هذا تقرير كمبوفيكس ارجو افادتى

[oldman]

ComboFix 08-12-13.03 - user 2008-12-14 16:21:59.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.894.511 [GMT 4:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
c:\program files\SuperCopier2\SC2Hook.dll


((((((((((((((((((((((((( Files Created from 2008-11-14 to 2008-12-14 )))))))))))))))))))))))))))))))
.

2008-12-14 15:52 . 2008-12-14 15:52 <DIR> d-------- c:\windows\LastGood
2008-11-29 17:13 . 2008-11-29 17:13 <DIR> d-------- c:\documents and settings\user\Application Data\CyberScrub
2008-11-29 17:13 . 2008-12-13 19:49 <DIR> d-------- c:\documents and settings\user\Application Data\cleaner
2008-11-26 14:59 . 2008-11-28 16:02 11,591,712 --ahs---- c:\windows\system32\drivers\fidbox.dat
2008-11-26 14:59 . 2008-11-28 16:02 139,004 --ahs---- c:\windows\system32\drivers\fidbox.idx
2008-11-21 17:09 . 2008-11-21 17:09 <DIR> d--h----- c:\windows\system32\GroupPolicy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 12:20 --------- d-----w c:\program files\SuperCopier2
2008-12-10 09:35 --------- d-----w c:\program files\GVR
2008-12-06 15:47 --------- d-----w c:\program files\Windows Live
2008-12-01 13:35 --------- d-----w c:\program files\Google
2008-12-01 11:17 --------- d-----w c:\program files\Yahoo!
2008-12-01 11:16 --------- d-----w c:\program files\Windows Live Toolbar
2008-11-28 11:57 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-11-14 13:19 --------- d-----w c:\program files\Unlocker
2008-11-13 15:33 --------- d-----w c:\program files\Common Files\Adobe
2008-10-26 15:32 --------- d-----w c:\documents and settings\user\Application Data\MozillaControl
2008-10-26 15:26 --------- d-----w c:\documents and settings\All Users\Application Data\Launcher
2008-10-26 15:26 --------- d-----w c:\documents and settings\All Users\Application Data\Graboid Inc
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-19 08:58 --------- d-----w c:\documents and settings\user\Application Data\Avira
2008-10-16 10:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 10:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 10:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 10:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 10:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 10:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 10:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 10:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 10:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 10:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-14 12:17 --------- d-----w c:\documents and settings\user\Application Data\DMCache
2008-09-15 11:57 1,846,016 ----a-w c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( snapshot@2008-12-07_20.01.01.32 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-05-27 4269296]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-07-19 266497]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-09-04 185896]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-15 794713]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SkyTel"="SkyTel.EXE" [2007-05-15 c:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-15 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

R2 AntiVirMailService;Avira AntiVir Premium MailGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe" [2008-06-01 164097]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE" [2008-06-01 258305]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;"c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe" [2008-06-01 41217]
R3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\zteusbser.sys [2008-06-22 97920]
S2 EF169CB5;EF169CB5;c:\windows\system32\94FB2799.EXE -k []
S3 benqusbser;BenQ Handset USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\BenQusbser.sys [2008-03-26 100992]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3696f44a-84d3-11d9-af8d-001b24422072}]
\Shell\Auto\command - G:\auto.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{552622a4-84f1-11d9-af8e-001b24422072}]
\Shell\Auto\command - auto.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2ada852-9221-11d9-8d50-001b24422072}]
\Shell\AutoRun\command - G:\80avp08.com
\Shell\explore\Command - G:\80avp08.com
\Shell\open\Command - G:\80avp08.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f15b10ae-bc31-11dc-af00-001b24422072}]
\Shell\AutoRun\command - r2nl.com
\Shell\explore\Command - r2nl.com
\Shell\open\Command - r2nl.com

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {AF893426-9BD9-3757-4F32-F09B429F2C7D} /qb
.
s of the 'Scheduled Tasks' folder

2008-12-13 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open in new background tab - c:\program files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?4f2e2b69a8a24ed58cd96c254b45f00b
IE: Open in new foreground tab - c:\program files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?4f2e2b69a8a24ed58cd96c254b45f00b
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: avsda.dll
TCP: {3F58AC7E-5FD2-47F8-8D85-563D3E7E8317} = 213.42.20.20,195.229.241.222
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\idmcf6dr.default\
FF - plugin: c:\program files\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll
.
.
------- File Associations -------
.
txtfile=c:\windows\notepad.exe %1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-14 16:23:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\user\LOCALS~1\Temp\mc21.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(832)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(888)
c:\windows\system32\avsda.dll
.
Completion time: 2008-12-14 16:23:42
ComboFix-quarantined-files.txt 2008-12-14 12:23:40
ComboFix2.txt 2008-12-07 16:01:32

Pre-Run: 1,546,788,864 bytes free
Post-Run: 1,533,337,600 bytes free

153 --- E O F --- 2008-11-13 14:43:50

 

[MAAX]

اهلااا بك اخي
وعذرا بنقله للقسم المناسب للمتابعة
هذا القسم خاص بتحليل تقارير برامج الحماية ،، وباقي التقارير تكون عند الطلب فقط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[MAAX]

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

 

[oldman]

شكرا لك اخى
أسف على وضع الموضوع فى غير مكانه وشكرا لنقله
ساوافيك حالا بتقرير الهاى جاك

 

[oldman]

Logfile of HijackThis v1.99.1
Scan saved at 4:41:06 PM, on 12/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\mDSL\bin\EV-DO.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?4f2e2b69a8a24ed58cd96c254b45f00b
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?4f2e2b69a8a24ed58cd96c254b45f00b
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{3F58AC7E-5FD2-47F8-8D85-563D3E7E8317}: NameServer = 213.42.20.20,195.229.241.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1FAE12-4E0D-44CB-83BF-6349DE6FD7F9}: NameServer = 212.0.138.12 212.0.138.13
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: EF169CB5 - Unknown owner - C:\WINDOWS\system32\94FB2799.EXE (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

 

[MAAX]

الله يسلمك
تقاريرك سليمة يالغالي

موفق

 

[oldman]

بشرك الله بالجنه يا عزيزى
ولا عدمناكم اخىk:k: