[تم حل المشكلة]الجهاز يسوي ريستارت بروحه ( صورة للخطأ + تقرير )

DJ KROZ · 27 سبتمبر 2010

السلام عليكم ورحمة الله وبركاته

شخباركم يالزيزوميين :bleh: ؟؟

اكثر من مرة الجهاز يسوي ريستارت بروحه , خاصة لما اكون العب اون لاين

فحصت الجهاز بالـ Hitman Pro 3.5 ولم اجد سوى ملف مريب وهو كراك للانترنت داونلود مانيجر
ما حذفته

سويت فحص كامل بالـ Kaspersky Internet Security 2011 ولم اجد اي شيء

صورة للخطأ بعد ما سوى ريستارت

التقرير

Runscanner logfile
* = signed file
- = file not found
General info
------------
Computer name : USER-3B094B7574
Creation time : 27/09/2010 05:01:23 م
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.6001.18702
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.8.0.0
User Language : Arabic (Kuwait)
User rights : Administrator
Windows folder : C:\WINDOWS
Running processes
-----------------
C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
* C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe (Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

))
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\igfxsrvc.exe (Intel Corporation)
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
* C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
* C:\WINDOWS\system32\HPZipm12.exe (HP)
* C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
* C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)
* C:\Documents and Settings\USER\Desktop\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
* C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe (zoneLINK)
Unrated items
-------------
002 C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
002 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
002 * C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
002 C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab)
002 * C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe (zoneLINK)
003 * C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
003 * C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
010 * C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe (ASO3DiskOptimizer)
010 * C:\WINDOWS\system32\services.exe (Event Log)
010 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Anti-Virus Service)
010 * C:\WINDOWS\system32\services.exe (Plug and Play)
010 * C:\WINDOWS\system32\spoolsv.exe (Print Spooler)
010 * C:\Program Files\Google\Update\GoogleUpdate.exe (خدمة تحديث Google (gupdate))
011 * C:\WINDOWS\system32\drivers\Ambfilt.sys (Ambfilt)
011 C:\WINDOWS\system32\drivers\BIOS.sys (BIOS)
011 * C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Anti-Virus NDIS Filter)
011 * C:\WINDOWS\system32\DRIVERS\klif.sys (Kaspersky Lab Driver)
011 * C:\WINDOWS\system32\DRIVERS\klmouflt.sys (Kaspersky Lab KLMOUFLT)
011 * C:\WINDOWS\system32\DRIVERS\kl1.sys (kl1)
011 * C:\WINDOWS\system32\DRIVERS\kl2.sys (kl2)
011 * C:\WINDOWS\system32\drivers\Monfilt.sys (Monfilt)
011 * C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRXSMB)
011 C:\WINDOWS\system32\drivers\pfc.sys (Padus ASPI Shell)
011 C:\WINDOWS\system32\PfModNT.sys (PfModNT)
011 * C:\WINDOWS\system32\drivers\RtkHDAud.sys (Service for Realtek HD Audio (WDM))
011 * C:\WINDOWS\system32\DRIVERS\srv.sys (Srv)
011 C:\Program Files\Advanced System Optimizer 3\adasprot32.sys (SYSTWEAKASO)
011 C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver)
011 * C:\WINDOWS\system32\drivers\TotRec7.sys (Total Recorder WDM audio driver)
011 * C:\WINDOWS\system32\drivers\TotRec8.sys (Total Recorder WDM audio filter driver)
030 * C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 * C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 * C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {8f6b0360-b80d-11d0-a9b3-006097942311}
030 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {8f6b0360-b80d-11d0-a9b3-006097942311}
030 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {733AC4CB-F1A4-11d0-B951-00A0C90312E1}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F406-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {3dd53d40-7b8b-11D0-b013-00aa0059ce02}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e3-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e4-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e2-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e5-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) {828030A1-22C1-4009-854F-8E305202313F}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation) {05300401-BCBC-11d0-85E3-00C04FD85AB4}
031 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation) {79eac9e6-baf9-11ce-8c82-00aa004ba90b}
031 C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
031 * C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) {828030A1-22C1-4009-854F-8E305202313F}
031 * C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) {32505114-5902-49B2-880A-1F7738E5A384}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
031 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
035 * C:\WINDOWS\system32\IEDKCS32.DLL (Microsoft Corporation) >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
040 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
052 * C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) {0055C089-8582-441B-A0BF-17B458C2A3A8}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
052 * C:\PROGRA~1\LEAPFT~1.0\lftpie.dll (LeapWare) {A5479DA1-7843-43A7-B5C0-BE342C77B629}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) {E33CF602-D945-461A-83F0-819F76A199F8}
052 * C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) {9030D464-4C02-4ABF-8ECC-5164760863C6}
060 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {fbeb8a05-beee-4442-804e-409d6c4515e9}
060 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7849596a-48ea-486e-8937-a2a3009f31a9}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {F2CF5485-4E02-4f68-819C-B92DE9277049}
061 * C:\WINDOWS\system32\cabview.dll (Microsoft Corporation) {0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
061 * C:\WINDOWS\system32\occache.dll (Microsoft Corporation) {88C6C381-2E85-11D0-94DE-444553540000}
061 * C:\WINDOWS\system32\extmgr.dll (Microsoft Corporation) {692F0339-CBAA-47e6-B5B5-3B84DB604E87}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FF393560-C2A7-11CF-BFF4-444553540000}
061 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {25336920-03f9-11cf-8fd0-00aa00686f13}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3028902F-6374-48b2-8DC6-9725E775B926}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {73CFD649-CD48-4fd8-A272-2070EA56526B}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FDE7673D-2E19-4145-8376-BBD58C4BC7BA}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {1C1EDB47-CE22-4bbb-B608-77B48F83C823}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {11016101-E366-4D22-BC06-4ADA335C892B}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6CF48EF8-44CD-45d2-8832-A16EA016311B}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {4B78D326-D922-44f9-AF2A-07805C2A3560}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {205D7A97-F16D-4691-86EF-F3075DCCA57D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {44C76ECD-F7FA-411c-9929-1B77BA77F524}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {07C45BB1-4A8C-4642-A1F5-237E7215FF66}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6038EF75-ABFC-4e59-AB6F-12D397F6568D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {B31C5FAE-961F-415b-BAF0-E697A5178B94}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {9D958C62-3954-4b44-8FAB-C4670C1DB4C2}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {43886CD5-6529-41c4-A707-7B3C92C05E68}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {30D02401-6A81-11d0-8274-00C04FD5AE38}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {E6EE9AAC-F76B-4947-8260-A9F136138E11}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {871C5380-42A0-1069-A2EA-08002B30309D}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {FBF23B40-E3F0-101B-8488-00AA003E56F8}
061 * C:\PROGRA~1\LEAPFT~1.0\lftpshl.dll (LeapWare) {724B06C1-D4EE-11D5-8B17-000103219699}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {BC476F4C-D9D7-4100-8D4E-E043F6DEC409}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3C374A40-BAE4-11CF-BF7D-00AA006946EE}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {8856f961-340a-11d0-a96b-00c04fd705a2}
061 * C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation) {3050f3d9-98b5-11cf-bb82-00aa00bdce0b}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {E7E4BC40-E76A-11CE-A9BB-00AA004AE837}
061 * C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
061 * C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {7BD29E00-76C1-11CF-9DD0-00A0C9034933}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {7BD29E01-76C1-11CF-9DD0-00A0C9034933}
061 * C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) {3DC7A020-0ACD-11CF-A9BB-00AA004AE837}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F01-7B1C-11d1-838f-0000F80461CF}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F02-7B1C-11d1-838f-0000F80461CF}
062 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {66742402-F9B9-11D1-A202-0000F81FEDEE}
063 * C:\WINDOWS\system32\sasnative32.exe
064 * C:\WINDOWS\system32\advapi32.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\rpcrt4.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
064 * C:\WINDOWS\system32\wininet.dll (Microsoft Corporation)
067 * C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
067 C:\WINDOWS\system32\WgaLogon.dll
072 * C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
073 GoogleUpdateTaskMachineCore.job : C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
073 GoogleUpdateTaskMachineUA.job : C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
073 OGALogon.job : C:\WINDOWS\system32\OGAEXEC.exe
100 Start Page HKCU : about:Tabs
102 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
104 C:\WINDOWS\system32\OGACheckControl.dll {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
104 * C:\WINDOWS\system32\LegitCheckControl.DLL (Microsoft Corporation) {17492023-C23A-453E-A040-C7C580BBF700}
104 C:\WINDOWS\DOWNLO~1\bmc.ocx {7253A666-804A-1107-A4DC-00E04C504788}
104 GUID / CLSID not found {867E13F2-7F31-44FB-AC97-CD38E0DC46EF}
105 Add to Anti-Banner : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
105 Block frame with Ad Muncher :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

105 Block image with Ad Muncher :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

105 Block link with Ad Muncher :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

105 Don't filter page with Ad Muncher :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

105 Report page to the Ad Muncher developers :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل محتوى FLV بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetVL.htm
121 * C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab ZAO)
121 * C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
147 * C:\WINDOWS\system32\schannel.dll (Microsoft Corporation)
173 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
173 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
173 C:\Program Files\Advanced System Optimizer 3\SecureShell.dll (Systweak Inc) {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
173 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Start Menu Pin
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
221 C:\Program Files\Notepad++\NppShell_01.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {09799AFB-AD67-11d1-ABCD-00C04FC30936}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
221 C:\Program Files\Advanced System Optimizer 3\SecureShell.dll (Systweak Inc) {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
221 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Start Menu Pin
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7BA4C740-9E81-11CF-99D3-00AA004AE837}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
225 C:\Program Files\Advanced System Optimizer 3\SecureShell.dll (Systweak Inc) {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
225 C:\Program Files\Advanced System Optimizer 3\SecureShell.dll (Systweak Inc) {D23C3BA7-6DC3-4DDF-9BDF-12599E852A40}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}
227 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {D969A300-E7FF-11d0-A93B-00A0C90F2719}
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
231 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
253 * C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
254 * C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) {217FC9C0-3AEA-1069-A2DB-08002B30309D}
Missing files
-------------
010 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\DOCUME~1\USER\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
121 ?

®الإعصار® · 27 سبتمبر 2010

ارفق تقرير هيجاك لو تكرمت

DJ KROZ · 27 سبتمبر 2010

تفضل يا مشرفنا العزيز

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:24:31 م, on 27/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zoneLINK MultiCore Optimizer] "C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAY
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ASO3DiskOptimizer - Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9998 bytes

alemalbyelaram · 27 سبتمبر 2010

اخوى اعمل فحص لحين ما يجى مشرفنا يتابع معك

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند التسطيب تظهر لك رساله

هل تريد حذف البرنامج نعم اولا ؟

اختار لا

DJ KROZ · 27 سبتمبر 2010

تفضل اخي هذا التقرير

واسمحلي ع التأخير بس الفحص اخذ وقت وايد ~

************' Anti-Malware 1.46

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 4660
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/09/2010 10:27:25 م
mbam-log-2010-09-27 (22-27-25).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 199198
Time elapsed: 1 hour(s), 2 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{17c85456-11ik-a37r-3p06-57b45q721331} (Generic.Bot.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> No action taken.
HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Downloader) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\_restore{106C2273-E24E-4653-B200-2DEEB651224C}\RP201\A0093869.exe (Trojan.Dropper.PGen) -> No action taken.
C:\Documents and Settings\USER\Local Settings\Temp\XxX.xXx (Malware.Trace) -> No action taken.

DJ KROZ · 27 سبتمبر 2010

وهذا تقرير بعد ما حذفت الي طلعلي بالمالوير بايت

الحين راح اسوي ريستارت وان شاء الله ما ينضرب الويندوز نفس ما صار معاي من فترة بسبب البرنامج بعد ما نظف الجهاز

************' Anti-Malware 1.46

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Database version: 4660
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
27/09/2010 10:42:04 م
mbam-log-2010-09-27 (22-42-04).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 199198
Time elapsed: 1 hour(s), 2 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 4
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{17c85456-11ik-a37r-3p06-57b45q721331} (Generic.Bot.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ErrorRepairPro (Rogue.ErrorRepairProfessional) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\System Volume Information\_restore{106C2273-E24E-4653-B200-2DEEB651224C}\RP201\A0093869.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\USER\Local Settings\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.

®الإعصار® · 27 سبتمبر 2010

سلام عليكم
بالله ضع تقرير هيجاك جديد بعد الفحص الي عملته

DJ KROZ · 27 سبتمبر 2010

وعليكم السلام

اهلاً فيك اخي , تفضل هذا التقرير بعد تنظيف الجهاز

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:20 م, on 27/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zoneLINK MultiCore Optimizer] "C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAY
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ASO3DiskOptimizer - Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 9848 bytes

®الإعصار® · 27 سبتمبر 2010

من التقرير شيل التالي
O2 - BHO: LeapFTP Internet Explorer Hook - {A5479DA1-7843-43A7-B5C0-BE342C77B629} - C:\PROGRA~1\LEAPFT~1.0\lftpie.dll

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User '?')

بعد ذلك حمل التالي واستخدمه
بعد التحميل اضغط CHECK ALL ثم زر REMOVE

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

ثم وافينا بالنتائج لاهنت

DJ KROZ · 28 سبتمبر 2010

سويت كل الخطوات وهذا التقرير
بس شلون احذف اداة RRT ؟؟

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:43:15 م, on 28/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zoneLINK MultiCore Optimizer] "C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAY
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\USER\Desktop\RRT.exe auto
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ASO3DiskOptimizer - Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10154 bytes

®الإعصار® · 28 سبتمبر 2010

من الهيجاك شيل التالي
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\USER\Desktop\RRT.exe auto

ثم حمل

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

وبلغنا اخر النتائج

DJ KROZ · 28 سبتمبر 2010

تم الحذف ,, وهذا تقرير بعد ما استخدمت اداة TFC

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:43:27 م, on 28/09/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zoneLINK MultiCore Optimizer] "C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAY
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: ?,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ASO3DiskOptimizer - Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 10069 bytes

DJ KROZ · 28 سبتمبر 2010

Up

للرفع ~

DJ KROZ · 29 سبتمبر 2010

للرفع

up !!

DJ KROZ · 29 سبتمبر 2010

معقولة 3 ردود وكلها للرفع وللحين ولا رد !!

DJ KROZ · 2 أكتوبر 2010

ما زالت المشكلة موجودة

قمت بتشغيل الجهاز وفجأة سوى ريستارت من تلقاء نفسه !!!

A.M.A.M.S · 2 أكتوبر 2010

وعليكم السلام ورحمة الله وبركاته

أخى من التقرير الاخير احذف هذه القيمة

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

------------------------------------------------

ثم اذا سمحت هذه التقارير

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

+

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

+
ثم ضع هذا الأمر فى Run
dxdiag
ستظهر لك نافذه بها خصائص الجهاز قم بتصويرها

DJ KROZ · 2 أكتوبر 2010

وعليكم السلام ورحمة الله وبركاته

أخى من التقرير الاخير احذف هذه القيمة

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504788} (BMC Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

تـــــــــم الحذف

--------------------------------------

ثم اذا سمحت هذه التقارير

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

تفضل , هذا التقرير

Ad Muncher v4.81 Build 31376
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Adobe Shockwave Player 11.5
Advanced System Optimizer
AntiLogger
AntiLogger
Avira AntiVir Premium
CCleaner
Cleanse Uninstaller 3.0
Cs Non Steam
Google Update Helper
HijackThis 2.0.2
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
HP Photosmart, Officejet and Deskjet 7.0.A
Intel(R) Graphics Media *********** Driver
Internet Download Manager
Java(TM) 6 Update 21
KeyChanger Windows Edition
KeyScrambler
LeapFTP 3.0
Messenger Plus! Live
MessengerDiscovery 2.5.95
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Office 2003 Arabic User Interface Pack
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Notepad++
Office Genuine Advantage Validation 2.0.48.0 Cracked V4
OGA Notifier 2.0.0048.0
Outpost Firewall Pro 7.0.3
Photo to Cartoon
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
RealUpgrade 1.0
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB975558)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB982802)
Segoe UI
Sound Blaster PCI128 Drivers
ThreatFire
Total Recorder 8.1
Uninstall Crystal FTP Pro
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Internet Explorer 8 (KB980302)
Update for Windows XP (KB2141007)
USB Disk Security
VirusTotal Uploader 2.0
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
zoneLINK MultiCore Optimizer 1.00
حزمة التوافق لنظام Office 2007

--------- انتهاء التقرير ------------

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

طلع معاي صفحة انترنت ورفعتها لك على هذا الـ zSHARE

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

----------------------------

ثم ضع هذا الأمر فى Run
dxdiag
ستظهر لك نافذه بها خصائص الجهاز قم بتصويرها

تفضل هذه الصورة

A.M.A.M.S · 2 أكتوبر 2010

أخى بالنسبة
لتقرير الهايجاك يظهر به الكاسبر
وتقرير البرامج المثبته يظهر به الأفيرا
و
Outpost Firewall Pro

هل تستخدم برنامجين حماية
ام انك غيرت للأفيرا فى خلال الايام السابقة

ايضا تقرير Start UP
لا ترفع الملف
قم بنسخ محتوياته والصقها فى ردك القادم

DJ KROZ · 2 أكتوبر 2010

التقرير قبل لا احذف الكاسبر

كنت استخدم kaspersky internet security 2011

وامس حذفته وركبت الافيرا 10 انتي فايروس + اوت بوست فايروول فقط بدون انتي سباي ويير

والمشكلة كانت من ايام الكاسبر واليوم وقت الي شغلت الجهاز ( مركب عليه الافيرا + اوت بوست )

صارت معاي نفس المشكلة ..

-------------------------

هذا تقرير Start up

Start-Up Items; List generated by Start-Up Tool.

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

msnmsgr

Name:msnmsgrCommand:"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Windows Live MessengerCompany:Microsoft Corporation

ctfmon.exe

Name:ctfmon.exeCommand:C:\WINDOWS\system32\ctfmon.exeReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:CTF LoaderCompany:Microsoft Corporation

MSMSGS

Name:MSMSGSCommand:"C:\Program Files\Messenger\msmsgs.exe" /backgroundReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Windows MessengerCompany:Microsoft Corporation

IDMan

Name:IDManCommand:C:\Program Files\Internet Download Manager\IDMan.exe /onbootReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Internet Download Manager (IDM)Company:Tonec Inc.

MSMSGS

Name:MSMSGSCommand:"C:\Program Files\Messenger\msmsgs.exe" /backgroundReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:Windows MessengerCompany:Microsoft Corporation

ctfmon.exe

Name:ctfmon.exeCommand:C:\WINDOWS\system32\ctfmon.exeReg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:CTF LoaderCompany:Microsoft Corporation

IgfxTray

Name:IgfxTrayCommand:C:\WINDOWS\system32\igfxtray.exeReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:igfxTray ModuleCompany:Intel Corporation

Persistence

Name

ersistenceCommand:C:\WINDOWS\system32\igfxpers.exeReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription

ersistence ModuleCompany:Intel Corporation

SunJavaUpdateSched

Name:SunJavaUpdateSchedCommand:"C:\Program Files\Common Files\Java\Java Update\jusched.exe"Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Java(TM) Update SchedulerCompany:Sun Microsystems, Inc.

Adobe ARM

Name:Adobe ARMCommand:"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Adobe Reader and Acrobat ManagerCompany:Adobe Systems Incorporated

TkBellExe

Name:TkBellExeCommand:"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:RealNetworks SchedulerCompany:RealNetworks, Inc.

BluetoothAuthenticationAgent

Name:BluetoothAuthenticationAgentCommand:rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:n/aCompany:n/a

KernelFaultCheck

Name:KernelFaultCheckCommand:%systemroot%\system32\dumprep 0 -kReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:n/aCompany:n/a

avgnt

Name:avgntCommand:"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /minReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Antivirus System Tray ToolCompany:Avira GmbH

KeyScrambler

Name:KeyScramblerCommand:C:\Program Files\KeyScrambler\keyscrambler.exe /aReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:KeyScramblerCompany:QFX Software Corporation

AntiLogger

Name:AntiLoggerCommand:"C:\Program Files\AntiLogger\AntiLogger.exe" /minimizedReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Zemana AntiLogger User InterfaceCompany:Zemana Ltd.

ThreatFire

Name:ThreatFireCommand:C:\Program Files\ThreatFire\TFTray.exeReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription

C Tools ThreatFire Tray AppCompany

C Tools

OutpostMonitor

Name:OutpostMonitorCommand:"C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noserviceReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Outpost User InterfaceCompany:Agnitum Ltd.

OutpostFeedBack

Name:OutpostFeedBackCommand:"C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump

s_startupReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:FeedBack UtilityCompany:Agnitum Ltd.

zoneLINK MultiCore Optimizer

Name:zoneLINK MultiCore OptimizerCommand:"C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAYReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:zoneLINK Multicore OptimizerCompany:zoneLINK

USB Antivirus

Name:USB AntivirusCommand:C:\Program Files\USB Disk Security\USBGuard.exeReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:USB Disk SecurityCompany:Zbshareware Lab

HitmanPro35

Name:HitmanPro35Command:"C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:bootReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Hitman Pro 3.5Company:SurfRight B.V.

Ad Muncher

Name:Ad MuncherCommand:"C:\Program Files\Ad Muncher\AdMunch.exe" /btReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunStatus:enabledDescription:Ad MuncherCompany:Murray Hurps Corp Pty Ltd

SystemProtector

Name:SystemProtectorCommand:"C:\Program Files\Advanced System Optimizer 3\SystemProtector.exe" /autorunReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:Advanced System Optimizer - System ProtectorCompany:Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

)

RTHDCPL

Name:RTHDCPLCommand:RTHDCPL.EXEReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:Realtek HD Audio Control PanelCompany:Realtek Semiconductor Corp.

TkBellExe

Name:TkBellExeCommand:"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:RealNetworks SchedulerCompany:RealNetworks, Inc.

HotKeysCmds

Name:HotKeysCmdsCommand:C:\WINDOWS\system32\hkcmd.exeReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:hkcmd ModuleCompany:Intel Corporation

Adobe ARM

Name:Adobe ARMCommand:"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:Adobe Reader and Acrobat ManagerCompany:Adobe Systems Incorporated

AdobeAAMUpdater-1.0

Name:AdobeAAMUpdater-1.0Command:"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:Adobe Updater Startup UtilityCompany:Adobe Systems Incorporated

KernelFaultCheck

Name:KernelFaultCheckCommand:%systemroot%\system32\dumprep 0 -kReg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-Status:disabledDescription:n/aCompany:n/a

--- انتهاء التقرير ---

وهذا تقرير هايجاك جديد

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:02:50 م, on 02/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\KeyScrambler\keyscrambler.exe
C:\Program Files\AntiLogger\AntiLogger.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Advanced System Optimizer 3\ASO3.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files\AntiLogger\AntiLogger.exe" /minimized
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump

s_startup
O4 - HKLM\..\Run: [zoneLINK MultiCore Optimizer] "C:\Program Files\zoneLINK\MultiCore Optimizer\MultiCoreOptimizer.exe" -TRAY
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-1060284298-1770027372-1606980848-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll ?
O20 - Winlogon Notify: KeyScrambler - C:\WINDOWS\SYSTEM32\KeyScramblerLogon.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ASO3DiskOptimizer - Systweak Inc., (

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

) - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
--
End of file - 11351 bytes

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومى مميز

زيزوومى محترف

توقيع : ®الإعصار®

زيزوومى مميز

عضو شرف

توقيع : alemalbyelaram

زيزوومى مميز

زيزوومى مميز

زيزوومى محترف

توقيع : ®الإعصار®

زيزوومى مميز

زيزوومى محترف

توقيع : ®الإعصار®

زيزوومى مميز

زيزوومى محترف

توقيع : ®الإعصار®

زيزوومى مميز

زيزوومى مميز

زيزوومى مميز

زيزوومى مميز

زيزوومى مميز

زيزوومى فضى

توقيع : A.M.A.M.S

زيزوومى مميز

زيزوومى فضى

توقيع : A.M.A.M.S

زيزوومى مميز

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم