- بادئ الموضوع راية الحق
- تاريخ البدء
- 1,671
غير متصل
افحص جهازك اول شي من الفيروسات
وملفات التجسس
بعدين سو تنظيف للمخلفات
وملفات التجسس
بعدين سو تنظيف للمخلفات
توقيع : Juve Guard
تأييد
0
راية الحق
زيزوومى مميز
غير متصل
سويت سكان وهذي النتيجة
حبيت انسخ لكم تقرير السكان
وبما اني ماعرف وايد في الافيرا
حولت كل اللي صاده لل Quarantine
ياليت تعلموني الطريقة المثلى للتعامل مع الافيرا
هل يفضل ألغي اللي يصيده مباشرة أو أحوله الى الكوارانتاين؟
وبعدين براويكم الحين التقرير
The scan has been done completely.
5095 Scanning directories
232380 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
232374 Files not concerned
1016 Archives were scanned
1 Warnings
2 Notes
-----
Starting the file scan:
Begin scan in 'C:\' <Drive D>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\silver\AutoPlay\Docs\zyzoom_all_brontok_killer.exe
[0] Archive type: RAR SFX (self extracting)
--> cav.exe
[DETECTION] Is the Trojan horse TR/Agent.91648.8
--> run_me.exe
[DETECTION] Is the Trojan horse TR/Agent.132406
--> Run_me_1.exe
[DETECTION] Is the Trojan horse TR/Agent.132206
[NOTE] The file was moved to '48ef90c0.qua'!
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP62\A0014641.exe
[0] Archive type: RAR SFX (self extracting)
--> cav.exe
[DETECTION] Is the Trojan horse TR/Agent.91648.8
--> run_me.exe
[DETECTION] Is the Trojan horse TR/Agent.132406
--> Run_me_1.exe
[DETECTION] Is the Trojan horse TR/Agent.132206
[NOTE] The file was moved to '48a5908d.qua'!
Begin scan in 'D:\' <data>
ياليت تفيدوني
حبيت انسخ لكم تقرير السكان
وبما اني ماعرف وايد في الافيرا
حولت كل اللي صاده لل Quarantine
ياليت تعلموني الطريقة المثلى للتعامل مع الافيرا
هل يفضل ألغي اللي يصيده مباشرة أو أحوله الى الكوارانتاين؟
وبعدين براويكم الحين التقرير
The scan has been done completely.
5095 Scanning directories
232380 Files were scanned
6 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
232374 Files not concerned
1016 Archives were scanned
1 Warnings
2 Notes
-----
Starting the file scan:
Begin scan in 'C:\' <Drive D>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\silver\AutoPlay\Docs\zyzoom_all_brontok_killer.exe
[0] Archive type: RAR SFX (self extracting)
--> cav.exe
[DETECTION] Is the Trojan horse TR/Agent.91648.8
--> run_me.exe
[DETECTION] Is the Trojan horse TR/Agent.132406
--> Run_me_1.exe
[DETECTION] Is the Trojan horse TR/Agent.132206
[NOTE] The file was moved to '48ef90c0.qua'!
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP62\A0014641.exe
[0] Archive type: RAR SFX (self extracting)
--> cav.exe
[DETECTION] Is the Trojan horse TR/Agent.91648.8
--> run_me.exe
[DETECTION] Is the Trojan horse TR/Agent.132406
--> Run_me_1.exe
[DETECTION] Is the Trojan horse TR/Agent.132206
[NOTE] The file was moved to '48a5908d.qua'!
Begin scan in 'D:\' <data>
ياليت تفيدوني
تأييد
0
Mr.Virus
زيزوومى متألق
غير متصل
عليكم السلام
اول شي افحصي جهازج بهالبرنامج McAfee VirusScan & AntiSpyware 8.5i EnterpriSe
ادخلي هالموضوع ونزلي البرنامج منه
وثانياً
حملي برنامج AVG anti-spyware بورتابل
واعمل Update بعدها scan
بعدها عطينا تقرير هايجاك :q:
اول شي افحصي جهازج بهالبرنامج McAfee VirusScan & AntiSpyware 8.5i EnterpriSe
ادخلي هالموضوع ونزلي البرنامج منه
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وثانياً
حملي برنامج AVG anti-spyware بورتابل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
واعمل Update بعدها scan
بعدها عطينا تقرير هايجاك :q:
توقيع : Mr.Virus
تأييد
0
راية الحق
زيزوومى مميز
غير متصل
قهر برنامج avg spyware مو راضي يتفعل رغم اني سويت له اب ديت وبعدها سكان
حتى اني عن الشك سويت ريستارت عل وعسى
بس حسافة مو راضي يتفعل صاد لي بلاوي لكن ماني قادره ألغيهم
لازم ألغيهم .. البرنامج بورتابل
مو راضي يتفعل
ياليت تعطوني نفس البرنامج مال السباي وير مو شرط يكون بورتابل بس الله يخليكم ابي يكون معاه الكي او الكراك للتفعيل
حتى اني عن الشك سويت ريستارت عل وعسى
بس حسافة مو راضي يتفعل صاد لي بلاوي لكن ماني قادره ألغيهم
لازم ألغيهم .. البرنامج بورتابل
مو راضي يتفعل
ياليت تعطوني نفس البرنامج مال السباي وير مو شرط يكون بورتابل بس الله يخليكم ابي يكون معاه الكي او الكراك للتفعيل
تأييد
0
Mr.Virus
زيزوومى متألق
غير متصل
هلا والله
تفضلي هذا اهو البرنامج
AVG Anti-Spyware 7.5.1.43
التثبيت تلقائي والكراك مدمج ,, ومتوافق فقط مع الويندوز اكسبي
حجم الملف : 14.7 MB
رابط مباشر من سيرفرنا
رابط بديل
بالتوفيق
تفضلي هذا اهو البرنامج
AVG Anti-Spyware 7.5.1.43
التثبيت تلقائي والكراك مدمج ,, ومتوافق فقط مع الويندوز اكسبي
حجم الملف : 14.7 MB
رابط مباشر من سيرفرنا
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
رابط بديل
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بالتوفيق
توقيع : Mr.Virus
تأييد
0
راية الحق
زيزوومى مميز
غير متصل
اللي صاده مكافي
هذا..
Deleted DELL C:\SILVER\AUTOPLAY\DOCS\SMITFRAUDFIX_2_NEW.RAR PrcViewer(Potentially Unwanted Program)
2008-07-10 13:50:32 Deleted (Clean failed) DELL c:\silver\AutoPlay\Docs\smitfraudfix_2_new.rar\SMITFRAUDFIX_2.EXE\PROCESS.EXE PrcViewer(Potentially Unwanted Program)
DELL C:\SYSTEM VOLUME INFORMATION\_RESTORE{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014669.EXE Crack-PCV(Potentially Unwanted Program)
2008-07-10 13:51:14 Deleted DELL c:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014669.exe Crack-PCV(Potentially Unwanted Program)
-------------
أما الانتي سباي وير اي في جي
صاد
C:\WINDOWS\system32\ascbalo3N.dll -> Adware.Balloon : Ignored.
C:\WINDOWS\system32\ascbalon.dll -> Adware.Balloon : Ignored.
HKU\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\FoxIE -> Adware.Kazaap : Ignored.
HKU\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\FoxIE\Cleaner -> Adware.Kazaap : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/IN93C0~1.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~1.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~2.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~3.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~4.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/Inpaint.exe -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014673.exe/1.cmd -> Trojan.KillAV.fm : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014674.exe/readme_es.txt -> Trojan.KillAV.fm : Ignored.
---------------
ياترى سبب تقطيع الصوت عندي
وسبب ظهور رسالة انخفاض الذاكرة للوندوز
تلك الملفات ؟
ول لها حل ثاني؟
تأييد
0
راية الحق
زيزوومى مميز
غير متصل
هذا تقرير الهايجاك بعد السكان عن طريق البرنامجين اللي عطيتني اياهم اخوي مستر فايروس
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:45, on 2008-07-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Registry Fast\RegFast.exe
C:\Documents and Settings\DELL\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\Software\..\Telephony: DomainName =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecureLockWare ??????? (SecureLockWare_InputPassword) - BUFFALO INC. - C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
--
End of file - 6907 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:45, on 2008-07-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Registry Fast\RegFast.exe
C:\Documents and Settings\DELL\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\Software\..\Telephony: DomainName =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain =
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecureLockWare ??????? (SecureLockWare_InputPassword) - BUFFALO INC. - C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
--
End of file - 6907 bytes
تأييد
0
فارس الملاك
زيزوومى محترف
غير متصل
احذفي هذه القيم
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL =
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\Software\..\Telephony: DomainName =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain =
طريقة الحذف
=================================
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain =
O17 - HKLM\Software\..\Telephony: DomainName =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain =
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain =
طريقة الحذف
=================================
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
التعديل الأخير بواسطة المشرف:
توقيع : فارس الملاك
تأييد
0
Mr.Virus
زيزوومى متألق
غير متصل
اللي صاده مكافي
هذا..
Deleted DELL C:\SILVER\AUTOPLAY\DOCS\SMITFRAUDFIX_2_NEW.RAR PrcViewer(Potentially Unwanted Program)
2008-07-10 13:50:32 Deleted (Clean failed) DELL c:\silver\AutoPlay\Docs\smitfraudfix_2_new.rar\SMITFRAUDFIX_2.EXE\PROCESS.EXE PrcViewer(Potentially Unwanted Program)
DELL C:\SYSTEM VOLUME INFORMATION\_RESTORE{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014669.EXE Crack-PCV(Potentially Unwanted Program)
2008-07-10 13:51:14 Deleted DELL c:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014669.exe Crack-PCV(Potentially Unwanted Program)
-------------
أما الانتي سباي وير اي في جي
صاد
C:\WINDOWS\system32\ascbalo3N.dll -> Adware.Balloon : Ignored.
C:\WINDOWS\system32\ascbalon.dll -> Adware.Balloon : Ignored.
HKU\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\FoxIE -> Adware.Kazaap : Ignored.
HKU\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\FoxIE\Cleaner -> Adware.Kazaap : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/IN93C0~1.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~1.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~2.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~3.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/INPAIN~4.BAK -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014668.exe/Inpaint.exe -> Backdoor.Hupigon.brzn : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014673.exe/1.cmd -> Trojan.KillAV.fm : Ignored.
C:\System Volume Information\_restore{9483625C-11DA-46A3-860A-3D9047AFD47C}\RP63\A0014674.exe/readme_es.txt -> Trojan.KillAV.fm : Ignored.
---------------
ياترى سبب تقطيع الصوت عندي
وسبب ظهور رسالة انخفاض الذاكرة للوندوز
تلك الملفات ؟
ول لها حل ثاني؟
اذا الصوت يقطع عندج ، احذفي اللي صادهم البرنامجين
لأنه بعض الملفات مسارها بملف الصوت
انتي بس احذفي اللي صادهم وان شاءالله تروح مشاكلج
بالتوفيق
توقيع : Mr.Virus
تأييد
0
راية الحق
زيزوومى مميز
غير متصل
جزاك الله خير اخوي فارس الملاك
تفضل التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:09:02, on 2008-07-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Documents and Settings\DELL\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\DELL\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\DELL\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecureLockWare ??????? (SecureLockWare_InputPassword) - BUFFALO INC. - C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
--
End of file - 6563 bytes
جزاك الله خير أخوي فتى الشرقية تم تطبيق ماقلت
تفضل التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:09:02, on 2008-07-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Documents and Settings\DELL\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\DELL\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\DELL\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SecureLockWare ??????? (SecureLockWare_InputPassword) - BUFFALO INC. - C:\Program Files\BUFFALO\Encrdisk\ENCRDLG.exe
--
End of file - 6563 bytes
جزاك الله خير أخوي فتى الشرقية تم تطبيق ماقلت
تأييد
0