عند فتح قسم الهارد يتحول للون الأسود

  • بادئ الموضوع بادئ الموضوع hussin298
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,029
H

hussin298

زيزوومي جديد
إنضم
14 أغسطس 2009
المشاركات
35
مستوى التفاعل
6
النقاط
40
الإقامة
yemen
غير متصل
عند فتح قسم الهارد مثلا القسم G يتحول لون الخلفية إلى الأسود
حدث هذا معي عند ما حدثت الإنترنت الإكسبلورر إلى الإصدار الثامن في الوينوز الإكس بي

علما بأني عندما تراجعت عن التحديث وعدت إلى الإنترنت الإكسبلورر 6 أختفت المشكلة .
لكني أريد أن أحدث الإنترنت الإكسبلورر إلى الثامن . فما الحل لوتكرمتم
وفقكم الله

مرفق الصورة
___.JPG.html
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
لا أدري لماذا لم ترف الصورة
لكن رفعتها على الهوت فايل وهذا الرابط
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
اهلا بك اخي

حمل الاداة من هذا الموضوع
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعمل تقرير هايجاك
 
تأييد 0
أعتذر غلبتك معي ....... غشيم
هذا الرابط الصحيح
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
انتظر التقرير اخي :)
 
تأييد 0
أعتذر بشدة عن التأخير وهذا التقرير ( اعتقد ذلك ) أخوك مبتدئ جدا في الحماية .

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:52:00 م, on 22/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\hussin\Application Data\magentictb\incredimail1_0dn.exe
C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 ME\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\IPS\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Updater For Magentic Toolbar - {B3312915-9368-4FE4-8D4E-B60E5B36D0FF} - C:\Program Files\magentictb\auxi\magenticAu.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll
O3 - Toolbar: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Network Error Advisor] "C:\Program Files\magentictb\ExeRunner.exe" magentictb incredimail1_0dn
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hussin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\hussin\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKLM\..\Policies\Explorer\Run: [] 
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E217186-EE12-43BD-B6AF-7DCC62B93383}: NameServer = 192.168.1.1,192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{A3BCD642-3388-4C28-9B58-5112600510D7}: NameServer = 192.168.1.1,192.168.1.254
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: DCService.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE

--
End of file - 9500 bytes
 
تأييد 0
تم عمل اسكان وهذا هو التقرير

************' Anti-Malware 1.50.1.1100
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


Database version: 5833

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

25/02/2011 12:07:39 ص
mbam-log-2011-02-25 (00-07-39).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 232678
Time elapsed: 42 minute(s), 12 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 8
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 20

Memory Processes Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 1800 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC} (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\GHOST.MyNSHandler (Spyware.AdaEbook) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Value: UID -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,userinit.exe ,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (regedit.exe %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
c:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\youtube downloader toolbar\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\youtube downloader toolbar\searchsettings.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\youtube downloader toolbar\IE\1.0\youtubedownloadertoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\WINDOWS\mui\FALLBACK\0401\calc.exe.mui (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\local settings\Temp\regedit.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\local settings\Temp\rpc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\my documents\downloads\box_ntr2011.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\my documents\downloads\ملفات\nitro.pdf.professional-by emadderna\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\my documents\downloads\ملفات\wirelesskeyview\wirelesskeyview.exe (PUP.WirelessKeyView) -> Quarantined and deleted successfully.
c:\program files\Serah\Serah.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
c:\program files\youtube downloader toolbar\searchsettingsres409.dll (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files\youtube downloader toolbar\widgihelper.exe (PUP.Dealio) -> Quarantined and deleted successfully.
d:\الفلاش\program\registryhelpersetup2.exe (Rogue.Installer) -> Quarantined and deleted successfully.
e:\خاص\برامج وبحوث إدارية\win7act\cleantool.exe (Rogue.Removeit) -> Quarantined and deleted successfully.
c:\documents and settings\Hussien\application data\addon.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\Bifrost\klog.dat (Backdoor.Bifrose) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
 
تأييد 0
اعمل تقرير هايجاك ورن سكنر جديد
 
تأييد 0
تقرير هايجاك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:14:09 م, on 25/02/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\WINDOWS\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\PROGRA~1\MAGENTIC\bin\MgApp.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\NotsoSoftware\DriveDiscovery\NSSMR.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (file missing)
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (file missing)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Updater For Magentic Toolbar - {B3312915-9368-4FE4-8D4E-B60E5B36D0FF} - C:\Program Files\magentictb\auxi\magenticAu.dll (file missing)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (file missing)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVD0.dll (file missing)
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVD0.dll (file missing)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Magentic Toolbar - {07C92F45-3193-4FD9-AF54-B1925707C872} - C:\Program Files\magentictb\magenticDx.dll (file missing)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [NortonAntiBot] "C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [Network Error Advisor] "C:\Program Files\magentictb\ExeRunner.exe" magentictb incredimail1_0dn
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [SeePassword] C:\Program Files\SeePassword\SeePassword.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [Hide IP NG] C:\Program Files\Hide IP NG\hideipng.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\MAGENTIC\bin\Magentic.exe /c
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{D2AD6418-529F-430E-B828-79CAA19185E8}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: خدمة تحديث Google (gupdate1c9ab8626ac2c70) (gupdate1c9ab8626ac2c70) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett Packard Company - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE

--
End of file - 10452 bytes
 
تأييد 0
تقرير رن سكان

Runscanner logfile
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


* = signed file
- = file not found

General info
------------
Computer name : HUSSIN
Creation time : 25/02/2011 11:18:12 م
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.6001.18702
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 2.0.0.50
User Language : العربية (اليمن)‏
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\WINDOWS\system32\alg.exe (Microsoft Corporation)
* C:\WINDOWS\system32\CSRSS.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\CTFMON.EXE (Microsoft Corporation)
C:\Program Files\NotsoSoftware\DriveDiscovery\NSSMR.EXE (Notso Software)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SVCHOST.EXE (Microsoft Corporation)
* C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\HiYo\Bin\HiYo.exe (IncrediMail, Ltd.)
* C:\Program Files\Common Files\Java\Java Update\JUSCHED.EXE (Sun Microsystems, Inc.)
* C:\WINDOWS\system32\LSASS.EXE (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
C:\Program Files\Magentic\BIN\MgApp.exe
* C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
C:\Program Files\Orbitdownloader\ORBITNET.EXE (Orbitdownloader.com)
C:\WINDOWS\RocketDock\RocketDock.exe
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\WINDOWS\system32\SERVICES.EXE (Microsoft Corporation)
* C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
* C:\WINDOWS\system32\SPOOLSV.EXE (Microsoft Corporation)
* C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
* C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLSERVR.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\NLSSRV32.EXE (Nalpeiron Ltd.)
* C:\WINDOWS\EXPLORER.EXE (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\MSNMSGR.EXE (Microsoft Corporation)
* C:\Program Files\Messenger\MSMSGS.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\WINLOGON.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\SMSS.EXE (Microsoft Corporation)
* C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe
* C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
* C:\Documents and Settings\Hussien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

Unrated items
-------------
002 C:\WINDOWS\Vistadrive\vsdrv.exe
003 C:\PROGRA~1\MAGENTIC\bin\Magentic.exe
003 C:\WINDOWS\RocketDock\RocketDock.exe
005 C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
010 C:\Program Files\HPQ\SHARED\HPQWMI.exe (HP WMI Interface)
011 C:\WINDOWS\system32\DRIVERS\tap0901.sys (TAP-Win32 Adapter V9)
011 C:\WINDOWS\System32\Drivers\SPCA561.SYS (WEB-i)
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) {1E66F26B-79EE-11D2-8710-00C04F79ED0D}
030 GUID / CLSID not found {B1759355-3EEC-4C1E-B0F1-B719FE26E377}
031 C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
035 C:\WINDOWS\system32\mscories.dll (Microsoft Corporation) {89B4C1CD-B018-4511-B0A1-5476DBF70820}
041 C:\Program Files\Orbitdownloader\GrabPro.dll {C55BBCD6-41AD-48AD-9953-3609C48EACC7}
045 C:\Program Files\Orbitdownloader\GrabPro.dll {C55BBCD6-41AD-48AD-9953-3609C48EACC7}
052 GUID / CLSID not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
052 C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) {000123B4-9B42-4900-B3F7-F4B073EFC214}
061 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll {0561EC90-CE54-4f0c-9C55-E226110A740C}
061 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll {5574006C-28F5-4a65-A28C-74DE6BFBE0BB}
061 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll {327669A0-59A7-4be9-B99E-1C9F3A57611A}
061 C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}
061 C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation) {e82a2d71-5b2f-43a0-97b8-81be15854de8}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll {0561EC90-CE54-4f0c-9C55-E226110A740C}
069 C:\WINDOWS\system32\mdimon.dll (Microsoft Corporation)
100 ProxyOverride HKCU : plimus.com,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
100 Search Page HKCU :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

100 SearchAssistant HKLM :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

100 Start Page HKCU :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

104 GUID / CLSID not found {CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
105 &Download by Orbit : res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
105 &Grab video by Orbit : res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
105 ????? ?? ?????? ??????? ?????? :
105 ????? ???? ?? ?????? ??????? ?????? :
105 ????? ????? ????? (??.??.??) ?? ?????? ??????? ?????? :
105 Do&wnload selected by Orbit : res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
105 Down&load all by Orbit : res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
105 E&xport to Microsoft Excel : res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
105 E???? ??E?? ??I?? (??.??.??) EU ??E??E IC????I ?C???? :
105 E???? C??? EU ??E??E IC????I ?C???? :
105 E???? EU ??E??E IC????I ?C???? :
105 ÊÍãíá ãÍÊæì ÝíÏíæ (ÅÝ.Åá.Ýí) ÈÜ ÅäÊÑäÊ ÏÇæäáæÏ ãÇäíÌÑ : C:\Program Files\Internet Download Manager\IEGetVL.htm
105 ÊÍãíá Çáßá ÈÜ ÅäÊÑäÊ ÏÇæäáæÏ ãÇäíÌÑ : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 ÊÍãíá ÈÜ ÅäÊÑäÊ ÏÇæäáæÏ ãÇäíÌÑ : C:\Program Files\Internet Download Manager\IEExt.htm
120 NameServer {D2AD6418-529F-430E-B828-79CAA19185E8} : 192.168.1.1
170 {01911c4c-2bea-11de-92cf-00c09f473d75} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
170 {0909884a-b37c-11de-9358-00c09f473d75} : rundll32.exe .dll,XxKOo
170 {0909884b-b37c-11de-9358-00c09f473d75} : rundll32.exe .dll,XxKOo
170 {25b1d616-444a-11de-92f1-00c09f473d75} : G:\LaunchU3.exe -a
170 {25c3d8c3-c64b-11de-937b-00c09f473d75} : G:\start.exe
170 {2b402ce0-136d-11e0-948b-00c09f473d75} : G:\gvnwmy.pif
170 {4f5d3080-f2dc-11df-946a-00c09f473d75} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL CIwUT.Exe
170 {5d1ca550-0761-11de-929e-00c09f473d75} : I:\iqlwq.exe
170 {7d89d400-cf61-11de-938e-00c09f473d75} : G:\SystemVolumeInformation.exe
170 {7d89d401-cf61-11de-938e-00c09f473d75} : H:\SystemVolumeInformation.exe
170 {7d89d402-cf61-11de-938e-00c09f473d75} : I:\SystemVolumeInformation.exe
170 {7d89d403-cf61-11de-938e-00c09f473d75} : J:\SystemVolumeInformation.exe
170 {7d89d404-cf61-11de-938e-00c09f473d75} : K:\SystemVolumeInformation.exe
170 {a93bf674-019f-11de-9293-00c09f473d75} : x2tpc.cmd
171 C:\WINDOWS\system32\MAGENT~1.SCR (IncrediMail LTD.)
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
225 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
227 GUID / CLSID not found {BED4C38B-F765-45AC-8C56-613F76BBF43E}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
231 C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll Haali Column Provider
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
002 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
002 C:\Program Files\magentictb\ExeRunner.exe
002 C:\Program Files\Symantec\Norton AntiBot\agent\bin\NortonAntiBot.exe
002 C:\Program Files\SeePassword\SeePassword.exe
003 C:\Program Files\BitComet\BitComet.exe
003 C:\Program Files\Hide IP NG\hideipng.exe
003 C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 c:\windows\system32\DRIVERS\RTL8139.SYS
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
035 C:\Program Files\proxyExplorer\proxyExplor.exe
040 C:\PROGRA~1\DAP\SBSearch.dll
040 C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
040 C:\Program Files\DVDVideoSoft\tbDVD0.dll
041 C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
041 C:\Program Files\DVDVideoSoft\tbDVD0.dll
041 C:\Program Files\magentictb\magenticDx.dll
045 C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
045 C:\Program Files\DVDVideoSoft\tbDVD0.dll
052 C:\Program Files\magentictb\auxi\magenticAu.dll
052 C:\Program Files\magentictb\magenticDx.dll
052 C:\Program Files\DVDVideoSoftTB\tbDVD0.dll
052 C:\Program Files\DVDVideoSoft\tbDVD0.dll
073 C:\Program Files\ReviverSoft\RegistryReviver\RegistryReviver.exe
104 C:\Program Files\Java\jre6\bin\npjpi160_21.dll
104 C:\Program Files\Java\jre6\bin\npjpi160_21.dll
104 C:\Program Files\Java\jre6\bin\npjpi160_21.dll
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى