a4c4a4b191200f12085d188be70e4e3 C:\WINDOWS\system32\drivers\senfilt.sys
<unsigned> MD5: 8da9c7feedba52cfd91ee2e2113df6a9 C:\WINDOWS\system32\drivers\sf.sys
<unsigned> MD5: ce52bffebfaf1e59553e2885cab80b52 C:\WINDOWS\system32\drivers\smwdm.sys
<unsigned> MD5: 55bc904db619eae2f89fb4a780dad65b C:\WINDOWS\system32\fdisk.com
<unsigned> MD5: 4a0df95a051bb670a79b3db9537c77b0 C:\WINDOWS\System32\javacypt.dll
<unsigned> MD5: 8c22083ed515dc94d575438662f0be6a C:\WINDOWS\System32\MSI.DLL
<unsigned> MD5: b06b3a7738d3fa28505907ec1b6ed2d4 C:\WINDOWS\System32\msjava.dll
<unsigned> MD5: 5e6339ce905ab989795e8005d447a59f C:\WINDOWS\System32\mucltui.dll
<unsigned> MD5: f27c71cff8492c9949cae32cecde0c86 C:\WINDOWS\System32\VMHELPER.DLL
Using HTTP proxy: :8181

No file uploaded.
Scan finished - communication took 7 sec
Total traffic - 0.07 MB sent, 2.59 KB recvd
Scanned 950 files and modules - 117 seconds
 
تأييد 0
حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : KoNaMi
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:54 ص, on 02/06/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\DOCUME~1\الهواوي\LOCALS~1\Temp\svchost.com
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\الهواوي\سطح المكتب\Virus Removal Tool\setup_9.0.0.722_01.06.2010_21-35\setup_9.0.0.722_01.06.2010_21-35.exe
F:\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :8181
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\fdisk.com
F3 - REG:win.ini: load=C:\DOCUME~1\الهواوي\LOCALS~1\Temp\svchost.com
F3 - REG:win.ini: run=C:\DOCUME~1\الهواوي\LOCALS~1\Temp\svchost.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\fdisk.com
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\DOCUME~1\ƒT8fƒfn\LOCALS~1\Temp\RarSFX0\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O4 - HKLM\..\Run: [User Agent] C:\WINDOWS\system32\fdisk.com
O4 - HKLM\..\Run: [HotKey] C:\Documents and Settings\الهواوي\Templates\cache\SFCsrvc.pif
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HotKey] C:\Documents and Settings\الهواوي\Templates\cache\SFCsrvc.pif
O4 - HKCU\..\Run: [User Agent] C:\DOCUME~1\الهواوي\LOCALS~1\Temp\svchost.com
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\الهواوي\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-220523388-507921405-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Guest')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-220523388-507921405-725345543-501 Startup: sndvol32.exe (User 'Guest')
O4 - S-1-5-21-220523388-507921405-725345543-501 User Startup: sndvol32.exe (User 'Guest')
O4 - Startup: sndvol32.exe
O4 - Startup: setup_9.0.0.722_01.06.2010_21-35.lnk = ?
O4 - Global Startup: sndvol32.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Download all links with IDM - C:\DOCUME~1\ƒT8fƒfn\LOCALS~1\Temp\RarSFX0\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\DOCUME~1\ƒT8fƒfn\LOCALS~1\Temp\RarSFX0\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\ƒT8fƒfn\LOCALS~1\Temp\RarSFX0\IEExt.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 9372 bytes
 
تأييد 0
توقيع : إكس زيرو
تأييد 0
الاثنين اخوي
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى