moad3
زيزوومى متألق
غير متصل
- بادئ الموضوع moad3
- تاريخ البدء
- 1,166
Blackstar_tech
زيزوومي جديد
- إنضم
- 28 أغسطس 2007
- المشاركات
- 2,158
- مستوى التفاعل
- 9
- النقاط
- 0
- الإقامة
- Egypt
- الموقع الالكتروني
- www.zyzoom.net
غير متصل
السلام عليكم يالغالي ,,
العذر بنقل موضوعك لاسباب تنظيمية و ليلقي افضل
دعم ممكن ,, بالتوفيق
العذر بنقل موضوعك لاسباب تنظيمية و ليلقي افضل
دعم ممكن ,, بالتوفيق
توقيع : Blackstar_tech
تأييد
0
Knight Lord
زيزوومى محترف
غير متصل
:?:وش دخل الكاسبر بذيفالكاسبر معطل كل الاتصالات البلوتوث والويرليس والكيبل
ننتظر الاخوان
توقيع : Knight Lord
تأييد
0
عزيز اعتقد انك ظالم الكاسبر ..........
انا عندي الكاسبر 2009 وعربي ولا مشاكل فقد يعطيك رساله اذا نصبت برنامج هل تسمح له اولا ......
وهذا الي ظاهر في الصوره تعريفات الجهاز ليس لها علاقه بالحمايه الا اذا فيه فيروس او تروجين .......
اعرض تقرير الهاي جاك ................لمحاولة فهم المشكله .......
دمت بصحة وعافية ..
انا عندي الكاسبر 2009 وعربي ولا مشاكل فقد يعطيك رساله اذا نصبت برنامج هل تسمح له اولا ......
وهذا الي ظاهر في الصوره تعريفات الجهاز ليس لها علاقه بالحمايه الا اذا فيه فيروس او تروجين .......
اعرض تقرير الهاي جاك ................لمحاولة فهم المشكله .......
دمت بصحة وعافية ..
تأييد
0
السّاجد لله
زيزوومى فضى
- إنضم
- 15 مايو 2008
- المشاركات
- 6,854
- مستوى التفاعل
- 108
- النقاط
- 850
- الإقامة
- بغداد انتي في دمي
- الموقع الالكتروني
- www.tvquran.com
غير متصل
هات تقرير هايجاك
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم
توقيع : السّاجد لله
تأييد
0
moad3
زيزوومى متألق
غير متصل
شكراً حبايبي على الرد لكن المشكله مو بس عندي او في جهاز واحد
حتى في المنتدى شفت اكثر من موضوع نفس مشكلتي لكن لم يصوورو صوره للمشكله
لعدم القدره احتمال؟
لكن انا متأكد أن المشكله من الكاسبر 100%
اما بالنسبه لعرض الهي جاك انا افرمت الجهاز اول ماتحد ث لي المشكله هذي وعدم تركيب الكاسبر 2009
اما اركب الكاسبر 2007 او النود ا و الافرا
فقط
فأتوقع 100% راح يلاحظون الكثير من مستخدمين الكاسبر 2009 العربي السبشل هذه المشكله في الايام القريبه
وشكراً
فأتمنا من لاحظ مشكله عنده من الكاسبر السبشل 2009 يرد علينا بأسرع وقت
حتى في المنتدى شفت اكثر من موضوع نفس مشكلتي لكن لم يصوورو صوره للمشكله
لعدم القدره احتمال؟
لكن انا متأكد أن المشكله من الكاسبر 100%
اما بالنسبه لعرض الهي جاك انا افرمت الجهاز اول ماتحد ث لي المشكله هذي وعدم تركيب الكاسبر 2009
اما اركب الكاسبر 2007 او النود ا و الافرا
فقط
فأتوقع 100% راح يلاحظون الكثير من مستخدمين الكاسبر 2009 العربي السبشل هذه المشكله في الايام القريبه
وشكراً
فأتمنا من لاحظ مشكله عنده من الكاسبر السبشل 2009 يرد علينا بأسرع وقت
توقيع : moad3
تأييد
0
jin kazama
زيزوومى مميز
غير متصل
اذا كان Setup الـ Kaspersky عربي فانا اوفقك الراي < علماً ان المشكلة لم تحدث معي و ان شاء الله ما تحدث ، لكن اذا كان Seyup الـ Kaspersky انجليزي و من ثم تعربه فالمشكلة مو من الـ Kaspersky
توقيع : jin kazama
تأييد
0
jin kazama
زيزوومى مميز
غير متصل
لكن المشكله واجهتها في كل الحالتين
بعض الاجهزة تم تعريبها وصادفة المشكله نفسها
وبعضها بدون تعريب ونفس الشي صادفة نفس المشكله
وشكراً لمتابعة الموضوع يعطيك العافيه
العفو اخوي ، الله يعافيك ، هذا واجبنا ، انت تستخدم اي اصدار ؟ لان في Kaspersky 2009 عدة اصدارات ، افضل انك تستخدم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
، Kaspersky Internet Security 2009 v8.0.0.357
توقيع : jin kazama
تأييد
0
moad3
زيزوومى متألق
غير متصل
رجعت للموضوع
لاني فرمت الجهاز السابق الي حصلت معي نفس المشكله هذي
حصلت الحين نفس المشكله في جهازي هذا
رغم اني ابصم بالعشررررررررر ان المشكله من الكاسبر 2009 بعد تحديثه حصلت معي المشكله
رغم ان قبل يومين كان موجود على الجهاز الافراااااااااااا وكان شغال من احسن مايكون
بعد تركيبي للكاسبر2009
وبعد تحديثه حصلت المشكله
انظر الصورة
وهذا التقرير بالــ combofix
ComboFix 08-09-05.10 - nw 09/17/2008 21:17:07.3 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.286 [GMT 3:00]
Running from: C:\Documents and Settings\nw\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\amvo0.dll
.
((((((((((((((((((((((((( Files Created from 2008-08-17 to 2008-09-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-17 18:14 1,606 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-09-17 11:44 --------- d-----w C:\Program Files\VMware
2008-09-17 11:44 --------- d-----w C:\Program Files\Common Files\VMware
2008-09-17 11:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-17 11:30 --------- d-----w C:\Documents and Settings\nw\Application Data\BitDefender
2008-09-17 11:29 --------- d-----w C:\Program Files\BitDefender
2008-09-17 11:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-09-17 11:28 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-09-17 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-09-17 10:35 --------- d-----w C:\Program Files\SWiSH Studio2(2)
2008-09-17 08:19 --------- d-----w C:\Program Files\Faronics
2008-09-17 08:04 --------- d-----w C:\Program Files\PhotoRescue
2008-09-17 08:00 --------- d-----w C:\Program Files\VSO
2008-09-16 19:54 --------- d-----w C:\Program Files\VMware(2)
2008-09-16 19:54 --------- d-----w C:\Program Files\Common Files\VMware(2)
2008-09-15 00:35 --------- d-----w C:\Documents and Settings\nw\Application Data\DivX
2008-09-15 00:26 --------- d-----w C:\Program Files\XP Codec Pack
2008-09-15 00:24 --------- d-----w C:\Documents and Settings\nw\Application Data\vlc
2008-09-15 00:23 --------- d-----w C:\Program Files\VideoLAN
2008-09-15 00:23 --------- d-----w C:\Program Files\Real Alternative
2008-09-15 00:20 --------- d-----w C:\Program Files\DivX
2008-09-15 00:10 --------- d-----w C:\Documents and Settings\nw\Application Data\Media Player Classic
2008-09-14 23:50 --------- d-----w C:\Documents and Settings\nw\Application Data\GRETECH
2008-09-14 23:35 --------- d-----w C:\Documents and Settings\nw\Application Data\Thinstall
2008-09-14 22:25 --------- d-----w C:\Program Files\ARRQW USB Modem
2008-09-14 22:09 870,601 ----a-w C:\WINDOWS\system32\SRPExe.zip
2008-09-14 22:09 2,840,059 ----a-w C:\WINDOWS\system32\SRPSig.zip
2008-09-14 21:43 --------- d-----w C:\Program Files\FinalData
2008-09-14 21:38 --------- d-----w C:\Program Files\SpyRemover Pro
2008-09-14 21:17 --------- d-----w C:\Documents and Settings\nw\Application Data\VMware
2008-09-14 19:17 --------- d-----w C:\Documents and Settings\LocalService\Application Data\VMware
2008-09-14 18:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\VMware
2008-09-14 13:05 94,893 --sh--r C:\t0k3c.cmd
2008-09-13 21:38 --------- d-----w C:\Program Files\BandRich
2008-09-13 21:29 --------- d-----w C:\Program Files\TopByteLabs
2008-09-13 21:19 --------- d-----w C:\Program Files\USB Disk Security
2008-09-13 19:46 --------- d-----w C:\Program Files\Balut
2008-09-11 18:36 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
2008-09-11 18:08 0 ----a-w C:\execonfig.exe
2008-09-11 18:08 0 ----a-w C:\csmexec.exe
2008-09-11 18:08 0 ----a-w C:\alg_1.1652.0.exe
2008-09-11 18:03 --------- d-----w C:\Program Files\Uniblue
2008-09-11 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-09-11 04:36 --------- d-----w C:\Program Files\NextSecurity.NET
2008-09-11 04:32 --------- d-----w C:\Program Files\WinPcap
2008-09-11 04:23 --------- d-----w C:\Program Files\Wireless WEP Key Password Spy
2008-09-11 04:11 81,920 ----a-w C:\Documents and Settings\nw\Application Data\ezpinst.exe
2008-09-11 04:11 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-09-11 04:11 47,360 ----a-w C:\Documents and Settings\nw\Application Data\pcouffin.sys
2008-09-11 04:10 --------- d-----w C:\Program Files\Video Convert Master
2008-09-11 03:58 --------- d-----w C:\Documents and Settings\nw\Application Data\Uniblue
2008-09-11 03:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-09-11 01:39 --------- d-----w C:\Program Files\Ipswitch
2008-09-11 01:39 --------- d-----w C:\Documents and Settings\nw\Application Data\Ipswitch
2008-09-11 01:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ipswitch
2008-09-10 12:23 --------- d-----w C:\Program Files\uTorrent
2008-09-10 12:23 --------- d-----w C:\Documents and Settings\nw\Application Data\uTorrent
2008-09-10 11:41 --------- d-----w C:\Program Files\Zoom Player
2008-09-10 11:41 --------- d-----w C:\Program Files\GRETECH
2008-09-10 11:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 01:32 --------- d-----w C:\Program Files\Software Informer
2008-09-10 01:32 --------- d-----w C:\Program Files\Free Download Manager
2008-09-10 01:32 --------- d-----w C:\Documents and Settings\nw\Application Data\Free Download Manager
2008-09-10 01:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-09-10 01:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\flag barb cake wipe
2008-09-10 01:04 --------- d-----w C:\Program Files\itch fast data
2008-09-10 00:56 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-08 10:43 --------- d-----w C:\Program Files\Alwil Software
2008-09-07 20:37 --------- d-----w C:\Program Files\Microsoft Virtual PC
2008-09-07 10:47 --------- d-----w C:\Program Files\UltraISO
2008-09-07 10:45 --------- d-----w C:\Program Files\MagicISO
2008-09-07 10:34 --------- d-----w C:\Program Files\Common Files\Nero
2008-09-07 09:41 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-09-07 09:41 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-09-07 09:41 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-09-07 09:41 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-09-07 09:41 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-09-07 09:41 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-09-07 09:41 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-09-07 09:41 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
2008-09-07 09:40 --------- d-----w C:\Program Files\Real_SC
2008-09-07 09:16 --------- d-----w C:\Program Files\Total Video Converter
2008-09-07 09:15 626,688 ----a-w C:\WINDOWS\system32\agsaamh.dll
2008-09-07 09:15 215,552 ----a-w C:\WINDOWS\system32\ALOWMVFile.dll
2008-09-07 09:15 188,416 ----a-w C:\WINDOWS\system32\ALOVideoFile.dll
2008-09-07 09:14 90,112 ----a-w C:\WINDOWS\system32\ALOAudioFormatSettings3.dll
2008-09-07 09:14 780,288 ----a-w C:\WINDOWS\system32\ALOVideoCompress.dll
2008-09-07 09:14 778,240 ----a-w C:\WINDOWS\system32\ALOAudioCompress2.dll
2008-09-07 09:14 544,256 ----a-w C:\WINDOWS\system32\agsaamd.dll
2008-09-07 09:14 538,624 ----a-w C:\WINDOWS\system32\agsaamb.dll
2008-09-07 09:14 331,776 ----a-w C:\WINDOWS\system32\agsaama.dll
2008-09-07 09:14 2,846,720 ----a-w C:\WINDOWS\system32\ALOAudioCompress3.dll
2008-09-07 08:58 344,064 ----a-w C:\WINDOWS\system32\dkll.dll
2008-09-07 08:57 --------- d-----w C:\Program Files\Ozone
2008-09-07 08:53 --------- d-----w C:\Program Files\Audio Converter Plus
2008-09-07 08:29 --------- d-----w C:\Program Files\AML Products
2008-09-07 08:13 --------- d-----w C:\Program Files\Easy Video Capture
2008-09-06 14:16 7,195,315 ----a-w C:\WINDOWS\system32\SRPFSig.dll
2008-09-06 13:26 10,994,295 ----a-w C:\WINDOWS\system32\SRPRSig.dll
2008-09-06 13:15 754,685 ----a-w C:\WINDOWS\system32\SRPESig.dll
.
((((((((((((((((((((((((((((( snapshot_Tue 09-09-2008_16.25.41.87 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:02 17,784 ------w C:\WINDOWS\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:02 231,288 ------w C:\WINDOWS\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:02 26,488 ------w C:\WINDOWS\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:18:14 752,504 ------w C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:04 380,792 ------w C:\WINDOWS\$hf_mig$\KB938464\update\updspapi.dll
+ 2004-08-03 18:55:42 2,804,224 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-03 18:56:22 77,312 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2004-08-03 18:55:42 331,264 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2004-08-03 18:54:00 884,736 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2004-08-03 18:55:42 44,032 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll
+ 2005-05-04 11:45:26 209,120 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe
+ 2005-05-04 11:45:26 369,888 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll
+ 2007-11-30 12:39:02 231,288 ------w C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04 380,792 ------w C:\WINDOWS\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2008-09-17 07:39:54 2,048 --s-a-w C:\WINDOWS\bootstet.dat
+ 2008-09-14 22:25:48 10,134 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\ARPPRODUCTICON.exe
+ 2008-09-14 22:25:48 45,056 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\USB_Modem.exe_2DA2B0A1D96A42C9AA8818F1EAC4B3E0.exe
+ 2008-09-14 22:25:48 45,056 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\USB_Modem.exe1_2DA2B0A1D96A42C9AA8818F1EAC4B3E0.exe
+ 2008-09-13 21:39:14 49,152 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\ARPPRODUCTICON.exe
+ 2008-09-13 21:39:14 49,152 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\BRService.exe_6A5CC193FA734D828F33A33AAD7471E0_2.exe
+ 2008-09-13 21:39:14 8,854 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\UNINST_Uninstall_C_6A5CC193FA734D828F33A33AAD7471E0.exe
+ 2008-09-11 00:50:52 12,288 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-11 00:50:52 282,624 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\fpicon.exe
+ 2008-09-11 00:50:52 135,168 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-11 00:50:52 27,136 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-11 00:50:52 4,096 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-11 00:44:12 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2008-09-11 03:58:18 632,320 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}\IconCD95F66110.exe
+ 2008-09-11 03:58:20 29,184 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}\IconCD95F6617.exe
- 1997-11-19 12:49:58 303,616 ----a-w C:\WINDOWS\IsUninst.exe
+ 1998-10-29 13:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Aero\Shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Aero48\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\AeroMax\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\AeroMax48\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Basic48\Shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\NormalColor\Shellstyle.dll
+ 1999-04-17 20:36:40 10,752 ----a-w C:\WINDOWS\system32\aamd532.dll
+ 2003-05-07 14:09:56 147,456 ----a-w C:\WINDOWS\system32\AbsoluteHttp.dll
+ 2003-03-18 16:05:50 89,088 ----a-w C:\WINDOWS\system32\atl71.dll
+ 2004-08-10 05:50:22 77,889 ----a-w C:\WINDOWS\system32\atrc.dll
+ 2004-08-10 05:50:00 65,602 ----a-w C:\WINDOWS\system32\cook.dll
- 2007-02-01 02:56:06 639,066 ----a-w C:\WINDOWS\system32\divx.dll
+ 2008-06-11 00:03:18 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
+ 2008-06-11 00:03:20 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
+ 2008-06-18 17:52:28 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
+ 2008-05-22 22:18:54 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
+ 2004-08-03 20:10:40 38,016 ----a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
- 2004-08-03 21:55:42 2,804,224 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2005-05-04 11:45:32 2,890,240 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2004-08-03 21:56:22 77,312 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2005-05-04 11:45:36 78,848 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2004-08-03 18:55:42 331,264 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2005-05-04 11:45:36 271,360 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2004-08-03 18:54:00 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2005-05-04 11:45:36 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2004-08-03 18:55:42 44,032 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2005-05-04 11:45:36 15,360 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2007-01-30 02:56:58 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-06-11 00:03:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-06-11 00:03:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
+ 2008-06-11 00:03:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
+ 2008-06-11 00:03:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
+ 2008-06-11 00:03:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
+ 2008-06-11 00:03:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
+ 2008-06-11 00:03:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\drivers\amoiusbser.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\drivers\br3gmdm.sys
+ 2004-08-03 20:10:40 38,016 ----a-w C:\WINDOWS\system32\drivers\bthmodem.sys
+ 2008-06-11 00:07:16 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2008-06-11 00:07:16 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2007-02-04 01:24:16 34,096 ----a-w C:\WINDOWS\system32\drivers\hcmon.sys
+ 2008-04-16 11:23:44 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
+ 2008-01-29 15:29:38 32,784 ----a-w C:\WINDOWS\system32\drivers\klbg.sys
+ 2008-06-16 09:30:34 187,408 ----a-w C:\WINDOWS\system32\drivers\klif.sys
+ 2008-03-25 17:07:10 24,592 ----a-w C:\WINDOWS\system32\drivers\klim5.sys
+ 2005-08-02 21:10:14 32,512 ----a-w C:\WINDOWS\system32\drivers\npf.sys
+ 2004-12-06 17:08:24 32,768 ----a-w C:\WINDOWS\system32\drivers\nspacket.sys
+ 2008-06-11 00:07:16 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
+ 2007-01-29 10:24:34 58,256 ----a-r C:\WINDOWS\system32\drivers\stcp2v30.sys
+ 2007-02-04 01:24:16 21,040 ----a-w C:\WINDOWS\system32\drivers\vmkbd.sys
+ 2007-02-04 01:24:14 17,712 ----a-w C:\WINDOWS\system32\drivers\vmnet.sys
+ 2007-02-04 01:24:18 16,816 ----a-w C:\WINDOWS\system32\drivers\vmnetadapter.sys
+ 2007-02-04 01:24:24 28,592 ----a-w C:\WINDOWS\system32\drivers\vmnetbridge.sys
+ 2007-02-04 01:24:18 25,264 ----a-w C:\WINDOWS\system32\drivers\vmnetuserif.sys
+ 2007-02-04 01:24:14 143,280 ----a-w C:\WINDOWS\system32\drivers\vmx86.sys
+ 2004-08-10 05:50:48 102,464 ----a-w C:\WINDOWS\system32\drv1.dll
+ 2004-08-10 05:51:08 176,195 ----a-w C:\WINDOWS\system32\drv2.dll
+ 2004-11-24 18:25:52 335,872 ----a-w C:\WINDOWS\system32\drvc.dll
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\DRVSTORE\amoimdm_76D50F7A27633C864848331FAD25A9BB04EC6BCE\amoiusbser.sys
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\DRVSTORE\amoiser_76D50F7A27633C864848331FAD25A9BB04EC6BCE\amoiusbser.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\DRVSTORE\brmdm_FCB51AF1BA03D4ECB9F88F573C8989E0F85F5000\br3gmdm.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\DRVSTORE\brser_40325D1944572F58BDB624E26BEDF4F22E8FA3E6\br3gmdm.sys
- 2007-01-30 02:56:58 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
+ 2008-06-11 00:03:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
+ 2008-09-11 01:39:52 602,112 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\English_WSFTP_Pro_asm_lic_gui_6_50_145.dll
+ 2008-09-11 01:39:52 135,168 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\Ips_asm_lic_6_50_54.dll
+ 2008-09-11 01:39:50 17,920 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\prv_fallback_6_41_95.dll
+ 2008-09-11 01:39:48 503,808 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\s\prv_ee_6_41_95.dll
+ 2008-09-11 01:39:50 17,920 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\s\prv_fallback_6_41_95.dll
+ 2004-10-03 16:50:54 129,024 ----a-w C:\WINDOWS\system32\ff_mpeg2enc.dll
+ 2008-06-22 16:34:00 177,664 ----a-w C:\WINDOWS\system32\ff_theora.dll
+ 2008-06-13 10:39:38 23,552 ----a-w C:\WINDOWS\system32\ff_wmv9.dll
+ 2008-07-05 10:13:16 708,096 ----a-w C:\WINDOWS\system32\ff_x264.dll
- 2008-09-07 20:12:32 336,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-09-17 11:46:46 336,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-10 05:52:54 241,723 ----a-w C:\WINDOWS\system32\hxltcolor.dll
+ 2008-04-25 15:22:24 206,088 ----a-w C:\WINDOWS\system32\klogon.dll
+ 2008-07-05 10:14:44 3,591,168 ----a-w C:\WINDOWS\system32\libavcodec.dll
+ 2008-07-05 10:14:48 456,192 ----a-w C:\WINDOWS\system32\libmplayer.dll
+ 2003-03-18 18:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
- 2008-08-05 18:11:02 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-26 20:28:12 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-03 18:55:42 2,804,224 ----a-w C:\WINDOWS\system32\msi.dll
+ 2005-05-04 11:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-03 18:56:22 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2005-05-04 11:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2004-08-03 18:55:42 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2005-05-04 11:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-03 18:54:00 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2005-05-04 11:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-03 18:55:42 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2005-05-04 11:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2004-08-03 18:55:46 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2004-02-24 06:12:40 1,386,496 ------w C:\WINDOWS\system32\msvbvm60.dll
+ 2004-08-03 18:55:46 1,236,480 ----a-w C:\WINDOWS\system32\msxml3(2).dll
+ 2001-09-19 09:00:00 44,032 ----a-w C:\WINDOWS\system32\msxml3r(2).dll
+ 2008-02-09 12:46:30 28,160 ----a-w C:\WINDOWS\system32\nircmd.exe
+ 2004-04-20 21:00:00 172,032 ----a-w C:\WINDOWS\system32\OptimFROG.dll
+ 2005-08-02 21:08:10 81,920 ----a-w C:\WINDOWS\system32\Packet.dll
- 2008-09-10 12:16:18 41,032 ----a-w C:\WINDOWS\system32\perfc001.dat
+ 2008-09-17 18:14:52 43,398 ----a-w C:\WINDOWS\system32\perfc001.dat
- 2008-09-10 12:16:18 41,000 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-09-17 18:14:52 43,334 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-09-10 12:16:18 253,622 ----a-w C:\WINDOWS\system32\perfh001.dat
+ 2008-09-17 18:14:52 258,720 ----a-w C:\WINDOWS\system32\perfh001.dat
- 2008-09-10 12:16:18 312,612 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-17 18:14:52 316,612 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-06-16 01:54:26 278,528 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2003-11-25 22:32:02 123,392 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2005-08-02 21:24:02 53,299 ----a-w C:\WINDOWS\system32\pthreadVC.dll
+ 2008-06-11 00:07:14 551,672 ------w C:\WINDOWS\system32\px.dll
+ 2008-06-11 00:07:14 129,784 ------w C:\WINDOWS\system32\pxafs.dll
+ 2008-06-11 00:07:14 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-06-11 00:07:16 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
+ 2008-06-11 00:07:16 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-06-11 00:07:16 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-06-11 00:07:14 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-06-11 00:07:16 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
+ 2008-06-11 00:07:16 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2008-06-11 00:07:16 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
+ 2008-06-11 00:07:16 379,640 ------w C:\WINDOWS\system32\pxwave.dll
- 2007-01-30 03:03:42 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
+ 2008-06-11 00:07:20 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
+ 2008-09-17 11:46:08 1,281,896 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2004-08-10 05:50:40 49,216 ----a-w C:\WINDOWS\system32\rv10.dll
+ 2004-08-10 05:51:00 57,411 ----a-w C:\WINDOWS\system32\rv20.dll
+ 2004-08-10 05:52:14 49,221 ----a-w C:\WINDOWS\system32\rv30.dll
+ 2004-08-10 05:52:16 49,221 ----a-w C:\WINDOWS\system32\rv40.dll
+ 2000-05-24 04:20:04 19,968 ----a-w C:\WINDOWS\system32\sheltarg.dll
+ 2006-11-02 15:10:16 80,912 ----a-w C:\WINDOWS\system32\sherlock2.exe
+ 2004-08-10 05:50:12 106,561 ----a-w C:\WINDOWS\system32\sipr.dll
+ 2006-11-08 12:33:52 2,380 ----a-w C:\WINDOWS\system32\SRPBlkCoo.dll
+ 2004-05-15 09:12:00 13,772 ----a-w C:\WINDOWS\system32\SRPImmData.dll
+ 2004-07-16 13:11:38 622,113 ----a-w C:\WINDOWS\system32\SRPList.dll
+ 2007-01-05 09:46:52 25,964 ----a-w C:\WINDOWS\system32\SRPSigLevel.dll
+ 2003-01-26 10:41:24 40,960 ----a-w C:\WINDOWS\system32\SSubTmr6.dll
+ 2006-04-21 13:45:56 5,451,776 ----a-r C:\WINDOWS\system32\V2iDiskLib.dll
+ 2007-02-04 01:24:00 154,416 ----a-w C:\WINDOWS\system32\VMNAT.EXE
+ 2007-02-04 00:18:20 195,376 ----a-w C:\WINDOWS\system32\vmnc.dll
+ 2007-02-04 01:24:14 50,992 ----a-w C:\WINDOWS\system32\vmnetbridge.dll
+ 2007-02-04 01:23:48 121,648 ----a-w C:\WINDOWS\system32\vmnetdhcp.exe
+ 2007-02-04 01:23:20 13,104 ----a-w C:\WINDOWS\system32\vnetinst.dll
+ 2007-02-04 01:23:50 437,040 ----a-w C:\WINDOWS\system32\vnetlib.dll
+ 2008-06-12 16:25:06 962,560 ----a-w C:\WINDOWS\system32\VSFilter.dll
+ 2008-06-11 00:07:14 88,824 ------w C:\WINDOWS\system32\vxblock.dll
+ 2005-08-02 21:08:08 61,440 ----a-w C:\WINDOWS\system32\WanPacket.dll
+ 2006-06-22 10:25:14 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
+ 2005-08-02 21:18:46 233,472 ----a-w C:\WINDOWS\system32\wpcap.dll
+ 1999-12-17 19:43:04 86,016 ----a-w C:\WINDOWS\unvise32.exe
+ 2006-12-01 19:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80(2).dll
+ 2008-04-15 17:55:18 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"third poke"="C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe" [09/10/2008 04:04 AM 563200]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [09/01/2008 04:41 PM 2606512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Antivirus"="C:\Program Files\USB Disk Security\USBGuard.exe" [04/09/2008 12:15 AM 798720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/03/2004 09:56 PM 15360]
C:\Documents and Settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-09-08 525664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 01/11/2008 10:16 PM 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
-ra------ 03/01/2007 10:37 AM 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cake Wipe Inside Wma]
--a------ 09/17/2008 09:18 PM 662016 C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\MEDIA 4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 08/03/2004 09:56 PM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
-ra------ 02/08/2005 10:32 AM 126976 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 09/01/2008 04:41 PM 2606512 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
-ra------ 02/08/2005 10:36 AM 155648 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 11:50 AM 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox]
--a------ 10/26/2007 04:04 PM 4354048 C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\third poke]
--a------ 09/10/2008 04:04 AM 563200 C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 06/16/2008 04:54 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
--a------ 06/30/2008 01:01 AM 52168 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 08/03/2004 09:56 PM 110592 C:\WINDOWS\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Online TV Player 4\\TVPlayer.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Documents and Settings\\NW\\سطح المكتب\\utorrent-1.8.1-beta-12083.upx.exe"=
R2 BandLuxe_Service;BandLuxe Service;C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [05/12/2008 02:14 PM 87264]
S1 avfwot;avfwot;C:\WINDOWS\system32\DRIVERS\avfwot.sys [ ]
S2 AntiVirFirewallService;Avira Premium Security Suite Firewall;C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe [ ]
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe [ ]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE [ ]
S2 AVEService;Avira Premium Security Suite MailGuard helper service;C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe [ ]
S3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys [ ]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\WINDOWS\system32\DRIVERS\br3gmdm.sys [03/14/2008 10:31 AM 100096]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [08/03/2005 12:10 AM 32512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f01d616-7bd2-11dd-8b0c-000b6b90cb65}]
\Shell\AutoRun\command - F:\t0k3c.cmd
\Shell\explore\Command - F:\t0k3c.cmd
\Shell\open\Command - F:\t0k3c.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce716cc7-81db-11dd-8b2b-0012f0d3b151}]
\Shell\AutoRun\command - F:\AUTORUN_BANDLUXE.EXE
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Uniblue RegistryBooster 2 - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-!AVG Anti-Spyware - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
MSConfigStartUp-avgnt - C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe
MSConfigStartUp-Free Download Manager - C:\Program Files\Free Download Manager\fdm.exe
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.microsoft.com
R0 -: HKLM-Main,Start Page = hxxp://www.microsoft.com
R0 -: HKLM-Main,Window Title = Microsoft Internet Explorer
R1 -: HKCU-Internet Settings,ProxyOverride = local
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Free Download Manager تحميل الفيديو بواسطة -
O8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: تحميل المحددة بفري داونلود مانيجر -
O8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 -: تنزيل الكل بفري داونلود مانيجر -
O8 -: تنزيل بفري داونلود مانيجر -
O16 -: Microsoft XML Parser for Java -
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-09-17 21:17:36
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 09/17/2008 21:18:33
ComboFix-quarantined-files.txt 2008-09-17 18:18:30
ComboFix3.txt 2008-09-06 11:26:28
ComboFix2.txt 2008-09-09 13:27:28
Pre-Run: 16,514,269,184 bytes free
Post-Run: 16,692,559,872 bytes free
420 --- E O F --- 2008-09-11 00:02:00
وهذا التقرير بالهي جاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:20:23 م, on 17/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [third poke] C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe (file missing)
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe (file missing)
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe (file missing)
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe (file missing)
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE (file missing)
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe (file missing)
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 5459 bytes
لاني فرمت الجهاز السابق الي حصلت معي نفس المشكله هذي
حصلت الحين نفس المشكله في جهازي هذا
رغم اني ابصم بالعشررررررررر ان المشكله من الكاسبر 2009 بعد تحديثه حصلت معي المشكله
رغم ان قبل يومين كان موجود على الجهاز الافراااااااااااا وكان شغال من احسن مايكون
بعد تركيبي للكاسبر2009
وبعد تحديثه حصلت المشكله
انظر الصورة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وهذا التقرير بالــ combofix
ComboFix 08-09-05.10 - nw 09/17/2008 21:17:07.3 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.286 [GMT 3:00]
Running from: C:\Documents and Settings\nw\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\amvo0.dll
.
((((((((((((((((((((((((( Files Created from 2008-08-17 to 2008-09-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-17 18:14 1,606 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-09-17 11:44 --------- d-----w C:\Program Files\VMware
2008-09-17 11:44 --------- d-----w C:\Program Files\Common Files\VMware
2008-09-17 11:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-17 11:30 --------- d-----w C:\Documents and Settings\nw\Application Data\BitDefender
2008-09-17 11:29 --------- d-----w C:\Program Files\BitDefender
2008-09-17 11:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\BitDefender
2008-09-17 11:28 --------- d-----w C:\Program Files\Common Files\BitDefender
2008-09-17 10:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-09-17 10:35 --------- d-----w C:\Program Files\SWiSH Studio2(2)
2008-09-17 08:19 --------- d-----w C:\Program Files\Faronics
2008-09-17 08:04 --------- d-----w C:\Program Files\PhotoRescue
2008-09-17 08:00 --------- d-----w C:\Program Files\VSO
2008-09-16 19:54 --------- d-----w C:\Program Files\VMware(2)
2008-09-16 19:54 --------- d-----w C:\Program Files\Common Files\VMware(2)
2008-09-15 00:35 --------- d-----w C:\Documents and Settings\nw\Application Data\DivX
2008-09-15 00:26 --------- d-----w C:\Program Files\XP Codec Pack
2008-09-15 00:24 --------- d-----w C:\Documents and Settings\nw\Application Data\vlc
2008-09-15 00:23 --------- d-----w C:\Program Files\VideoLAN
2008-09-15 00:23 --------- d-----w C:\Program Files\Real Alternative
2008-09-15 00:20 --------- d-----w C:\Program Files\DivX
2008-09-15 00:10 --------- d-----w C:\Documents and Settings\nw\Application Data\Media Player Classic
2008-09-14 23:50 --------- d-----w C:\Documents and Settings\nw\Application Data\GRETECH
2008-09-14 23:35 --------- d-----w C:\Documents and Settings\nw\Application Data\Thinstall
2008-09-14 22:25 --------- d-----w C:\Program Files\ARRQW USB Modem
2008-09-14 22:09 870,601 ----a-w C:\WINDOWS\system32\SRPExe.zip
2008-09-14 22:09 2,840,059 ----a-w C:\WINDOWS\system32\SRPSig.zip
2008-09-14 21:43 --------- d-----w C:\Program Files\FinalData
2008-09-14 21:38 --------- d-----w C:\Program Files\SpyRemover Pro
2008-09-14 21:17 --------- d-----w C:\Documents and Settings\nw\Application Data\VMware
2008-09-14 19:17 --------- d-----w C:\Documents and Settings\LocalService\Application Data\VMware
2008-09-14 18:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\VMware
2008-09-14 13:05 94,893 --sh--r C:\t0k3c.cmd
2008-09-13 21:38 --------- d-----w C:\Program Files\BandRich
2008-09-13 21:29 --------- d-----w C:\Program Files\TopByteLabs
2008-09-13 21:19 --------- d-----w C:\Program Files\USB Disk Security
2008-09-13 19:46 --------- d-----w C:\Program Files\Balut
2008-09-11 18:36 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
2008-09-11 18:08 0 ----a-w C:\execonfig.exe
2008-09-11 18:08 0 ----a-w C:\csmexec.exe
2008-09-11 18:08 0 ----a-w C:\alg_1.1652.0.exe
2008-09-11 18:03 --------- d-----w C:\Program Files\Uniblue
2008-09-11 18:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-09-11 04:36 --------- d-----w C:\Program Files\NextSecurity.NET
2008-09-11 04:32 --------- d-----w C:\Program Files\WinPcap
2008-09-11 04:23 --------- d-----w C:\Program Files\Wireless WEP Key Password Spy
2008-09-11 04:11 81,920 ----a-w C:\Documents and Settings\nw\Application Data\ezpinst.exe
2008-09-11 04:11 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-09-11 04:11 47,360 ----a-w C:\Documents and Settings\nw\Application Data\pcouffin.sys
2008-09-11 04:10 --------- d-----w C:\Program Files\Video Convert Master
2008-09-11 03:58 --------- d-----w C:\Documents and Settings\nw\Application Data\Uniblue
2008-09-11 03:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip
2008-09-11 01:39 --------- d-----w C:\Program Files\Ipswitch
2008-09-11 01:39 --------- d-----w C:\Documents and Settings\nw\Application Data\Ipswitch
2008-09-11 01:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ipswitch
2008-09-10 12:23 --------- d-----w C:\Program Files\uTorrent
2008-09-10 12:23 --------- d-----w C:\Documents and Settings\nw\Application Data\uTorrent
2008-09-10 11:41 --------- d-----w C:\Program Files\Zoom Player
2008-09-10 11:41 --------- d-----w C:\Program Files\GRETECH
2008-09-10 11:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 01:32 --------- d-----w C:\Program Files\Software Informer
2008-09-10 01:32 --------- d-----w C:\Program Files\Free Download Manager
2008-09-10 01:32 --------- d-----w C:\Documents and Settings\nw\Application Data\Free Download Manager
2008-09-10 01:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-09-10 01:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\flag barb cake wipe
2008-09-10 01:04 --------- d-----w C:\Program Files\itch fast data
2008-09-10 00:56 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-08 10:43 --------- d-----w C:\Program Files\Alwil Software
2008-09-07 20:37 --------- d-----w C:\Program Files\Microsoft Virtual PC
2008-09-07 10:47 --------- d-----w C:\Program Files\UltraISO
2008-09-07 10:45 --------- d-----w C:\Program Files\MagicISO
2008-09-07 10:34 --------- d-----w C:\Program Files\Common Files\Nero
2008-09-07 09:41 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-09-07 09:41 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-09-07 09:41 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-09-07 09:41 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-09-07 09:41 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-09-07 09:41 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-09-07 09:41 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-09-07 09:41 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
2008-09-07 09:40 --------- d-----w C:\Program Files\Real_SC
2008-09-07 09:16 --------- d-----w C:\Program Files\Total Video Converter
2008-09-07 09:15 626,688 ----a-w C:\WINDOWS\system32\agsaamh.dll
2008-09-07 09:15 215,552 ----a-w C:\WINDOWS\system32\ALOWMVFile.dll
2008-09-07 09:15 188,416 ----a-w C:\WINDOWS\system32\ALOVideoFile.dll
2008-09-07 09:14 90,112 ----a-w C:\WINDOWS\system32\ALOAudioFormatSettings3.dll
2008-09-07 09:14 780,288 ----a-w C:\WINDOWS\system32\ALOVideoCompress.dll
2008-09-07 09:14 778,240 ----a-w C:\WINDOWS\system32\ALOAudioCompress2.dll
2008-09-07 09:14 544,256 ----a-w C:\WINDOWS\system32\agsaamd.dll
2008-09-07 09:14 538,624 ----a-w C:\WINDOWS\system32\agsaamb.dll
2008-09-07 09:14 331,776 ----a-w C:\WINDOWS\system32\agsaama.dll
2008-09-07 09:14 2,846,720 ----a-w C:\WINDOWS\system32\ALOAudioCompress3.dll
2008-09-07 08:58 344,064 ----a-w C:\WINDOWS\system32\dkll.dll
2008-09-07 08:57 --------- d-----w C:\Program Files\Ozone
2008-09-07 08:53 --------- d-----w C:\Program Files\Audio Converter Plus
2008-09-07 08:29 --------- d-----w C:\Program Files\AML Products
2008-09-07 08:13 --------- d-----w C:\Program Files\Easy Video Capture
2008-09-06 14:16 7,195,315 ----a-w C:\WINDOWS\system32\SRPFSig.dll
2008-09-06 13:26 10,994,295 ----a-w C:\WINDOWS\system32\SRPRSig.dll
2008-09-06 13:15 754,685 ----a-w C:\WINDOWS\system32\SRPESig.dll
.
((((((((((((((((((((((((((((( snapshot_Tue 09-09-2008_16.25.41.87 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-30 12:39:02 17,784 ------w C:\WINDOWS\$hf_mig$\KB938464\spmsg.dll
+ 2007-11-30 12:39:02 231,288 ------w C:\WINDOWS\$hf_mig$\KB938464\spuninst.exe
+ 2007-11-30 12:39:02 26,488 ------w C:\WINDOWS\$hf_mig$\KB938464\update\spcustom.dll
+ 2007-11-30 11:18:14 752,504 ------w C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
+ 2007-11-30 12:39:04 380,792 ------w C:\WINDOWS\$hf_mig$\KB938464\update\updspapi.dll
+ 2004-08-03 18:55:42 2,804,224 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msi.dll
+ 2004-08-03 18:56:22 77,312 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2004-08-03 18:55:42 331,264 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msihnd.dll
+ 2004-08-03 18:54:00 884,736 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msimsg.dll
+ 2004-08-03 18:55:42 44,032 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msisip.dll
+ 2005-05-04 11:45:26 209,120 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe
+ 2005-05-04 11:45:26 369,888 ------w C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\updspapi.dll
+ 2007-11-30 12:39:02 231,288 ------w C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04 380,792 ------w C:\WINDOWS\$NtUninstallKB938464$\spuninst\updspapi.dll
+ 2008-09-17 07:39:54 2,048 --s-a-w C:\WINDOWS\bootstet.dat
+ 2008-09-14 22:25:48 10,134 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\ARPPRODUCTICON.exe
+ 2008-09-14 22:25:48 45,056 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\USB_Modem.exe_2DA2B0A1D96A42C9AA8818F1EAC4B3E0.exe
+ 2008-09-14 22:25:48 45,056 ----a-r C:\WINDOWS\Installer\{2DA2B0A1-D96A-42C9-AA88-18F1EAC4B3E0}\USB_Modem.exe1_2DA2B0A1D96A42C9AA8818F1EAC4B3E0.exe
+ 2008-09-13 21:39:14 49,152 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\ARPPRODUCTICON.exe
+ 2008-09-13 21:39:14 49,152 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\BRService.exe_6A5CC193FA734D828F33A33AAD7471E0_2.exe
+ 2008-09-13 21:39:14 8,854 ----a-r C:\WINDOWS\Installer\{6A5CC193-FA73-4D82-8F33-A33AAD7471E0}\UNINST_Uninstall_C_6A5CC193FA734D828F33A33AAD7471E0.exe
+ 2008-09-11 00:50:52 12,288 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-09-11 00:50:52 282,624 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\fpicon.exe
+ 2008-09-11 00:50:52 135,168 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-09-11 00:50:52 27,136 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-09-11 00:50:52 4,096 ----a-r C:\WINDOWS\Installer\{90170401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-09-11 00:44:12 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A81200000003}\SC_Reader.exe
+ 2008-09-11 03:58:18 632,320 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}\IconCD95F66110.exe
+ 2008-09-11 03:58:20 29,184 ----a-r C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}\IconCD95F6617.exe
- 1997-11-19 12:49:58 303,616 ----a-w C:\WINDOWS\IsUninst.exe
+ 1998-10-29 13:45:06 306,688 ----a-w C:\WINDOWS\IsUninst.exe
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Aero\Shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Aero48\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\AeroMax\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\AeroMax48\shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\Basic48\Shellstyle.dll
+ 2008-01-29 13:01:04 1,684,480 ----a-w C:\WINDOWS\Resources\Themes\Windows7\Shell\NormalColor\Shellstyle.dll
+ 1999-04-17 20:36:40 10,752 ----a-w C:\WINDOWS\system32\aamd532.dll
+ 2003-05-07 14:09:56 147,456 ----a-w C:\WINDOWS\system32\AbsoluteHttp.dll
+ 2003-03-18 16:05:50 89,088 ----a-w C:\WINDOWS\system32\atl71.dll
+ 2004-08-10 05:50:22 77,889 ----a-w C:\WINDOWS\system32\atrc.dll
+ 2004-08-10 05:50:00 65,602 ----a-w C:\WINDOWS\system32\cook.dll
- 2007-02-01 02:56:06 639,066 ----a-w C:\WINDOWS\system32\divx.dll
+ 2008-06-11 00:03:18 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
+ 2008-06-11 00:03:20 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
+ 2008-06-18 17:52:28 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
+ 2008-05-22 22:18:54 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
+ 2004-08-03 20:10:40 38,016 ----a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
- 2004-08-03 21:55:42 2,804,224 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2005-05-04 11:45:32 2,890,240 ----a-w C:\WINDOWS\system32\dllcache\msi.dll
- 2004-08-03 21:56:22 77,312 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2005-05-04 11:45:36 78,848 ----a-w C:\WINDOWS\system32\dllcache\msiexec.exe
- 2004-08-03 18:55:42 331,264 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2005-05-04 11:45:36 271,360 ----a-w C:\WINDOWS\system32\dllcache\msihnd.dll
- 2004-08-03 18:54:00 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
+ 2005-05-04 11:45:36 884,736 ----a-w C:\WINDOWS\system32\dllcache\msimsg.dll
- 2004-08-03 18:55:42 44,032 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2005-05-04 11:45:36 15,360 ----a-w C:\WINDOWS\system32\dllcache\msisip.dll
- 2007-01-30 02:56:58 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-06-11 00:03:26 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-06-11 00:03:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
+ 2008-06-11 00:03:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
+ 2008-06-11 00:03:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
+ 2008-06-11 00:03:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
+ 2008-06-11 00:03:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
+ 2008-06-11 00:03:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\drivers\amoiusbser.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\drivers\br3gmdm.sys
+ 2004-08-03 20:10:40 38,016 ----a-w C:\WINDOWS\system32\drivers\bthmodem.sys
+ 2008-06-11 00:07:16 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2008-06-11 00:07:16 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2007-02-04 01:24:16 34,096 ----a-w C:\WINDOWS\system32\drivers\hcmon.sys
+ 2008-04-16 11:23:44 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
+ 2008-01-29 15:29:38 32,784 ----a-w C:\WINDOWS\system32\drivers\klbg.sys
+ 2008-06-16 09:30:34 187,408 ----a-w C:\WINDOWS\system32\drivers\klif.sys
+ 2008-03-25 17:07:10 24,592 ----a-w C:\WINDOWS\system32\drivers\klim5.sys
+ 2005-08-02 21:10:14 32,512 ----a-w C:\WINDOWS\system32\drivers\npf.sys
+ 2004-12-06 17:08:24 32,768 ----a-w C:\WINDOWS\system32\drivers\nspacket.sys
+ 2008-06-11 00:07:16 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
+ 2007-01-29 10:24:34 58,256 ----a-r C:\WINDOWS\system32\drivers\stcp2v30.sys
+ 2007-02-04 01:24:16 21,040 ----a-w C:\WINDOWS\system32\drivers\vmkbd.sys
+ 2007-02-04 01:24:14 17,712 ----a-w C:\WINDOWS\system32\drivers\vmnet.sys
+ 2007-02-04 01:24:18 16,816 ----a-w C:\WINDOWS\system32\drivers\vmnetadapter.sys
+ 2007-02-04 01:24:24 28,592 ----a-w C:\WINDOWS\system32\drivers\vmnetbridge.sys
+ 2007-02-04 01:24:18 25,264 ----a-w C:\WINDOWS\system32\drivers\vmnetuserif.sys
+ 2007-02-04 01:24:14 143,280 ----a-w C:\WINDOWS\system32\drivers\vmx86.sys
+ 2004-08-10 05:50:48 102,464 ----a-w C:\WINDOWS\system32\drv1.dll
+ 2004-08-10 05:51:08 176,195 ----a-w C:\WINDOWS\system32\drv2.dll
+ 2004-11-24 18:25:52 335,872 ----a-w C:\WINDOWS\system32\drvc.dll
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\DRVSTORE\amoimdm_76D50F7A27633C864848331FAD25A9BB04EC6BCE\amoiusbser.sys
+ 2007-06-27 09:33:40 94,336 ----a-w C:\WINDOWS\system32\DRVSTORE\amoiser_76D50F7A27633C864848331FAD25A9BB04EC6BCE\amoiusbser.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\DRVSTORE\brmdm_FCB51AF1BA03D4ECB9F88F573C8989E0F85F5000\br3gmdm.sys
+ 2008-03-14 07:31:16 100,096 ----a-w C:\WINDOWS\system32\DRVSTORE\brser_40325D1944572F58BDB624E26BEDF4F22E8FA3E6\br3gmdm.sys
- 2007-01-30 02:56:58 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
+ 2008-06-11 00:03:26 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
+ 2008-09-11 01:39:52 602,112 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\English_WSFTP_Pro_asm_lic_gui_6_50_145.dll
+ 2008-09-11 01:39:52 135,168 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\Ips_asm_lic_6_50_54.dll
+ 2008-09-11 01:39:50 17,920 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\UZK2Q4ZNLHKBGBJMZZLFOHB3GH\s\prv_fallback_6_41_95.dll
+ 2008-09-11 01:39:48 503,808 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\s\prv_ee_6_41_95.dll
+ 2008-09-11 01:39:50 17,920 ----a-w C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\s\prv_fallback_6_41_95.dll
+ 2004-10-03 16:50:54 129,024 ----a-w C:\WINDOWS\system32\ff_mpeg2enc.dll
+ 2008-06-22 16:34:00 177,664 ----a-w C:\WINDOWS\system32\ff_theora.dll
+ 2008-06-13 10:39:38 23,552 ----a-w C:\WINDOWS\system32\ff_wmv9.dll
+ 2008-07-05 10:13:16 708,096 ----a-w C:\WINDOWS\system32\ff_x264.dll
- 2008-09-07 20:12:32 336,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-09-17 11:46:46 336,256 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-10 05:52:54 241,723 ----a-w C:\WINDOWS\system32\hxltcolor.dll
+ 2008-04-25 15:22:24 206,088 ----a-w C:\WINDOWS\system32\klogon.dll
+ 2008-07-05 10:14:44 3,591,168 ----a-w C:\WINDOWS\system32\libavcodec.dll
+ 2008-07-05 10:14:48 456,192 ----a-w C:\WINDOWS\system32\libmplayer.dll
+ 2003-03-18 18:12:12 1,047,552 ----a-w C:\WINDOWS\system32\mfc71u.dll
- 2008-08-05 18:11:02 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-26 20:28:12 16,208,504 ----a-w C:\WINDOWS\system32\MRT.exe
- 2004-08-03 18:55:42 2,804,224 ----a-w C:\WINDOWS\system32\msi.dll
+ 2005-05-04 11:45:32 2,890,240 ----a-w C:\WINDOWS\system32\msi.dll
- 2004-08-03 18:56:22 77,312 ----a-w C:\WINDOWS\system32\msiexec.exe
+ 2005-05-04 11:45:36 78,848 ----a-w C:\WINDOWS\system32\msiexec.exe
- 2004-08-03 18:55:42 331,264 ----a-w C:\WINDOWS\system32\msihnd.dll
+ 2005-05-04 11:45:36 271,360 ----a-w C:\WINDOWS\system32\msihnd.dll
- 2004-08-03 18:54:00 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
+ 2005-05-04 11:45:36 884,736 ----a-w C:\WINDOWS\system32\msimsg.dll
- 2004-08-03 18:55:42 44,032 ----a-w C:\WINDOWS\system32\msisip.dll
+ 2005-05-04 11:45:36 15,360 ----a-w C:\WINDOWS\system32\msisip.dll
- 2004-08-03 18:55:46 1,392,671 ----a-w C:\WINDOWS\system32\msvbvm60.dll
+ 2004-02-24 06:12:40 1,386,496 ------w C:\WINDOWS\system32\msvbvm60.dll
+ 2004-08-03 18:55:46 1,236,480 ----a-w C:\WINDOWS\system32\msxml3(2).dll
+ 2001-09-19 09:00:00 44,032 ----a-w C:\WINDOWS\system32\msxml3r(2).dll
+ 2008-02-09 12:46:30 28,160 ----a-w C:\WINDOWS\system32\nircmd.exe
+ 2004-04-20 21:00:00 172,032 ----a-w C:\WINDOWS\system32\OptimFROG.dll
+ 2005-08-02 21:08:10 81,920 ----a-w C:\WINDOWS\system32\Packet.dll
- 2008-09-10 12:16:18 41,032 ----a-w C:\WINDOWS\system32\perfc001.dat
+ 2008-09-17 18:14:52 43,398 ----a-w C:\WINDOWS\system32\perfc001.dat
- 2008-09-10 12:16:18 41,000 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-09-17 18:14:52 43,334 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-09-10 12:16:18 253,622 ----a-w C:\WINDOWS\system32\perfh001.dat
+ 2008-09-17 18:14:52 258,720 ----a-w C:\WINDOWS\system32\perfh001.dat
- 2008-09-10 12:16:18 312,612 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-09-17 18:14:52 316,612 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-06-16 01:54:26 278,528 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2003-11-25 22:32:02 123,392 ----a-w C:\WINDOWS\system32\pncrt.dll
+ 2005-08-02 21:24:02 53,299 ----a-w C:\WINDOWS\system32\pthreadVC.dll
+ 2008-06-11 00:07:14 551,672 ------w C:\WINDOWS\system32\px.dll
+ 2008-06-11 00:07:14 129,784 ------w C:\WINDOWS\system32\pxafs.dll
+ 2008-06-11 00:07:14 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-06-11 00:07:16 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
+ 2008-06-11 00:07:16 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2008-06-11 00:07:16 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-06-11 00:07:14 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-06-11 00:07:16 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
+ 2008-06-11 00:07:16 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2008-06-11 00:07:16 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
+ 2008-06-11 00:07:16 379,640 ------w C:\WINDOWS\system32\pxwave.dll
- 2007-01-30 03:03:42 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
+ 2008-06-11 00:07:20 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
+ 2008-09-17 11:46:08 1,281,896 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2004-08-10 05:50:40 49,216 ----a-w C:\WINDOWS\system32\rv10.dll
+ 2004-08-10 05:51:00 57,411 ----a-w C:\WINDOWS\system32\rv20.dll
+ 2004-08-10 05:52:14 49,221 ----a-w C:\WINDOWS\system32\rv30.dll
+ 2004-08-10 05:52:16 49,221 ----a-w C:\WINDOWS\system32\rv40.dll
+ 2000-05-24 04:20:04 19,968 ----a-w C:\WINDOWS\system32\sheltarg.dll
+ 2006-11-02 15:10:16 80,912 ----a-w C:\WINDOWS\system32\sherlock2.exe
+ 2004-08-10 05:50:12 106,561 ----a-w C:\WINDOWS\system32\sipr.dll
+ 2006-11-08 12:33:52 2,380 ----a-w C:\WINDOWS\system32\SRPBlkCoo.dll
+ 2004-05-15 09:12:00 13,772 ----a-w C:\WINDOWS\system32\SRPImmData.dll
+ 2004-07-16 13:11:38 622,113 ----a-w C:\WINDOWS\system32\SRPList.dll
+ 2007-01-05 09:46:52 25,964 ----a-w C:\WINDOWS\system32\SRPSigLevel.dll
+ 2003-01-26 10:41:24 40,960 ----a-w C:\WINDOWS\system32\SSubTmr6.dll
+ 2006-04-21 13:45:56 5,451,776 ----a-r C:\WINDOWS\system32\V2iDiskLib.dll
+ 2007-02-04 01:24:00 154,416 ----a-w C:\WINDOWS\system32\VMNAT.EXE
+ 2007-02-04 00:18:20 195,376 ----a-w C:\WINDOWS\system32\vmnc.dll
+ 2007-02-04 01:24:14 50,992 ----a-w C:\WINDOWS\system32\vmnetbridge.dll
+ 2007-02-04 01:23:48 121,648 ----a-w C:\WINDOWS\system32\vmnetdhcp.exe
+ 2007-02-04 01:23:20 13,104 ----a-w C:\WINDOWS\system32\vnetinst.dll
+ 2007-02-04 01:23:50 437,040 ----a-w C:\WINDOWS\system32\vnetlib.dll
+ 2008-06-12 16:25:06 962,560 ----a-w C:\WINDOWS\system32\VSFilter.dll
+ 2008-06-11 00:07:14 88,824 ------w C:\WINDOWS\system32\vxblock.dll
+ 2005-08-02 21:08:08 61,440 ----a-w C:\WINDOWS\system32\WanPacket.dll
+ 2006-06-22 10:25:14 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
+ 2005-08-02 21:18:46 233,472 ----a-w C:\WINDOWS\system32\wpcap.dll
+ 1999-12-17 19:43:04 86,016 ----a-w C:\WINDOWS\unvise32.exe
+ 2006-12-01 19:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80(2).dll
+ 2008-04-15 17:55:18 1,724,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"third poke"="C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe" [09/10/2008 04:04 AM 563200]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [09/01/2008 04:41 PM 2606512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Antivirus"="C:\Program Files\USB Disk Security\USBGuard.exe" [04/09/2008 12:15 AM 798720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/03/2004 09:56 PM 15360]
C:\Documents and Settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-09-08 525664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 01/11/2008 10:16 PM 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
-ra------ 03/01/2007 10:37 AM 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cake Wipe Inside Wma]
--a------ 09/17/2008 09:18 PM 662016 C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\MEDIA 4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 08/03/2004 09:56 PM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
-ra------ 02/08/2005 10:32 AM 126976 C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 09/01/2008 04:41 PM 2606512 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
-ra------ 02/08/2005 10:36 AM 155648 C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 11:50 AM 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox]
--a------ 10/26/2007 04:04 PM 4354048 C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\third poke]
--a------ 09/10/2008 04:04 AM 563200 C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 06/16/2008 04:54 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
--a------ 06/30/2008 01:01 AM 52168 C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 08/03/2004 09:56 PM 110592 C:\WINDOWS\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Online TV Player 4\\TVPlayer.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Documents and Settings\\NW\\سطح المكتب\\utorrent-1.8.1-beta-12083.upx.exe"=
R2 BandLuxe_Service;BandLuxe Service;C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [05/12/2008 02:14 PM 87264]
S1 avfwot;avfwot;C:\WINDOWS\system32\DRIVERS\avfwot.sys [ ]
S2 AntiVirFirewallService;Avira Premium Security Suite Firewall;C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe [ ]
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe [ ]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE [ ]
S2 AVEService;Avira Premium Security Suite MailGuard helper service;C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe [ ]
S3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys [ ]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;C:\WINDOWS\system32\DRIVERS\br3gmdm.sys [03/14/2008 10:31 AM 100096]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [08/03/2005 12:10 AM 32512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f01d616-7bd2-11dd-8b0c-000b6b90cb65}]
\Shell\AutoRun\command - F:\t0k3c.cmd
\Shell\explore\Command - F:\t0k3c.cmd
\Shell\open\Command - F:\t0k3c.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce716cc7-81db-11dd-8b2b-0012f0d3b151}]
\Shell\AutoRun\command - F:\AUTORUN_BANDLUXE.EXE
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Uniblue RegistryBooster 2 - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
MSConfigStartUp-!AVG Anti-Spyware - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
MSConfigStartUp-avgnt - C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe
MSConfigStartUp-Free Download Manager - C:\Program Files\Free Download Manager\fdm.exe
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.microsoft.com
R0 -: HKLM-Main,Start Page = hxxp://www.microsoft.com
R0 -: HKLM-Main,Window Title = Microsoft Internet Explorer
R1 -: HKCU-Internet Settings,ProxyOverride = local
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Free Download Manager تحميل الفيديو بواسطة -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlfvideo.htmO8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: تحميل المحددة بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htmO8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 -: تنزيل الكل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htmO8 -: تنزيل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htmO16 -: Microsoft XML Parser for Java -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-09-17 21:17:36
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 09/17/2008 21:18:33
ComboFix-quarantined-files.txt 2008-09-17 18:18:30
ComboFix3.txt 2008-09-06 11:26:28
ComboFix2.txt 2008-09-09 13:27:28
Pre-Run: 16,514,269,184 bytes free
Post-Run: 16,692,559,872 bytes free
420 --- E O F --- 2008-09-11 00:02:00
وهذا التقرير بالهي جاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:20:23 م, on 17/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [third poke] C:\DOCUME~1\nw\APPLIC~1\ITCHFA~1\Tool lies.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Styler.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlfvideo.htmO8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htmO8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htmO9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe (file missing)
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe (file missing)
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe (file missing)
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe (file missing)
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE (file missing)
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe (file missing)
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 5459 bytes
توقيع : moad3
تأييد
0
.png)
.png)
moad3
زيزوومى متألق
غير متصل
يعطيك العافيه اخوي ماكس
حاولت احذفه بالاداة
لكن تبين بعد التقرير انه باقي شي من الافيرا
انظر التقرير
------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:17:09 م, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
O8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe (file missing)
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe (file missing)
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 4326 bytes
حاولت احذفه بالاداة
لكن تبين بعد التقرير انه باقي شي من الافيرا
انظر التقرير
------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:17:09 م, on 19/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free Download Manager تحميل الفيديو بواسطة -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlfvideo.htmO8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: تنزيل الكل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dlall.htmO8 - Extra context menu item: تنزيل بفري داونلود مانيجر -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Files\Free Download Manager\dllink.htmO9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe (file missing)
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe (file missing)
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Unknown owner - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 4326 bytes
توقيع : moad3
تأييد
0