هل في كمبيوتري تروجونات ؟

[saudi-falcon]

السلام عليكم ورحمة الله وبركاته

انا حملت برنا مج comodo anti-malware المهم



انا سويت بحث عن التروجونات واظهر لي هذ التقرير. هل انا مصاب بتروجونات ؟

 

[boob77]

وعليكم السلام ورحمة الله

اعذرني يا اخوي قمت بحذف التقرير لانه طويل جدااااا جداااا بامكانك رفعه على اي موقع

ووضع الرابط ,,

 

[boob77]

حمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

يجب ان تكون جميع النوافذ مغلقة تماما
لا تلمس الماوس نهائيا عند الاستخدام
--------------------------------------------

( 2 )

واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم

 

[saudi-falcon]

السلام عليكم ورحمة الله وبركاته
اخوي هذا التقرير الاول


ComboFix 08-09-15.02 - Tcg2 09/16/2008 7:11:12.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.651 [GMT 3:00]
Running from: C:\Documents and Settings\Tcg2\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\url(2)(2).dll
.
((((((((((((((((((((((((( Files Created from 2008-08-16 to 2008-09-16 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-16 04:13 475,168 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-16 04:13 3,752 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-16 04:13 17,444 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-16 04:13 1,960,480 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-16 04:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-15 22:32 --------- d-----w C:\Program Files\Comodo
2008-09-15 22:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-14 23:15 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-12 16:36 --------- d-----w C:\Program Files\Spyware Doctor
2008-09-08 14:27 --------- d-----w C:\Program Files\Uniblue
2008-09-08 14:27 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\Uniblue
2008-09-08 14:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Uniblue
2008-09-07 23:09 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\CyberScrub
2008-09-07 02:08 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\PC Tools
2008-09-07 01:59 --------- d-----w C:\Program Files\Google
2008-09-06 18:52 --------- d-----w C:\Program Files\Rhapsody
2008-09-06 18:52 --------- d-----w C:\Program Files\Real
2008-09-06 18:52 --------- d-----w C:\Program Files\Common Files\Real
2008-09-06 18:32 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\FastStone
2008-09-04 19:18 --------- d-----w C:\Program Files\Winamp
2008-09-04 19:18 --------- d-----w C:\Program Files\The Playa
2008-09-04 19:18 --------- d-----w C:\Program Files\QuickTime
2008-09-04 19:18 --------- d-----w C:\Program Files\Modem Helper
2008-09-04 19:18 --------- d-----w C:\Program Files\Dell
2008-09-04 19:18 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\Windows Live Writer
2008-09-03 16:58 --------- d-----w C:\Program Files\Windows Live
2008-09-03 16:57 --------- d-----w C:\Program Files\XoftSpySE
2008-09-03 16:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-02 17:18 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\Apple Computer
2008-09-02 14:17 --------- d-----w C:\Program Files\iTunes
2008-09-02 14:16 --------- d-----w C:\Program Files\iPod
2008-09-02 14:16 --------- d-----w C:\Program Files\Bonjour
2008-09-02 14:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-02 14:15 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-02 14:15 --------- d-----w C:\Program Files\Apple Software Update
2008-09-02 14:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-09-02 13:46 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-02 13:29 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-01 14:43 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\Media Player Classic
2008-09-01 13:15 --------- d-----w C:\Program Files\XP Codec Pack
2008-09-01 13:14 --------- d-----w C:\Program Files\GRETECH
2008-09-01 13:14 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\GRETECH
2008-09-01 13:13 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-01 00:30 --------- d-----w C:\Program Files\HP
2008-09-01 00:30 --------- d-----w C:\Program Files\Common Files\HP
2008-09-01 00:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\HP
2008-09-01 00:27 --------- d-----w C:\Program Files\Hewlett-Packard
2008-09-01 00:10 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE
2008-09-01 00:10 172,032 ------w C:\WINDOWS\Setup1.exe
2008-09-01 00:08 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-09-01 00:06 --------- d-----w C:\Program Files\EasyZip
2008-08-31 23:55 --------- d-----w C:\Program Files\RealArcade
2008-08-31 23:44 --------- d-----w C:\Program Files\uninstallerpro(2)
2008-08-31 23:38 --------- d-----w C:\Program Files\MSN Messenger(2)
2008-08-31 23:14 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-08-31 23:13 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\HP
2008-08-31 23:06 --------- d-----w C:\Documents and Settings\LocalService\Application Data\HP
2008-08-31 22:44 --------- d-----w C:\Program Files\Nero
2008-08-31 14:16 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\Image Zone Express
2008-08-30 09:17 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-08-30 08:46 --------- d-----w C:\Documents and Settings\Tcg2\Application Data\ACD Systems
2008-08-30 08:32 --------- d-----w C:\Program Files\حصن المسلم
2008-08-30 08:17 --------- d-----w C:\Program Files\Nokia
2008-08-30 08:12 --------- d-----w C:\Program Files\ACD Systems
2008-08-30 08:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-08-29 19:16 --------- d-----w C:\Program Files\Kaspersky Lab
2008-08-29 18:01 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-29 17:28 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-08-29 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-08-28 15:02 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-08-27 13:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-26 22:10 0 ----a-w C:\WINDOWS\system32\config\systemprofile\NTUSER(2).DAT
2008-08-26 21:48 --------- d-----w C:\Program Files\Trend Micro
2008-08-26 04:52 --------- d-----w C:\Program Files\WIDCOMM
2008-08-26 04:35 --------- d-----w C:\Program Files\SLD Codec Pack
2008-08-26 04:34 --------- d-----w C:\Program Files\DivXCodec
2008-08-26 04:16 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-26 04:16 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-08-26 04:04 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-26 04:03 155,995 ----a-w C:\WINDOWS\java\Packages\UBXVR13D.ZIP
2008-08-26 04:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-26 04:03 --------- d-----w C:\Program Files\Quranzu1
2008-08-26 04:03 --------- d-----w C:\Program Files\Al-Mutarjim Al-Fawri
2008-08-26 04:02 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-08-26 04:02 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-08-26 04:02 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-08-26 04:02 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-08-26 04:02 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-08-26 04:02 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-08-26 04:02 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
2008-08-26 04:02 --------- d-----w C:\Program Files\Real_SC
2008-08-26 03:57 --------- d-----w C:\Program Files\PC Camera
2008-08-26 03:54 --------- d-----w C:\Program Files\Synaptics
2008-08-26 03:54 --------- d-----w C:\Program Files\Broadcom
2008-08-26 03:10 --------- d-----w C:\Program Files\SigmaTel
2008-08-26 03:10 --------- d-----w C:\Program Files\CONEXANT
2008-08-26 02:48 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-26 02:43 --------- d-----w C:\Program Files\DIFX
2008-08-26 02:42 --------- d-----w C:\Program Files\Intel
2008-08-26 02:11 --------- d-----w C:\Program Files\microsoft frontpage
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 11:34 AM 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [09/07/2008 04:59 AM 39408]
"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [08/25/2008 03:44 PM 1431816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [11/01/2006 08:48 PM 1392640]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [12/14/2005 03:44 AM 98304]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [12/14/2005 03:41 AM 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [12/14/2005 03:45 AM 118784]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [03/08/2006 10:48 PM 761947]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [08/04/2006 04:51 AM 1032192]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/19/2006 02:41 AM 49152]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [05/27/2008 10:50 AM 413696]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM 206088]
"SigmatelSysTrayApp"="stsystra.exe" [03/25/2006 03:30 AM 282624 C:\WINDOWS\stsystra.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-08-26 113664]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-05-25 622653]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2008-09-01 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"msacm.divxa32"= msaud32_divx.acm
"vidc.ffds"= ffdshow.ax
"msacm.ac3filter"= ac3filter.acm
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"WinampAgent"="C:\Program Files\Winamp\winampa.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/30/2008 06:06 PM 24592]
S3 CAM1210;SM0121 USB 2.0 Video Camera;C:\WINDOWS\system32\Drivers\cam1210.sys [07/25/2006 03:49 AM 89856]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c5731a8c-7323-11dd-b4c6-0019b972f996}]
\Shell\AutOPlay\commanD - F:\mlehp.cmd
\Shell\AutoRun\command - F:\mlehp.cmd
\Shell\exPloRE\CoMMAnD - F:\mlehp.cmd
\Shell\oPEn\COMmAnD - F:\mlehp.cmd
.
s of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.sa/
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
R0 -: HKLM-Main,Start Page = hxxp://www.msn.com
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O16 -: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-09-16 07:16:26
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MCSTRM]
"ImagePath"="\??\C:\WINDOWS\system32"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Completion time: 09/16/2008 7:20:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-16 04:19:56
Pre-Run: 15,375,917,056 bytes free
Post-Run: 15,275,646,976 bytes free
236 --- E O F --- 2008-09-09 16:48:55

 

[saudi-falcon]

وهذ ا تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:24:38 ص, on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue SpyEraser] "C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 7082 bytes

 

[البارون]

نعم اخوي للاسف :y::y::y::y:

لا والله جهازك سليم بس قلنا نهزر معك ​

 

[saudi-falcon]

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

الله يوفقك لكل خير

ويجزاك خير الجزاء

 

[boob77]

جهازك سليم ان شاء الله

فقط نظف الجهاز

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

 

[saudi-falcon]

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

الله يجزاك كل خير

 

[alemalbyelaram]

جزاك الله خيرااااا حركه تمام

 

[saudi-falcon]

الله يجزاك كل خير اخوي ...ويشكر مرورك الطيب