ف
فاعل الخير
Guest
غير متصل
السلام عليكم ورحمة الله وبركاته
ابي منكم
سريال . كراك . باتش . اي شيءعشان يتفعل الوندوز
ومشكورين
ابي منكم
سريال . كراك . باتش . اي شيءعشان يتفعل الوندوز
ومشكورين
- الحالة
هذا كان أول
زيزوومى مميز
غير متصل
روابط اصليه مباشره لنسخ windows 7 بالحزمه الخدميه الاولى بالدليل والاثبات + كراك Windows Loader v2.1
حمل الكراك من الموضوع هذا والطريقه مشروحه فيه
بالتوفيق ..
حمل الكراك من الموضوع هذا والطريقه مشروحه فيه
بالتوفيق ..
توقيع : هذا كان أول
تأييد
0
techno
عضو شرف
غير متصل
سويت فك الضغط عن الكراك
وحاولت افتحة
وطلعت لي هذه الرساله
عطل برنامج الافيجي كالتالي
[Avg] برنامج الافج
ثم شغل الكراك كمسؤول
هكذا
شرح الاستخدام
وانتظر حتى تخرج رسالة تطلب اعادة التشغيل
ثم اعد التشغيل ويتم التنشيط ان شاء الله
[Avg] برنامج الافج
ثم شغل الكراك كمسؤول
هكذا
شرح الاستخدام
وانتظر حتى تخرج رسالة تطلب اعادة التشغيل
ثم اعد التشغيل ويتم التنشيط ان شاء الله
توقيع : techno
تأييد
0
ف
فاعل الخير
Guest
غير متصل
الهايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:20, on 02/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.inklineglobal.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=108976&babsrc=HP_ss&mntrId=68bce26a00000000000078e400148bf9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.inklineglobal.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 7170 bytes
البرامج المثبته
====== معلومات نظام التشغيل ======
X86 WIN_7 7601 Service Pack 1
====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.4.7
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
ASUS Ai Charger
AVG 2012
AVG 2012
AVG 2012
BufferChm
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Copy
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DJ_AIO_06_F2400_SW_Min
Emsisoft Anti-Malware
F2400
F2400_NCL_Help
GPBaseService2
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Customer Participation Program 14.0
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Smart Web Printing 4.60
HP Solution Center 14.0
HPPhotoGadget
HPProductAssistant
iTunes
Java Auto Updater
Java(TM) 6 Update 29
Malwarebytes Anti-Malware النسخة 1.60.0.1800
MarketResearch
MessengerDiscovery 3.1.167
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x86
Mozilla Firefox 9.0.1 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero StartSmart
neroxml
Opera 11.60
Quick Screen Recorder 1.5
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
runtime
Samsung Kies
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype™ 5.1
SmartWebPrinting
SolutionCenter
Status
swMSM
TeamViewer 6
Toolbox
TrayApp
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC 9.0 Runtime
VS10RuntimeWin32
WebReg
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR archiver
Your Uninstaller! 7
أداة التحميل Windows Live Upload Tool
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:51:20, on 02/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.inklineglobal.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=108976&babsrc=HP_ss&mntrId=68bce26a00000000000078e400148bf9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.inklineglobal.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [emsisoft anti-malware] "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 7170 bytes
البرامج المثبته
====== معلومات نظام التشغيل ======
X86 WIN_7 7601 Service Pack 1
====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.4.7
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
ASUS Ai Charger
AVG 2012
AVG 2012
AVG 2012
BufferChm
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Copy
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DJ_AIO_06_F2400_SW_Min
Emsisoft Anti-Malware
F2400
F2400_NCL_Help
GPBaseService2
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Customer Participation Program 14.0
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Smart Web Printing 4.60
HP Solution Center 14.0
HPPhotoGadget
HPProductAssistant
iTunes
Java Auto Updater
Java(TM) 6 Update 29
Malwarebytes Anti-Malware النسخة 1.60.0.1800
MarketResearch
MessengerDiscovery 3.1.167
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x86
Mozilla Firefox 9.0.1 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero StartSmart
neroxml
Opera 11.60
Quick Screen Recorder 1.5
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
runtime
Samsung Kies
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Skype™ 5.1
SmartWebPrinting
SolutionCenter
Status
swMSM
TeamViewer 6
Toolbox
TrayApp
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC 9.0 Runtime
VS10RuntimeWin32
WebReg
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR archiver
Your Uninstaller! 7
أداة التحميل Windows Live Upload Tool
تأييد
0
ف
فاعل الخير
Guest
غير متصل
ههههههـاي
لاتفهمني غلط ارجوك
انا مسحت المالوير والكاسبر
من لوحة التحكم
واختفوا فعلا من الجهاز ومن اللوحة
يعني ماله اثر !
بس مادري ليش يطلعون في التقارير
وعلى فكرة الحين بمسح الحصان
وبرجع احمل الكراك وبفتحه
وبوافيكم بكل جديد
تأييد
0
ف
فاعل الخير
Guest
غير متصل
تقارير جديدة
الهايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:12, on 03/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] "C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -reboot"C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\reboot.ini" -l0x0009
O4 - HKLM\..\RunOnce: [InstallShieldSetup1] "C:\Program Files\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -reboot"C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\reboot.ini"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 5764 bytes
البرامج المثبته
====== معلومات نظام التشغيل ======
X86 WIN_7 7601 Service Pack 1
====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.4.7
Adobe Shockwave Player 11.6
ASUS Ai Charger
CCleaner
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Java Auto Updater
Java(TM) 6 Update 29
Malwarebytes Anti-Malware النسخة 1.60.0.1800
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft_VC100_CRT_SP1_x86
Mozilla Firefox 9.0.1 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
Nero StartSmart
neroxml
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
runtime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
swMSM
TeamViewer 6
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC 9.0 Runtime
VS10RuntimeWin32
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR archiver
Your Uninstaller! 7
..
اضن ان البرامج موجوده ولاتظهر في القائمة (( مشكلة سوف اطرحها في موضوع مستقل ))
الحين الموضوع هذا يخص مشكلة التفعيل ..
وشكرا لكم
الهايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:12, on 03/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] "C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -reboot"C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\reboot.ini" -l0x0009
O4 - HKLM\..\RunOnce: [InstallShieldSetup1] "C:\Program Files\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -reboot"C:\PROGRA~1\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\reboot.ini"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 5764 bytes
البرامج المثبته
====== معلومات نظام التشغيل ======
X86 WIN_7 7601 Service Pack 1
====== قائمة البرامج المثبتة ======
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 9.4.7
Adobe Shockwave Player 11.6
ASUS Ai Charger
CCleaner
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Java Auto Updater
Java(TM) 6 Update 29
Malwarebytes Anti-Malware النسخة 1.60.0.1800
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft_VC100_CRT_SP1_x86
Mozilla Firefox 9.0.1 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
Nero StartSmart
neroxml
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
runtime
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
swMSM
TeamViewer 6
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC 9.0 Runtime
VS10RuntimeWin32
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR archiver
Your Uninstaller! 7
..
اضن ان البرامج موجوده ولاتظهر في القائمة (( مشكلة سوف اطرحها في موضوع مستقل ))
الحين الموضوع هذا يخص مشكلة التفعيل ..
وشكرا لكم
تأييد
0
techno
عضو شرف
غير متصل
بنسبه لكراك اعادة الفترة التجريبية .. سويته وما صار شيء ..
ولكن زر انستول في الكراك حق التنشيط اشتغل تمام
ضغطت عليه
كتب لي
the certificate wasnt successfully installed
وهذه صورة كدليل ( ياكثرة الادلائل اليوم ) :hh::d:
اذا عندك اصابه ناجل التنشيط لما بعد التنظيف
بالهايجيك احذف القيم التاليه
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
ثم طبق التالي
SUPERAntiSpyware
بالهايجيك احذف القيم التاليه
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O2 - BHO: SS SS Plugin - {F4D5D150-D806-442c-AE1E-172BD4C9DFA8} - C:\Users\user\AppData\Local\Temp\pk\SUpdatewb.dll (file missing)
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (file missing)
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (file missing)
O16 - DPF: {7253A666-804A-1108-A4DC-00E04C504788} - http://74.86.165.251:1990/inc/bmchat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E75F59E-FD7C-4EB7-94B9-F563346D781D}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7CD20FC-0AE0-4ABF-A452-B06F1569073D}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0EB2425A-0503-4017-9359-8205C0DD6A92}: NameServer = 8.26.56.26,156.154.70.22
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
ثم طبق التالي
SUPERAntiSpyware
توقيع : techno
تأييد
0
ف
فاعل الخير
Guest
غير متصل
تم مسح القيم التي ذكرتها
ويجري الان الفحص ..
وسيتم كتابه الهايجاك الجديد بعد الانتهاء من الفحص ان شاء الله
تأييد
0
ف
فاعل الخير
Guest
غير متصل
نتيجة الفحص
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/03/2012 at 11:43 PM
Application Version : 5.0.1142
Core Rules Database Version : 8092
Trace Rules Database Version: 5904
Scan type : Complete Scan
Total Scan Time : 00:58:56
Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
Memory items scanned : 571
Memory threats detected : 0
Registry items scanned : 38355
Registry threats detected : 0
File items scanned : 64935
File threats detected : 50
Adware.Tracking Cookie
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\TYZI51HI.txt [ /atdmt.combing.com ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.rstracking.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.rstracking.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
m1.webstats.motigo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
الهايجاك اليديد
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:45:33, on 03/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Users\user\AppData\Local\Temp\SAS_SelfExtract\program.com
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 3698 bytes
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 01/03/2012 at 11:43 PM
Application Version : 5.0.1142
Core Rules Database Version : 8092
Trace Rules Database Version: 5904
Scan type : Complete Scan
Total Scan Time : 00:58:56
Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
Memory items scanned : 571
Memory threats detected : 0
Registry items scanned : 38355
Registry threats detected : 0
File items scanned : 64935
File threats detected : 50
Adware.Tracking Cookie
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\TYZI51HI.txt [ /atdmt.combing.com ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.rstracking.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.rstracking.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
www.pixeltrack66.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
m1.webstats.motigo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
.googleads.g.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7UJYJQM0.DEFAULT\COOKIES.SQLITE ]
الهايجاك اليديد
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:45:33, on 03/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Users\user\AppData\Local\Temp\SAS_SelfExtract\program.com
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 3698 bytes
تأييد
0
ف
فاعل الخير
Guest
غير متصل
حملت اخر اصدار من الهايجاك من موقعه الرسمي
وشغلته كمسوؤل
وهذا التقرير
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:40, on 04/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 3538 bytes
وشغلته كمسوؤل
وهذا التقرير
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:40, on 04/01/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (file missing)
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DigiChat 4.0 Server (DigiChat_4.0_Server) - Unknown owner - C:\PROGRA~1\DIGICH~1.0\DIGICH~2.EXE (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
--
End of file - 3538 bytes
تأييد
0
ف
فاعل الخير
Guest
غير متصل
وهذا تقرير عن نسخه الوندوز
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 50
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {F27C8F48-594A-4F11-A879-7D6290E1EEF9}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.111025-1505
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F27C8F48-594A-4F11-A879-7D6290E1EEF9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-115429870-1930983911-72272449</SID><SYSTEM><Manufacturer>Acer </Manufacturer><Model>Aspire 5734Z </Model></SYSTEM><BIOS><Manufacturer>Acer </Manufacturer><Version>V1.01</Version><SMBIOSVersion major="2" minor="4"/><Date>20100416000000.000000+000</Date></BIOS><HWID>688A3D07018400F8</HWID><UserLCID>3801</UserLCID><SystemLCID>0401</SystemLCID><TimeZone>توقيت عربي رسمي(GMT+04:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
CScript Error: Can't find script engine "VBScript" for script "C:\Windows\system32\slmgr.vbs".
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MAAAAAEAAgABAAIAAAABAAAAAgABAAEAJJSSCJg5Bg96fw5eXHgMyHj+AvqSNEbK
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS ACRPRDCT
FACP ACRSYS ACRPRDCT
HPET ACRSYS ACRPRDCT
BOOT ACRSYS ACRPRDCT
MCFG ACRSYS ACRPRDCT
ASF! ACRSYS ACRPRDCT
NSLI ACRSYS ACRPRDCT
SSDT PmRef CpuPm
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Code: 50
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-X92GV-V7DCV-P4K27
Windows Product Key Hash: aU2z1/fnhnLHmhBm699qYZT2E6s=
Windows Product ID: 00426-OEM-8992662-00400
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {F27C8F48-594A-4F11-A879-7D6290E1EEF9}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.111025-1505
TTS Error:
Validation Diagnostic:
Resolution Status: N/A
Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002
OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002
OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed
File Scan Data-->
File Mismatch: C:\Windows\system32\systemcpl.dll[6.1.7600.16385], Hr = 0x800b0100
Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F27C8F48-594A-4F11-A879-7D6290E1EEF9}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-P4K27</PKey><PID>00426-OEM-8992662-00400</PID><PIDType>2</PIDType><SID>S-1-5-21-115429870-1930983911-72272449</SID><SYSTEM><Manufacturer>Acer </Manufacturer><Model>Aspire 5734Z </Model></SYSTEM><BIOS><Manufacturer>Acer </Manufacturer><Version>V1.01</Version><SMBIOSVersion major="2" minor="4"/><Date>20100416000000.000000+000</Date></BIOS><HWID>688A3D07018400F8</HWID><UserLCID>3801</UserLCID><SystemLCID>0401</SystemLCID><TimeZone>توقيت عربي رسمي(GMT+04:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>
Spsys.log Content: 0x80070002
Licensing Data-->
CScript Error: Can't find script engine "VBScript" for script "C:\Windows\system32\slmgr.vbs".
Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:
HWID Data-->
HWID Hash Current: MAAAAAEAAgABAAIAAAABAAAAAgABAAEAJJSSCJg5Bg96fw5eXHgMyHj+AvqSNEbK
OEM Activation 1.0 Data-->
N/A
OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes, but no SLIC table
Windows marker version: N/A
OEMID and OEMTableID Consistent: N/A
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ACRSYS ACRPRDCT
FACP ACRSYS ACRPRDCT
HPET ACRSYS ACRPRDCT
BOOT ACRSYS ACRPRDCT
MCFG ACRSYS ACRPRDCT
ASF! ACRSYS ACRPRDCT
NSLI ACRSYS ACRPRDCT
SSDT PmRef CpuPm
تأييد
0
- الحالة