ابو الحـسن

زيزوومى مبدع
إنضم
22 أكتوبر 2007
المشاركات
1,039
مستوى التفاعل
12
النقاط
630
غير متصل
السلام عليكم ورحمة الله وبركاته

شباب عندي مشكله بالكمبيوتر كل ما اذهب أبدا run اكتب regedit يطلعلي هذا صور

zyzoom-2f634afe29.jpg


حاولت بكل ادوات زيزوم ومانفع ارجوا الحل
 

توقيع : ابو الحـسن
بالاضافة لكلاام الاحبه​

اعمل التالي

( 1 )



عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes​



انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم



--------------------------------------------




( 2 )




واعمل تقرير للهايجاك


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي






اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log


لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 

بالاضافة لكلاام الاحبه​


اعمل التالي​

( 1 )



عطل جميع برامج الحماية ,,

وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes

بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes​





انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,

وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم





--------------------------------------------




( 2 )




واعمل تقرير للهايجاك​


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي






اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log



لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم

جاري عمل اللى قلته
 
توقيع : ابو الحـسن
الاول

ComboFix 08-06-12.2 - Administrator 06/14/2008 14:45:29.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.554 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
C:\RECYCLER\Administrator.com
C:\WINDOWS\system32\kakle.dll
D:\Autorun.inf
D:\RECYCLER\Administrator.com
E:\Autorun.inf
E:\RECYCLER\Administrator.com
.
((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 07:45 --------- d-----w C:\Documents and Settings\Administrator\Application Data\BitDefender
2008-06-14 07:44 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-06-14 07:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-06-14 07:38 0 ----a-w C:\osy3.sys
2008-06-11 13:14 --------- d-----w C:\Program Files\Total Video Converter
2008-06-11 11:40 96,520 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-11 11:40 75,272 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-11 11:40 12,424 ----a-w C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-06-11 11:40 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-06-11 11:40 --------- d-----w C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR
2008-06-11 11:38 45,568 ----a-w C:\WINDOWS\system32\avgfwdx.dll
2008-06-11 11:38 22,528 ----a-w C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-06-11 11:38 --------- d-----w C:\Program Files\AVG
2008-06-11 11:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-06-09 05:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-06-07 06:24 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Thinstall
2008-05-21 17:46 14,336 ----a-w C:\Program Files\Book1.xls
2008-05-06 03:32 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-05-04 03:13 --------- d-----w C:\Documents and Settings\Administrator\Application Data\U3
2008-05-03 22:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Trymedia
2008-05-03 22:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-05-03 16:20 --------- d-----w C:\Program Files\Common Files\xing shared
2008-05-03 16:11 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-05-03 16:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-05-03 16:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-05-03 16:03 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-05-03 16:03 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-05-03 16:03 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-05-03 16:03 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-05-03 16:03 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-05-03 16:03 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-05-03 16:03 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-05-03 16:03 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
2008-05-03 16:03 --------- d-----w C:\Program Files\Real_SC
2008-05-03 16:02 --------- d-----w C:\Program Files\Windows Live
2008-05-03 16:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-05-03 16:02 --------- d-----w C:\Program Files\Luxor 2
2008-05-03 16:02 --------- d-----w C:\Program Files\BFG
2008-05-03 15:59 --------- d-----w C:\Program Files\GRETECH
2008-05-03 15:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\GRETECH
2008-05-03 15:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\GRETECH
2008-05-03 15:57 --------- d-----w C:\Program Files\Common Files\Adobe
2008-05-03 15:56 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2008-05-03 15:55 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ACD Systems
2008-05-03 15:54 --------- d-----w C:\Program Files\mpegable
2008-05-03 15:54 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-05-03 15:54 --------- d-----w C:\Program Files\ACD Systems
2008-05-03 15:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-05-03 15:53 --------- d-----w C:\Program Files\Video Convert Master Christmas Edition
2008-05-03 15:50 --------- d-----w C:\Program Files\MSN Messenger
2008-05-03 15:49 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-05-03 15:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-05-03 15:45 --------- d-----w C:\Program Files\Real
2008-05-03 15:45 --------- d-----w C:\Program Files\Common Files\Real
2008-05-03 15:44 155,995 ----a-w C:\WINDOWS\java\Packages\FNDBN1NR.ZIP
2008-05-03 15:44 --------- d-----w C:\Program Files\Yahoo!
2008-05-03 15:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-05-03 15:43 --------- d-----w C:\Program Files\Macromedia
2008-05-03 15:42 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-05-03 15:42 --------- d-----w C:\Program Files\Google
2008-05-03 15:42 --------- d-----w C:\Program Files\DAP
2008-05-03 15:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-03 15:30 --------- d-----w C:\Program Files\CONEXANT
2008-05-03 13:52 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-03 13:52 --------- d-----w C:\Program Files\Realtek
2008-05-03 13:52 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-03 13:51 --------- d-----w C:\Program Files\Intel
2008-05-03 13:38 --------- d-----w C:\Program Files\Microsoft.NET
2008-05-03 13:38 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-05-03 13:38 --------- d-----w C:\Program Files\Common Files\L&H
2008-05-03 13:37 --------- d-----w C:\Program Files\Microsoft Works
2008-05-03 13:26 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-25 18:51 61,952 --sha-r C:\WINDOWS\system32\KUW-A9EB02A4C50.com
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/08/2008 05:28 AM 68856]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [01/19/2007 12:55 PM 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [02/07/2006 03:39 AM 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [02/07/2006 03:36 AM 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [02/07/2006 03:40 AM 118784]
"SkyTel"="SkyTel.EXE" [05/17/2006 05:04 AM 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [11/15/2006 04:21 AM 16270848 C:\WINDOWS\RTHDCPL.exe]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [05/03/2008 06:42 PM 4568576]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [05/03/2008 07:20 PM 185896]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/03/2004 11:56 PM 110592 C:\WINDOWS\system32\bthprops.cpl]
"Karen"="" []
"raVe"="" []
"SystemInit"="" []
"startIE"="" []
"Win32BaseServiceMOD"="" []
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/11/2008 02:40 PM 1177368]
"Administrator"="C:\WINDOWS\RECYCLER\Administrator.com" [ ]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [ ]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [ ]
"RRT-Auto"="C:\Documents and Settings\Administrator\Desktop\RRT.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"raVe"="" []
"Driver32"="" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/03/2004 11:56 PM 15360]
C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-08-03 11:10:00 394856]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
"DisableTaskmgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"= 0 (0x0)
"NoDispScrSavPage"= 0 (0x0)
"NoDispSettingsPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoRun"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe KUW-A9EB02A4C50.com"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XVID"= xvid.dll
"VIDC.YV12"= yv12vfw.dll
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [06/11/2008 02:40 PM]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [06/11/2008 02:40 PM]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [06/11/2008 02:40 PM]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [06/11/2008 02:40 PM]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [06/11/2008 02:40 PM]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [06/11/2008 02:38 PM]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [06/11/2008 02:38 PM]
S3 NAL;Nal Service ;C:\WINDOWS\system32\Drivers\iqvw32.sys [07/05/2006 03:35 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{797a2db6-1987-11dd-adbf-0019d167f2b6}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{797a2db7-1987-11dd-adbf-0019d167f2b6}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Administrator.com
\Shell\open\command - I:\Administrator.com
\Shell\read\command - I:\Administrator.com
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-06-14 14:48:26
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
.
**************************************************************************
.
Completion time: 06/14/2008 14:49:55 - machine was rebooted [Administrator]
ComboFix-quarantined-files.txt 2008-06-14 11:49:52
Pre-Run: 12,479,676,416 bytes free
Post-Run: 12,490,145,792 bytes free
217
 
توقيع : ابو الحـسن
تقرير بـHijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:04:00 م, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgtray.exe
D:\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=Explorer.exe KUW-A9EB02A4C50.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (file missing)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Administrator] C:\WINDOWS\RECYCLER\Administrator.com
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\Administrator\Desktop\RRT.exe auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E51979D3-AE8D-4E9A-9E56-94A8275E9D16}: NameServer = 195.226.228.72 195.226.228.74
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 6656 bytes
 
توقيع : ابو الحـسن
اعد تقرير الهايجاك
غير واضح
 
تسلم جاري التحليل
 
الله يسلمك ويرحم والديك

هذا تقرير الهايجك ثاني مره



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:04:00 م, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\KUW-A9EB02A4C50.com
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AVG\AVG8\avgtray.exe
D:\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=Explorer.exe KUW-A9EB02A4C50.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (file missing)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Administrator] C:\WINDOWS\RECYCLER\Administrator.com
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\Administrator\Desktop\RRT.exe auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E51979D3-AE8D-4E9A-9E56-94A8275E9D16}: NameServer = 195.226.228.72 195.226.228.74
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 6656 bytes​
 
توقيع : ابو الحـسن
حمل الملف هذا
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وعند تشغيله ... لحظات وينعاد تشغيل جهازك تلقائيا

بعدها يظهر لك تقرير انسخه والصقه بردك القادم
 
اذا انتهيت من السابق
اعد تشغيل جهازك ... واعمل تقرير هايجاك جديد
 
حمل الملف هذا
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وعند تشغيله ... لحظات وينعاد تشغيل جهازك تلقائيا

بعدها يظهر لك تقرير انسخه والصقه بردك القادم

تعبتك معاي ممكن رابط اخر لانه الموقع يخرف عندي
 
توقيع : ابو الحـسن
ابشر
 
توقيع : Al jNtEeL
الله يخليكم ويحفظكم ويحفظ المنتدى وجاري التجربه ...
 
توقيع : ابو الحـسن
فديتك يالغلااا

جزيل شكري وتقديري
تسلم حبيب قلبي كلك ذووق ... والله يرحم وآآديك وجميع المسلمين
وحنا تحت أمرك دايمآآ ..
 
توقيع : Al jNtEeL
هذا تقرير بالاداة

Logfile of The Avenger Version 2.0, (c) by Swandog46
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File "C:\WINDOWS\system32\KUW-A9EB02A4C50.com" deleted successfully.
Completed script processing.
*******************
Finished! Terminate.
 
توقيع : ابو الحـسن
وهذا بالهايجك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:43:06 م, on 14/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=Explorer.exe KUW-A9EB02A4C50.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll (file missing)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Administrator] C:\WINDOWS\RECYCLER\Administrator.com
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\Administrator\Desktop\RRT.exe auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E51979D3-AE8D-4E9A-9E56-94A8275E9D16}: NameServer = 195.226.228.72 195.226.228.74
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
--
End of file - 6653 bytes
 
توقيع : ابو الحـسن
توقيع : ابو الحـسن
عودة
أعلى