واحد عطاني ملف تجسس اسمه Love murderer.scr

بشوشة

بشوشة

زيزوومى مميز
إنضم
7 مايو 2011
المشاركات
398
مستوى التفاعل
20
النقاط
480
غير متصل
واحد عطاني ملف تجسس اسمه
Love murderer.scr



حاولت احذفه وابي اتأكد من سلامة جهازي



هذا تقرير هايجاك
....................................................................

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:22:22 م, on 15/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINXP\System32\smss.exe
D:\WINXP\system32\winlogon.exe
D:\WINXP\system32\services.exe
D:\WINXP\system32\lsass.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\svchost.exe
D:\WINXP\System32\svchost.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\spoolsv.exe
D:\WINXP\Explorer.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINXP\RTHDCPL.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Real\RealPlayer\update\realsched.exe
D:\Program Files\Quick net\ModemListener.exe
D:\Program Files\Ask.com\Updater\Updater.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\WINXP\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Quick net\HSPA USB MODEM.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
D:\Program Files\Comodo\Dragon\dragon_updater.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Hotspot Shield\bin\hsswd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINXP\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Hotspot Shield\bin\openvpntray.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Real\RealPlayer\RecordingManager.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINXP\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ModemListener] D:\Program Files\Quick net\ModemListener.exe start
O4 - HKLM\..\Run: [ApnUpdater] "D:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Facemoi] c:\Facemoi\facemoi.exe
O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facemoi] C:\Facemoi\facemoi.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: فحص &عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EEE7C6-113D-42FF-AFC4-CC2B2D38B848}: NameServer = 84.235.6.55 84.235.57.230
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINXP\system32\Ati2evxx.exe
O23 - Service: خدمة Kaspersky لمكافحة الفيروسات (AVP) - Kaspersky Lab ZAO - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: DeviceManager - Unknown owner - D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - D:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - D:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11742 bytes
 

توقيع : بشوشة
ترتيب حسب التاريخ ترتيب حسب الأصوات
تقصدي هذي الصوره

400c6517cfd890124bf40bad5809ddef.png


هذي الاداة تقوم بأصلاح ما تفسده الفايروسات او غيرها

لو افسدت شيء بجهازك الاداة تقوم بأصلاحها

بالنسبه لسؤالك بأذن الله ما في شيء

واطلبي من الموضوع الي اعطيتك رابطه بمشاركه 16

مفتاح للكاسبر سكاي وان شاء الله الاخوة ما يقصرون

حدثي الكاسبرسكاي بعد تفعيله وقومي بتحديثه

وافحصي الكمبيوتر بالكامل واعطنا تقرير لو حابه تتأكدي اكثر
:ok:
 

توقيع : jor
تأييد 0
Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



Database version: 7622

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15/02/2012 09:39:32 م
mbam-log-2012-02-15 (21-39-32).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 205463
Time elapsed: 26 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
توقيع : بشوشة
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:41:22 م, on 15/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINXP\System32\smss.exe
D:\WINXP\system32\winlogon.exe
D:\WINXP\system32\services.exe
D:\WINXP\system32\lsass.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\svchost.exe
D:\WINXP\System32\svchost.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\spoolsv.exe
D:\WINXP\Explorer.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINXP\RTHDCPL.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Real\RealPlayer\update\realsched.exe
D:\Program Files\Quick net\ModemListener.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\WINXP\system32\ctfmon.exe
D:\Program Files\Quick net\HSPA USB MODEM.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
D:\Program Files\Comodo\Dragon\dragon_updater.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
D:\Program Files\Hotspot Shield\bin\hsswd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINXP\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\WINXP\system32\rundll32.exe
D:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Hotspot Shield\bin\openvpntray.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\DOCUME~1\NEWXP~1\LOCALS~1\Temp\SAS_SelfExtract\program.com
D:\Documents and Settings\New XP\Local Settings\Temp\zxq2\mbam.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINXP\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINXP\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ModemListener] D:\Program Files\Quick net\ModemListener.exe start
O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: فحص &عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EEE7C6-113D-42FF-AFC4-CC2B2D38B848}: NameServer = 84.235.6.55 84.235.57.230
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINXP\system32\Ati2evxx.exe
O23 - Service: خدمة Kaspersky لمكافحة الفيروسات (AVP) - Kaspersky Lab ZAO - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: DeviceManager - Unknown owner - D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - D:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - D:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11255 bytes
 
توقيع : بشوشة
تأييد 0
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1) - Arabic
ATI Display Driver
Bluetooth Stack for Windows by Toshiba
Comodo Dragon
DivX Codec
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Facebook Creator
Facebook Password Extractor
FormatFactory 2.30
GOM Player
Google Earth
HijackThis 2.0.2
Hotspot Shield 2.18
Java(TM) 6 Update 29
Messenger Plus! 5
Microsoft Choice Guard
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Language Pack 2007 - Arabic العربية
Microsoft Office O MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer MUI (Arabic) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office X MUI (Arabic) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 10.0.1 (x86 ar)
MSVCRT
Nero 7
Nucleus Kernel Hotmail MSN Password Recovery ver 4.01
Oracle VM VirtualBox 4.0.12
Platinum Hide IP
Quick net
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Security Update for Windows XP (KB923789)
Segoe UI
Skype Click to Call
Skype™ 5.5
Snagit 9.1.1
TeamViewer 7
The KMPlayer (remove only)
VC80CRTRedist - 8.0.50727.762
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
WinRAR 4.10 beta 4 (32-bit)
Yahoo! Messenger
أداة التحميل Windows Live Upload Tool
برنامج Kaspersky لمكافحة الفيروسات 2012
برنامج Kaspersky لمكافحة الفيروسات 2012
مساعد تسجيل الدخول إلى Windows Live
 
توقيع : بشوشة
تأييد 0
ما في شيء ، التقارير نظيفه
ان شاء الله

:ok:
 
توقيع : jor
تأييد 0
يااخي انا خايفه ابي حل جذري للمشكله
 
توقيع : بشوشة
تأييد 0
لوووووو سمحتوووو اخواني احتاج مشرف او خبير
لاني فعلا خايفه
 
توقيع : بشوشة
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


الله يوفقك

جهازك ما فيه شيء

وانا لي خبره في الصيانه والاختراق

واعرف كل اساليب الاختراق

والحمد لله جهازك سليم وما عليه مشكله

لو تحبي تتأكدي اكثر

انتظري اي مشرف او اي خبير صيانه وتأكدي من ذلك بنفسك

الله يوفقك
:q:
 
توقيع : jor
تأييد 0
جهازي مازااااااااااااااااال فيه فايروسات
اتمنى احد يساعدني
 
توقيع : بشوشة
تأييد 0
مافيه اختي

وتجنبي البرامج المشبوهه + الروابط من الايميلات

الجهاز سليم
 
توقيع : الخفـوق
تأييد 0
عفوا التحديثات ذبحتني
اذا وقفتها يقول خطر على جهازك
وعندي الحمايه كاسبر و مالتوير
شسوي ابي صيانه :(
 
توقيع : بشوشة
تأييد 0
ياغاليه التحذير حق التحديثات تقدري تطفيه من مركز الامان مو كل التحديثات حقت ويندوز مهمه طفي التحديثات التلقائيه افضل شي اذاجاتك علامة الاكس الحمرا اضغطي عليها وادخلي لمركز الامان هتلاقي في اليمين تغيرر طريقة تنبيه مركز الامان شيلي علامة الصح من التنبيه للتحديثات التلقائيه تحياتي لك .
 
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



كيف احذفه مستعصي !!!
غير موجود في لوحة التحكم !!!
 
توقيع : بشوشة
تأييد 0
هذا برنامج مكافح الفيروسات اسمه مكافي
 
توقيع : بشوشة
تأييد 0
حمل الاداة من هذا الموضوع

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



واعمل تقرير هايجاك + قائمة البرامج المثبتة
 
توقيع : البارون
تأييد 0
لحظات واجيب التقرير
 
توقيع : بشوشة
تأييد 0
لا التقرير اللي عطيتك كان لجهاز ثاني الان اشتغل عليه
اعتذر راح اجيب التقرير من الجهاز اللي فيه المشكله
 
توقيع : بشوشة
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:13:21 م, on 09/03/12
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe
C:\Users\توشيبا جديد\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\توشيبا جديد\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Real\realplayer\Update\realsched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Messenger Plus! Community SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111212165123.dll
O2 - BHO: مساعد تسجيل الدخول إلى معرف Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Messenger Plus! Community Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [Browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup
O4 - HKCU\..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\توشيبا جديد\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\توشيبا جديد\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Hide IP Easy] C:\Program Files (x86)\HideIPEasy\HideIPEasy.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{700C5DC7-6768-4D16-AFC0-31E119E6664F}: NameServer = 84.235.6.55 84.235.57.230
O17 - HKLM\System\CS1\Services\Tcpip\..\{700C5DC7-6768-4D16-AFC0-31E119E6664F}: NameServer = 84.235.6.55 84.235.57.230
O17 - HKLM\System\CS2\Services\Tcpip\..\{700C5DC7-6768-4D16-AFC0-31E119E6664F}: NameServer = 84.235.6.55 84.235.57.230
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DeviceManager - Unknown owner - C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PSPR Control Service (PSPRSERV) - ElcomSoft Co. Ltd. - C:\Program Files (x86)\ElcomSoft\Proactive System Password Recovery\psprserv64.exe
O23 - Service: Realtek87B - Realtek - C:\Program Files (x86)\Realtek\RTL8187B Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15729 bytes
 
توقيع : بشوشة
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى