السلام عليكم ... يوجد استفسار ارجو المساعدة وشكرا لكم

  • بادئ الموضوع بادئ الموضوع روعان
  • تاريخ البدء تاريخ البدء
  • المشاهدات 752
ر

روعان

زيزوومي جديد
إنضم
22 يوليو 2008
المشاركات
27
مستوى التفاعل
0
النقاط
20
الموقع الالكتروني
www.zyzoom.org
غير متصل
بسم الله الرحمن الرحيم

1_ ممكن اعرف لو انا شغلت مضاد تروجونات واتورون مثل(t-r) مع انتي فايرس عادي ممكن
يتجاوبن مع بعض؟؟؟؟؟

2_ مشكلة اخرى عندي متصفح الاكسبلولار بعلق كثير معي ولمن افتح صفحة ويب بيفتح اطارات منبثقة كثير وبعلق.....

3_ايضا متصفح فايرفوكس ما يشتغل معي اريد افتح مثلا قوقل مايفتح يجي كلام انجليزي هنا صورة
للمتصفح
ارجو المساعدة
وشكرا جزيلا لكم ..........................................
zyzoom-fee57e7467.png
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
حمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

يجب ان تكون جميع النوافذ مغلقة تماما
لا تلمس الماوس نهائيا عند الاستخدام
--------------------------------------------

( 2 )

واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 
تأييد 0
على فكرة مشكلة المتصفح في البروكسي الله واعلم يعني

تاكد من البروكسي موجود او لا
 
تأييد 0
هذا التقريComboFix 08-09-04.08 - hamada 09/05/2008 7:08:10.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.89 [GMT 3:00]
Running from: C:\Documents and Settings\hamada\سطح المكتب\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-08-05 to 2008-09-05 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-05 04:09 --------- d-----w C:\Documents and Settings\hamada\Application Data\DMCache
2008-09-04 21:52 --------- d-----w C:\Documents and Settings\hamada\Application Data\Skype
2008-09-04 20:53 --------- d-----w C:\Documents and Settings\hamada\Application Data\skypePM
2008-09-02 04:57 --------- d-----w C:\Program Files\Google
2008-09-01 15:38 --------- d-----w C:\Documents and Settings\hamada\Application Data\Winamp
2008-09-01 15:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-09-01 15:29 --------- d-----w C:\Program Files\Winamp
2008-09-01 15:23 --------- d-----w C:\Program Files\Winamp Remote
2008-09-01 12:43 --------- d-----w C:\Documents and Settings\hamada\Application Data\IDM
2008-09-01 03:48 --------- d-----w C:\Documents and Settings\hamada\Application Data\ESET
2008-09-01 03:47 --------- d-----w C:\Program Files\ESET
2008-09-01 03:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-09-01 03:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2008-09-01 01:48 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-01 01:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-01 01:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-01 01:08 155,995 ----a-w C:\WINDOWS\java\Packages\OKZ5VDV9.ZIP
2008-09-01 01:07 --------- d-----w C:\Program Files\Skype
2008-09-01 01:07 --------- d-----w C:\Program Files\Common Files\Skype
2008-09-01 01:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
2008-09-01 01:02 --------- d-----w C:\Program Files\Windows Live
2008-09-01 01:02 --------- d-----w C:\Program Files\MSN Messenger
2008-09-01 01:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-01 01:02 --------- d-----w C:\Program Files\Circle Developement
2008-09-01 00:55 --------- d-----w C:\Program Files\Internet Download Manager
2008-09-01 00:46 --------- d-----w C:\Documents and Settings\hamada\Application Data\Media Player Classic
2008-09-01 00:38 --------- d-----w C:\Program Files\Common Files\Real
2008-09-01 00:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-01 00:37 --------- d-----w C:\Program Files\Ringz Studio
2008-09-01 00:14 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-09-01 00:14 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-09-01 00:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-08-31 22:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-31 22:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-31 22:48 --------- d-----w C:\Program Files\MSXML 4.0
2008-08-31 22:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-09 14:34 206,256 ----a-w C:\WINDOWS\system32\idmmbc.dll
.
((((((((((((((((((((((((((((( snapshot@Mon 09-01-2008_ 5.17.54.68 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-02-25 03:34:29 14,560 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spmsg.dll
+ 2005-02-25 03:34:29 209,120 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spuninst.exe
+ 2005-02-25 03:34:29 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB898461\spupdsvc.exe
+ 2005-02-25 03:34:29 22,240 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\spcustom.dll
+ 2005-02-25 03:34:29 714,976 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
+ 2005-02-25 03:34:30 369,888 ----a-w C:\WINDOWS\$hf_mig$\KB898461\update\updspapi.dll
+ 2005-02-25 03:34:29 209,120 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe
+ 2005-02-25 03:34:30 369,888 -c----w C:\WINDOWS\$NtUninstallKB898461$\spuninst\updspapi.dll
+ 2008-09-02 04:57:28 26,694 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\ARPPRODUCTICON.exe
+ 2008-09-02 04:57:28 26,694 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\googleearth.exe_29622F4A245C41268764897E21E888D1.exe
+ 2008-09-02 04:57:28 26,694 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\googleearth.exe1_29622F4A245C41268764897E21E888D1.exe
+ 2008-09-02 04:57:28 65,536 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\NewShortcut1_29622F4A245C41268764897E21E888D1.exe
+ 2008-09-02 04:57:28 65,536 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\NewShortcut2_29622F4A245C41268764897E21E888D1.exe
+ 2008-09-02 04:57:28 26,694 ----a-r C:\WINDOWS\Installer\{9578C0CD-8108-4379-9026-4601F59859A0}\UNINST_Uninstall_G_29622F4A245C41268764897E21E888D1.exe
+ 2008-09-01 03:48:29 10,134 ----a-r C:\WINDOWS\Installer\{FBF09842-EB7F-4BC2-BD32-DDE2572B2195}\callmsi.exe
+ 2008-09-01 03:48:29 140,544 ----a-r C:\WINDOWS\Installer\{FBF09842-EB7F-4BC2-BD32-DDE2572B2195}\egui.exe
+ 2004-08-03 22:55:32 159,232 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll
+ 2004-08-03 22:55:44 52,224 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
+ 2004-08-03 22:55:44 201,728 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll
+ 2004-08-03 22:56:42 356,352 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll
+ 2004-08-03 22:55:46 245,760 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll
+ 2004-08-03 22:55:58 27,136 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll
+ 2004-08-03 22:55:58 23,552 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll
+ 2005-01-28 10:44:28 164,864 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll
+ 2005-01-28 10:44:28 25,088 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
+ 2005-01-28 10:44:28 173,568 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll
+ 2005-01-28 10:44:28 364,784 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll
+ 2005-01-28 10:44:28 315,904 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll
+ 2005-01-28 10:44:28 28,160 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll
+ 2005-01-28 10:44:28 33,792 ----a-w C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll
+ 2005-01-28 10:44:28 47,104 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2005-01-28 10:44:28 15,872 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll
+ 2005-01-28 10:44:28 38,912 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2005-01-28 10:44:28 38,912 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll
+ 2005-01-28 10:44:28 61,952 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll
+ 2005-01-28 10:44:28 114,176 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll
+ 2005-01-28 10:44:28 331,776 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll
+ 2005-01-28 10:44:28 66,560 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll
+ 2005-01-28 10:44:28 331,264 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll
+ 2005-01-28 10:44:28 10,752 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll
+ 2005-01-28 10:44:28 18,944 ----a-w C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys
+ 2004-08-03 22:55:58 408,064 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll
+ 2004-08-03 22:55:58 759,296 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll
+ 2004-08-03 22:55:58 484,864 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll
+ 2004-08-03 22:55:58 809,984 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll
+ 2005-01-28 10:44:28 396,528 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll
+ 2005-01-28 10:44:28 774,904 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll
+ 2005-01-28 10:44:28 413,944 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll
+ 2005-01-28 10:44:28 1,218,808 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll
+ 2005-01-28 10:44:28 895,736 ----a-w C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll
+ 2004-08-03 22:55:40 6,656 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll
+ 2004-08-03 22:56:18 103,936 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2004-08-03 22:55:48 237,568 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll
+ 2004-08-03 22:55:58 670,720 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll
+ 2004-08-03 22:55:58 230,400 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll
+ 2004-08-03 22:55:58 151,552 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll
+ 2004-08-03 22:55:58 1,050,624 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll
+ 2004-08-03 22:55:58 1,119,744 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll
+ 2004-08-03 22:55:58 896,512 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll
+ 2004-08-03 22:56:44 2,105,344 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll
+ 2004-08-03 22:55:58 1,001,472 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll
+ 2005-01-28 10:44:28 6,656 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll
+ 2005-01-28 10:44:28 96,768 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2005-01-28 10:44:28 221,184 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll
+ 2005-01-28 10:44:28 716,288 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll
+ 2005-01-28 10:44:28 224,768 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll
+ 2005-01-28 10:44:28 335,872 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll
+ 2005-01-28 10:44:28 290,816 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll
+ 2005-01-28 10:44:28 150,016 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll
+ 2005-01-28 10:44:28 1,027,072 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll
+ 2005-01-28 10:44:28 1,119,744 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll
+ 2005-01-28 10:44:28 940,544 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll
+ 2005-01-28 10:44:28 1,512,448 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL
+ 2005-01-28 10:44:28 2,370,296 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll
+ 2005-01-28 10:44:28 1,003,008 ----a-w C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll
+ 2004-08-03 22:55:32 286,208 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll
+ 2004-08-03 22:56:46 299,520 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll
+ 2004-08-03 22:55:36 87,040 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll
+ 2004-08-03 22:56:44 695,296 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll
+ 2004-08-03 22:56:42 259,072 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll
+ 2005-01-28 10:44:28 294,912 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll
+ 2005-01-28 10:44:28 258,296 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll
+ 2005-01-28 10:44:28 96,768 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll
+ 2005-01-28 10:44:28 502,272 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll
+ 2005-01-28 10:44:28 142,336 ----a-w C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll
- 2004-08-03 22:55:32 286,208 ----a-w C:\WINDOWS\system32\blackbox.dll
+ 2005-01-28 10:44:28 294,912 ----a-w C:\WINDOWS\system32\blackbox.dll
- 2004-08-03 22:55:32 66,560 ----a-w C:\WINDOWS\system32\cdm.dll
+ 2007-07-30 16:19:20 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
- 2004-08-03 22:55:32 159,232 ----a-w C:\WINDOWS\system32\cewmdm.dll
+ 2005-01-28 10:44:28 164,864 ----a-w C:\WINDOWS\system32\cewmdm.dll
- 2004-08-03 22:55:32 286,208 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
+ 2005-01-28 10:44:28 294,912 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll
- 2004-08-03 22:55:32 66,560 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
+ 2007-07-30 16:19:20 92,504 -c--a-w C:\WINDOWS\system32\dllcache\cdm.dll
- 2004-08-03 22:55:32 159,232 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
+ 2005-01-28 10:44:28 164,864 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
- 2004-08-03 22:56:46 299,520 -c--a-w C:\WINDOWS\system32\dllcache\drmclien.dll
+ 2005-01-28 10:44:28 258,296 -c--a-w C:\WINDOWS\system32\dllcache\drmclien.dll
- 2004-08-03 22:55:36 87,040 -c--a-w C:\WINDOWS\system32\dllcache\drmstor.dll
+ 2005-01-28 10:44:28 96,768 -c--a-w C:\WINDOWS\system32\dllcache\drmstor.dll
- 2004-08-03 22:56:44 695,296 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2005-01-28 10:44:28 502,272 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2001-08-17 11:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 11:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 11:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 11:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll
+ 2001-08-17 19:36:18 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-17 19:36:18 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll
- 2004-08-03 22:55:40 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll
+ 2005-01-28 10:44:28 6,656 -c--a-w C:\WINDOWS\system32\dllcache\laprxy.dll
- 2004-08-03 22:56:18 103,936 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2005-01-28 10:44:28 96,768 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
- 2004-08-03 22:56:42 259,072 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
+ 2005-01-28 10:44:28 142,336 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll
- 2004-08-03 22:55:44 52,224 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
+ 2005-01-28 10:44:28 25,088 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll
- 2004-08-03 22:55:44 201,728 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
+ 2005-01-28 10:44:28 173,568 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
- 2004-08-03 22:56:42 356,352 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
+ 2005-01-28 10:44:28 364,784 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll
- 2004-08-03 22:55:46 245,760 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2005-01-28 10:44:28 315,904 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
- 2004-08-03 22:55:48 237,568 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2005-01-28 10:44:28 221,184 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
- 2004-08-03 22:55:58 408,064 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
+ 2005-01-28 10:44:28 396,528 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
- 2004-08-03 22:55:58 670,720 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
+ 2005-01-28 10:44:28 716,288 -c--a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll
- 2004-08-03 22:55:58 230,400 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2005-01-28 10:44:28 224,768 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-03 22:55:58 27,136 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
+ 2005-01-28 10:44:28 28,160 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll
- 2004-08-03 22:55:58 23,552 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
+ 2005-01-28 10:44:28 33,792 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
- 2004-08-03 22:55:58 151,552 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
+ 2005-01-28 10:44:28 150,016 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll
- 2004-08-03 22:55:58 1,050,624 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
+ 2005-01-28 10:44:28 1,027,072 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
- 2004-08-03 22:55:58 759,296 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
+ 2005-01-28 10:44:28 774,904 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
- 2004-08-03 22:55:58 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
+ 2005-01-28 10:44:28 1,119,744 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
- 2004-08-03 22:55:58 484,864 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2005-01-28 10:44:28 413,944 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
- 2004-08-03 22:55:58 896,512 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
+ 2005-01-28 10:44:28 940,544 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll
- 2004-08-03 22:56:44 2,105,344 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
+ 2005-01-28 10:44:28 2,370,296 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll
- 2004-08-03 22:55:58 809,984 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
+ 2005-01-28 10:44:28 895,736 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
- 2004-08-03 22:55:58 1,001,472 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2005-01-28 10:44:28 1,003,008 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
- 2004-08-03 22:56:00 430,080 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
+ 2007-07-30 16:19:36 549,720 -c--a-w C:\WINDOWS\system32\dllcache\wuapi.dll
- 2004-08-03 22:56:36 110,592 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
+ 2007-07-30 16:19:16 53,080 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
- 2004-08-03 22:56:02 1,134,592 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
+ 2007-07-30 16:19:42 1,712,984 -c--a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
- 2004-08-03 22:56:02 112,128 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
+ 2007-07-30 16:19:32 325,976 -c--a-w C:\WINDOWS\system32\dllcache\wucltui.dll
- 2004-08-03 22:56:02 36,864 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
+ 2007-07-30 16:18:40 33,624 -c--a-w C:\WINDOWS\system32\dllcache\wups.dll
- 2004-08-03 22:56:02 120,320 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2007-07-30 16:19:28 203,096 -c--a-w C:\WINDOWS\system32\dllcache\wuweb.dll
+ 2007-03-07 23:51:00 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2007-03-07 23:51:00 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2008-07-01 05:56:22 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
+ 2008-07-01 05:57:14 53,256 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
+ 2008-07-01 06:04:34 71,688 ----a-w C:\WINDOWS\system32\drivers\epfw.sys
+ 2008-07-01 06:04:36 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys
+ 2008-07-01 06:04:38 54,280 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys
+ 2007-03-07 23:51:00 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
+ 2005-01-28 10:44:28 18,944 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys
- 2004-08-03 22:56:46 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
+ 2005-01-28 10:44:28 258,296 ----a-w C:\WINDOWS\system32\drmclien.dll
- 2004-08-03 22:55:36 87,040 ----a-w C:\WINDOWS\system32\drmstor.dll
+ 2005-01-28 10:44:28 96,768 ----a-w C:\WINDOWS\system32\drmstor.dll
- 2004-08-03 22:56:44 695,296 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2005-01-28 10:44:28 502,272 ----a-w C:\WINDOWS\system32\drmv2clt.dll
+ 2001-08-17 11:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101b.dll
+ 2001-08-17 11:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd101c.dll
+ 2001-08-17 11:55:56 5,632 ----a-w C:\WINDOWS\system32\kbd103.dll
+ 2001-08-17 11:55:56 6,144 ----a-w C:\WINDOWS\system32\kbd106.dll
+ 2001-08-17 19:36:18 8,704 ----a-w C:\WINDOWS\system32\kbdjpn.dll
+ 2001-08-17 19:36:18 8,192 ----a-w C:\WINDOWS\system32\kbdkor.dll
- 2004-08-03 22:55:40 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll
+ 2005-01-28 10:44:28 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll
- 2004-08-03 22:56:18 103,936 ----a-w C:\WINDOWS\system32\logagent.exe
+ 2005-01-28 10:44:28 96,768 ----a-w C:\WINDOWS\system32\logagent.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-09-03 23:43:17 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2004-08-03 22:56:42 259,072 ----a-w C:\WINDOWS\system32\msnetobj.dll
+ 2005-01-28 10:44:28 142,336 ----a-w C:\WINDOWS\system32\msnetobj.dll
- 2004-08-03 22:55:44 52,224 ----a-w C:\WINDOWS\system32\mspmsnsv.dll
+ 2005-01-28 10:44:28 25,088 ----a-w C:\WINDOWS\system32\MsPMSNSv.dll
- 2004-08-03 22:55:44 201,728 ----a-w C:\WINDOWS\system32\mspmsp.dll
+ 2005-01-28 10:44:28 173,568 ----a-w C:\WINDOWS\system32\MsPMSP.dll
- 2004-08-03 22:56:42 356,352 ----a-w C:\WINDOWS\system32\msscp.dll
+ 2005-01-28 10:44:28 364,784 ----a-w C:\WINDOWS\system32\MSSCP.dll
- 2004-08-03 22:55:46 245,760 ----a-w C:\WINDOWS\system32\mswmdm.dll
+ 2005-01-28 10:44:28 315,904 ----a-w C:\WINDOWS\system32\MSWMDM.dll
+ 2007-03-07 23:51:00 547,576 ------w C:\WINDOWS\system32\px.dll
+ 2007-03-07 23:51:00 129,784 ------w C:\WINDOWS\system32\pxafs.dll
+ 2007-03-07 23:51:00 64,760 ------w C:\WINDOWS\system32\pxcpya64.exe
+ 2007-03-07 23:51:00 510,712 ------w C:\WINDOWS\system32\pxdrv.dll
+ 2007-03-07 23:51:00 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
+ 2007-03-07 23:51:00 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
+ 2007-03-07 23:51:00 187,128 ------w C:\WINDOWS\system32\pxmas.dll
+ 2007-03-07 23:51:00 1,628,920 ------w C:\WINDOWS\system32\pxsfs.dll
+ 2007-03-07 23:51:00 379,640 ------w C:\WINDOWS\system32\pxwave.dll
- 2004-08-03 22:55:48 237,568 ----a-w C:\WINDOWS\system32\qasf.dll
+ 2005-01-28 10:44:28 221,184 ----a-w C:\WINDOWS\system32\qasf.dll
+ 2007-07-30 16:18:40 33,624 ----a-w C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381\wups.dll
+ 2005-02-25 03:34:29 14,560 ------w C:\WINDOWS\system32\spmsg.dll
+ 2005-02-25 03:34:29 22,752 ----a-w C:\WINDOWS\system32\spupdsvc.exe
+ 2005-01-28 10:44:28 47,104 ----a-w C:\WINDOWS\system32\uwdf.exe
+ 2007-03-07 23:51:00 39,672 ------w C:\WINDOWS\system32\vxblock.dll
+ 2005-01-28 10:44:28 15,872 ----a-w C:\WINDOWS\system32\wdfapi.dll
+ 2005-01-28 10:44:28 38,912 ----a-w C:\WINDOWS\system32\wdfmgr.exe
- 2004-08-03 22:55:58 408,064 ----a-w C:\WINDOWS\system32\wmadmod.dll
+ 2005-01-28 10:44:28 396,528 ----a-w C:\WINDOWS\system32\wmadmod.dll
- 2004-08-03 22:55:58 670,720 ----a-w C:\WINDOWS\system32\wmadmoe.dll
+ 2005-01-28 10:44:28 716,288 ----a-w C:\WINDOWS\system32\wmadmoe.dll
- 2004-08-03 22:55:58 230,400 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2005-01-28 10:44:28 224,768 ----a-w C:\WINDOWS\system32\wmasf.dll
- 2004-08-03 22:55:58 27,136 ----a-w C:\WINDOWS\system32\wmdmlog.dll
+ 2005-01-28 10:44:28 28,160 ----a-w C:\WINDOWS\system32\WMDMLOG.dll
- 2004-08-03 22:55:58 23,552 ----a-w C:\WINDOWS\system32\wmdmps.dll
+ 2005-01-28 10:44:28 33,792 ----a-w C:\WINDOWS\system32\WMDMPS.dll
+ 2005-01-28 10:44:28 335,872 ----a-w C:\WINDOWS\system32\WMDRMdev.dll
+ 2005-01-28 10:44:28 290,816 ----a-w C:\WINDOWS\system32\WMDRMNet.dll
- 2004-08-03 22:55:58 151,552 ----a-w C:\WINDOWS\system32\wmidx.dll
+ 2005-01-28 10:44:28 150,016 ----a-w C:\WINDOWS\system32\wmidx.dll
- 2004-08-03 22:55:58 1,050,624 ----a-w C:\WINDOWS\system32\wmnetmgr.dll
+ 2005-01-28 10:44:28 1,027,072 ----a-w C:\WINDOWS\system32\wmnetmgr.dll
- 2004-08-03 22:55:58 759,296 ----a-w C:\WINDOWS\system32\wmsdmod.dll
+ 2005-01-28 10:44:28 774,904 ----a-w C:\WINDOWS\system32\wmsdmod.dll
- 2004-08-03 22:55:58 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
+ 2005-01-28 10:44:28 1,119,744 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
- 2004-08-03 22:55:58 484,864 ----a-w C:\WINDOWS\system32\wmspdmod.dll
+ 2005-01-28 10:44:28 413,944 ----a-w C:\WINDOWS\system32\wmspdmod.dll
- 2004-08-03 22:55:58 896,512 ----a-w C:\WINDOWS\system32\wmspdmoe.dll
+ 2005-01-28 10:44:28 940,544 ----a-w C:\WINDOWS\system32\wmspdmoe.dll
+ 2005-01-28 10:44:28 1,218,808 ----a-w C:\WINDOWS\system32\wmvadvd.dll
+ 2005-01-28 10:44:28 1,512,448 ----a-w C:\WINDOWS\system32\WMVADVE.DLL
- 2004-08-03 22:56:44 2,105,344 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2005-01-28 10:44:28 2,370,296 ----a-w C:\WINDOWS\system32\wmvcore.dll
- 2004-08-03 22:55:58 809,984 ----a-w C:\WINDOWS\system32\wmvdmod.dll
+ 2005-01-28 10:44:28 895,736 ----a-w C:\WINDOWS\system32\wmvdmod.dll
- 2004-08-03 22:55:58 1,001,472 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2005-01-28 10:44:28 1,003,008 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2005-01-28 10:44:28 38,912 ----a-w C:\WINDOWS\system32\wpd_ci.dll
+ 2005-01-28 10:44:28 61,952 ----a-w C:\WINDOWS\system32\wpdconns.dll
+ 2005-01-28 10:44:28 114,176 ----a-w C:\WINDOWS\system32\wpdmtp.dll
+ 2005-01-28 10:44:28 331,776 ----a-w C:\WINDOWS\system32\wpdmtpdr.dll
+ 2005-01-28 10:44:28 66,560 ----a-w C:\WINDOWS\system32\wpdmtpus.dll
+ 2005-01-28 10:44:28 331,264 ----a-w C:\WINDOWS\system32\wpdsp.dll
+ 2005-01-28 10:44:28 10,752 ----a-w C:\WINDOWS\system32\wpdtrace.dll
- 2004-08-03 22:56:00 430,080 ----a-w C:\WINDOWS\system32\wuapi.dll
+ 2007-07-30 16:19:36 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
- 2004-08-03 22:56:36 110,592 ----a-w C:\WINDOWS\system32\wuauclt.exe
+ 2007-07-30 16:19:16 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
- 2004-08-03 22:56:02 1,134,592 ----a-w C:\WINDOWS\system32\wuaueng.dll
+ 2007-07-30 16:19:42 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
- 2004-08-03 22:56:02 112,128 ----a-w C:\WINDOWS\system32\wucltui.dll
+ 2007-07-30 16:19:32 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
- 2004-08-03 22:56:02 36,864 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 16:18:40 33,624 ----a-w C:\WINDOWS\system32\wups.dll
+ 2007-07-30 16:19:12 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
- 2004-08-03 22:56:02 120,320 ----a-w C:\WINDOWS\system32\wuweb.dll
+ 2007-07-30 16:19:28 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [09/01/2008 03:42 AM 171448]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [09/01/2008 03:54 AM 2606512]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [01/19/2007 12:55 PM 5674352]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [04/01/2008 04:54 AM 507904]
"Google Update"="C:\Documents and Settings\hamada\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [09/04/2008 01:45 AM 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StormCodec_Helper"="C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" [11/26/2006 09:30 PM 97357]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38 AM 34672]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [07/01/2008 09:01 AM 1447168]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [10/10/2007 08:28 AM 36352]
"SoundMan"="SOUNDMAN.EXE" [03/01/2006 11:22 AM 577536 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 01:56 AM 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
s of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\hamada\Application Data\Mozilla\Firefox\Profiles\e88kswc9.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF -: plugin - C:\Documents and Settings\hamada\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-09-05 07:09:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 09/05/2008 7:09:57
ComboFix-quarantined-files.txt 2008-09-05 04:09:54
ComboFix2.txt 2008-09-01 04:16:42
ComboFix3.txt 2008-09-01 03:40:23
ComboFix4.txt 2008-09-01 02:18:09
Pre-Run: 36,161,626,112 bytes free
Post-Run: 36,261,638,144 bytes free
386 --- E O F --- 2008-09-02 02:52:42
ر الاول يا الغالي​
 
تأييد 0
بقي هذي الخطوه

واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
أنقر للتوسيع...
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
هذا التقرير الاول اللي فوق​
 
تأييد 0
هذا التقرير التاني

Logfile of HijackThis v1.99.1
Scan saved at 07:27:13 ص, on 05/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Documents and Settings\hamada\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\hamada\My Documents\Downloads\Compressed\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hamada\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe​
 
تأييد 0
السلام عليكم يا اخوة عملت تقرير الهايجك ممكن متابعة معي
ولكم جزيل الشكر​
 
تأييد 0
السلام عليكم يا اخوة عملت تقرير الهايجك ممكن متابعة معي
ولكم جزيل الشكر​
أنقر للتوسيع...


وعليكم السلام

وممكن ونص


حدد القيم واحذفها



O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)




O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll




O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll




O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hamada\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c




O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





طريقة الحذف

mg%20%283%29.png


mg%20%284%29.png

بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

002.png



بعد عمل المطلوب


قم بعمل التالي



حمل اداة الكاسبر من الرابط التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل

تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير

zyzoom-3d6517b067.png


zyzoom-7717063ed7.png


zyzoom-cda271da05.png


zyzoom-26888dbf15.png


zyzoom-3f4576c288.png


ثم قم بضغط التقرير ورفعه هنا>>>>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




بعد ما تعمل فحص بالكاسبر

عطني تقرير الكاسبر وعطني تقرير هايجاك
بالأنتظار لاهنت..​
 
توقيع : AbOdy
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى