اشكرك علي ردك وتكرمك بـ المساعده والله يجزاك خير
هذآ’ التقرير بـ الأداء الى حطيتها
ComboFix 08-07-31.06 - Winxp 08/01/2008 20:18:19.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.601 [GMT 3:00]
Running from: C:\Documents and Settings\Winxp\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Winxp\Application Data\macromedia\Flash Player\#Shareds\BMSVH6HF\interclick.com
C:\Documents and Settings\Winxp\Application Data\macromedia\Flash Player\#Shareds\BMSVH6HF\interclick.com\ud.sol
C:\Documents and Settings\Winxp\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Winxp\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\WINDOWS\artools.dll
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\winitn.dll
C:\WINDOWS\vpeforhc.dll
.
((((((((((((((((((((((((( Files Created from 2008-07-01 to 2008-08-01 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-01 17:23 --------- d-----w C:\Documents and Settings\Winxp\Application Data\DMCache
2008-08-01 17:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-01 17:22 655,392 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-08-01 17:22 4,368 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-08-01 17:22 3,297,312 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-01 17:22 27,888 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-01 16:55 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Media Player Classic
2008-08-01 16:51 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-01 16:47 --------- d-----w C:\Program Files\Common Files\Real
2008-08-01 16:46 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-01 14:56 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Frag wipe funk
2008-08-01 13:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\third lies itch ford
2008-07-29 16:14 --------- d-----w C:\Program Files\Microsoft.NET
2008-07-28 15:01 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Sony
2008-07-28 15:00 --------- d-----w C:\Program Files\Sony Setup
2008-07-28 15:00 --------- d-----w C:\Program Files\Sony
2008-07-28 02:16 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Publish Providers
2008-07-27 20:45 --------- d-----w C:\Program Files\RC-WinTrans 7
2008-07-27 20:45 --------- d-----w C:\Program Files\Common Files\RC-WinTrans
2008-07-27 20:42 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-07-25 07:41 --------- d-----w C:\Program Files\Frag wipe funk
2008-07-24 09:35 --------- d-----w C:\Program Files\VSTplugins
2008-07-23 15:41 96,559 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-07-23 15:41 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-18 04:01 --------- d-----w C:\Documents and Settings\Winxp\Application Data\IDM
2008-07-18 03:23 --------- d-----w C:\Program Files\Internet Download Manager
2008-07-12 23:26 --------- d-----w C:\Program Files\NCH Software
2008-07-12 02:31 --------- d-----w C:\Program Files\Thumbs7
2008-07-12 02:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\ThumbsPlus
2008-07-09 14:34 206,256 ----a-w C:\WINDOWS\system32\idmmbc.dll
2008-07-07 17:38 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-07-06 17:04 --------- d-----w C:\Program Files\Opera
2008-07-06 17:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-07-05 23:03 --------- d-----w C:\Documents and Settings\Winxp\Application Data\ThumbsPlus
2008-07-02 09:16 --------- d-----w C:\Program Files\Circle Developement
2008-06-30 17:27 --------- d-----w C:\Program Files\koutbo6
2008-06-30 07:59 --------- d-----w C:\Program Files\Moodysoft
2008-06-29 22:13 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-29 05:46 --------- d-----w C:\Program Files\Microsoft Works
2008-06-28 18:46 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-06-28 17:38 --------- d-----w C:\Program Files\Common Files\eSellerate
2008-06-27 13:00 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-06-27 13:00 --------- d-----w C:\Program Files\ACD Systems
2008-06-27 06:51 --------- d-----w C:\Documents and Settings\Winxp\Application Data\ACD Systems
2008-06-27 06:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-06-25 17:31 --------- d-----w C:\Program Files\MSXML 4.0
2008-06-24 10:20 --------- d-----w C:\Documents and Settings\Winxp\Application Data\SoftMaker
2008-06-24 05:37 --------- d-----w C:\Program Files\Kaspersky Lab
2008-06-23 08:40 --------- d-----w C:\Program Files\Adolix
2008-06-22 08:41 --------- d-----w C:\Program Files\Multilizer 6
2008-06-21 21:45 --------- d-----w C:\Documents and Settings\Winxp\Application Data\TuneUp Software
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 08:43 --------- d-----w C:\Program Files\Java
2008-06-20 08:33 --------- d-----w C:\Program Files\Common Files\Java
2008-06-19 12:23 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Thinstall
2008-06-19 08:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-18 09:17 --------- d-----w C:\Program Files\CoffeeCup Software
2008-06-16 10:38 --------- d-----w C:\Documents and Settings\Winxp\Application Data\TechSmith
2008-06-15 23:14 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-06-13 11:05 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-06-12 02:09 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Styler
2008-06-11 18:06 --------- d-----w C:\Program Files\TechSmith
2008-06-11 16:13 --------- d-----w C:\Program Files\TGTSoft
2008-06-10 16:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\KeyText
2008-06-10 03:23 --------- d-----w C:\Documents and Settings\Winxp\Application Data\FastStone
2008-06-10 02:55 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{3A7FD077-F0B4-4276-BE42-175DEF23CA39}
2008-06-10 02:20 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Blueberry
2008-06-10 02:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Blueberry
2008-06-10 02:19 --------- d-----w C:\Documents and Settings\Winxp\Application Data\LogSys
2008-06-10 02:18 4,608 ----a-w C:\WINDOWS\system32\bbchlp.dll
2008-06-10 02:18 27,776 ----a-w C:\WINDOWS\system32\bbcap.dll
2008-06-10 02:18 2,944 ----a-w C:\WINDOWS\system32\drivers\bbcap.sys
2008-06-10 02:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogSys
2008-06-08 18:43 --------- d-----w C:\Documents and Settings\Winxp\Application Data\NCH Swift Sound
2008-06-08 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2008-06-05 23:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-04 01:40 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Pretty-Soft
2008-06-03 19:17 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-06-03 00:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-02 23:37 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-06-02 23:37 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-06-02 23:37 --------- d-----w C:\Program Files\Real
2008-06-02 23:23 311,296 ----a-w C:\WINDOWS\FastFolders.dll
2008-06-02 23:23 28,672 ----a-w C:\WINDOWS\FFUninst.exe
2008-06-02 23:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-06-02 23:00 --------- d-----w C:\Program Files\Cracklock
2008-06-02 22:15 --------- d-----w C:\Program Files\Common Files\TechSmith Shared
2008-06-02 22:12 --------- d-----w C:\Program Files\Ahead
2008-06-02 22:11 --------- d-----w C:\Program Files\Windows Live
2008-06-02 21:34 --------- d-----w C:\Documents and Settings\Winxp\Application Data\URSoft
2008-06-02 21:24 --------- d-----w C:\Documents and Settings\Winxp\Application Data\Avant Profiles
2008-06-02 21:23 --------- d-----w C:\Program Files\Thomson
2008-06-02 21:23 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-02 19:14 --------- d-----w C:\Program Files\Golden Al-Wafi Translator
2008-06-02 19:13 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-06-02 19:13 172,032 ------w C:\WINDOWS\Setup1.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/18/2008 06:22 AM 2606512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [03/13/2007 10:05 AM 98304]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [03/13/2007 10:05 AM 114688]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [03/13/2007 10:05 AM 94208]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [01/26/2004 11:38 AM 866816]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe" [05/02/2007 04:15 AM 75520]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [01/11/2008 10:16 PM 39792]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [04/25/2008 06:21 PM 201992]
"RTHDCPL"="RTHDCPL.EXE" [03/13/2007 10:02 AM 16116224 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [03/13/2007 10:02 AM 2879488 C:\WINDOWS\SkyTel.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/14/2008 03:12 AM 110592 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
C:\Documents and Settings\Winxp\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Antiwpa]
07/22/2006 11:49 PM 5376 C:\WINDOWS\system32\antiwpa.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM]
R1 bbcap;bbcap;C:\WINDOWS\system32\DRIVERS\bbcap.sys [06/10/2008 05:18 AM]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [03/25/2008 08:07 PM]
.
s of the 'Scheduled Tasks' folder
2008-08-01 C:\WINDOWS\Tasks\B4AA503A9429CF06.job
- c:\docume~1\winxp\applic~1\fragwi~1\typeremotepop.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Winxp\Application Data\Mozilla\Firefox\Profiles\7j3ta95g.default\
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJava11.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJava12.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJava13.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJava14.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJava32.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPJPI150_12.dll
FF -: plugin - C:\Program Files\Java\jre1.5.0_12\bin\NPOJI610.dll
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-08-01 20:23:35
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 08/01/2008 20:27:24 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-01 17:27:20
Pre-Run: 59,605,852,160 bytes free
Post-Run: 59,937,693,696 bytes free
206 --- E O F --- 2008-07-30 06:02:43
=========
هذآ’ التقرير بـ الهايجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:41 م, on 01/08/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
D:\برامج\برامج منوعه\الهايجاك\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: أضافة إلى مانع الأعلانات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32\antiwpa.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
--
End of file - 6801 bytes
