- بادئ الموضوع حنبعل
- تاريخ البدء
- 1,099
فارس الملاك
زيزوومى محترف
غير متصل
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
التعديل الأخير بواسطة المشرف:
توقيع : فارس الملاك
تأييد
0
فارس الملاك
زيزوومى محترف
غير متصل
اضغط Ctrl +Alt +Del
وبعدين ملف => مهمه جديدة
واكتب
explorer
وراح يطلع لك شريط المهام
توقيع : فارس الملاك
تأييد
0
هذا التقرير
ComboFix 08-10-15.08 - fsc 10/16/2008 14:29:34.1 - NTFSx86
Microsoft Windows XP Edition familiale 5.1.2600.2.1256.1.1036.18.176 [GMT 2:00]Running from: C:\Documents and Settings\fsc\Bureau\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\fsc\s\UEVSC.HOB
228 --- E O F --- 2008-10-15 12:00:13
.
((((((((((((((((((((((((( Files Created from 2008-09-16 to 2008-10-16 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-16 12:40 24,138,272 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-16 12:38 1,506,592 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-16 12:36 324,260 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-16 12:36 142,244 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-16 12:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-16 01:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-15 23:23 --------- d-----w C:\Documents and Settings\fsc\Application Data\cleaner
2008-10-15 23:13 --------- d-----w C:\Documents and Settings\fsc\Application Data\CyberScrub
2008-10-15 13:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-15 12:07 --------- d-----w C:\Documents and Settings\fsc\Application Data\IDM
2008-10-15 12:04 --------- d-----w C:\Documents and Settings\fsc\Application Data\DMCache
2008-10-14 21:52 --------- d-----w C:\Program Files\Opera
2008-10-14 15:49 --------- d-----w C:\Program Files\JetAudio
2008-10-14 01:04 720,896 ----a-w C:\WINDOWS\iun6002.exe
2008-10-14 01:04 --------- d-----w C:\Program Files\Abadisoft
2008-10-12 18:50 --------- d-----w C:\Program Files\Smarty Uninstaller Pro
2008-10-12 18:25 --------- d-----w C:\Program Files\Magentic
2008-10-12 13:06 --------- d-----w C:\Program Files\Fichiers communs\SWF Studio
2008-10-12 13:01 --------- d-----w C:\Program Files\KON
2008-10-12 01:59 --------- d-----w C:\Program Files\Advanced System Optimizer
2008-10-12 00:18 --------- d-----w C:\Documents and Settings\fsc\Application Data\Thinstall
2008-10-09 12:25 --------- d-----w C:\Program Files\Monopoly Here & Now Edition
2008-10-09 01:17 --------- d-----w C:\Program Files\Desktop Icon Toy
2008-10-09 01:11 --------- d-----w C:\Documents and Settings\fsc\Application Data\WinAmp Control
2008-10-07 12:30 --------- d-----w C:\Program Files\Samy_Soft
2008-10-06 22:18 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-06 22:18 --------- d-----w C:\Documents and Settings\fsc\Application Data\Malwarebytes
2008-10-06 22:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-04 20:35 230,432 ----a-w C:\PA7302.DAT
2008-10-04 15:26 62,976 ----a-w C:\WINDOWS\PegtopUI.exe
2008-10-02 17:46 --------- d-----w C:\Program Files\Fichiers communs\Adobe AIR
2008-10-02 17:42 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-28 02:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-27 12:34 --------- d-----w C:\Program Files\Internet Download Manager
2008-09-27 00:01 --------- d-----w C:\Program Files\AskBarDis
2008-09-26 23:10 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-09-26 23:05 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-09-25 01:27 --------- d-----w C:\Documents and Settings\fsc\Application Data\Systweak
2008-09-20 01:02 --------- d-----w C:\Program Files\Wise Disk Cleaner
2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 01:13 --------- d-----w C:\Program Files\Google
2008-09-13 16:04 --------- d-----w C:\Program Files\AlienGUIse
2008-09-10 13:05 --------- d-----w C:\Program Files\Error Repair Professional
2008-09-10 12:49 --------- d-----w C:\Program Files\Java
2008-09-10 12:29 --------- d-----w C:\Documents and Settings\fsc\Application Data\URSoft
2008-09-09 22:07 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:07 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-09 16:51 --------- d-----w C:\Documents and Settings\fsc\Application Data\elefundesktops
2008-09-06 01:35 --------- d-----w C:\Program Files\Alky for Applications
2008-08-31 00:00 4,314 ----a-w C:\WINDOWS\system32\tmp.reg
2008-08-28 12:07 --------- d-----w C:\Program Files\Real
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-27 01:09 --------- d-----w C:\Documents and Settings\fsc\Application Data\Aston
2008-08-27 00:33 --------- d-----w C:\Documents and Settings\fsc\Application Data\Orbit
2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\system32\WININET.DLL
2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\system32\admparse.dll
2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\system32\iesetup.dll
2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-08-22 01:05 48,640 ------w C:\WINDOWS\system32\PrivacIE.dll
2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2008-08-16 00:06 --------- d-----w C:\Program Files\TGTSoft
2008-08-14 13:39 2,144,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:39 2,022,912 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-13 14:45 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-08-04 07:51 750,984 ----a-w C:\WINDOWS\system32\Magentic Screensaver.scr
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
07/17/2008 05:20 PM 279944 --a------ C:\Program Files\AskBarDis\bar\bin\askBar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "C:\Program Files\AskBarDis\bar\bin\askBar1.dll" [07/17/2008 05:20 PM 279944]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "C:\Program Files\AskBarDis\bar\bin\askBar1.dll" [07/17/2008 05:20 PM 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/05/2004 02:00 PM 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM 4670704]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [06/08/2007 04:59 PM 224248]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [11/19/2007 10:21 PM 68856]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/24/2006 08:31 PM 1372160]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/30/2008 02:16 PM 2610608]
"DesktopIconToy"="C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe" [05/11/2008 11:26 AM 450560]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [08/04/2008 09:51 AM 488808]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Privacy Suite"="C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" [11/20/2007 02:19 PM 872080]
"ClearPageFileAtShutDown"="C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" [11/20/2007 02:19 PM 872080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [07/25/2005 02:36 PM 32768]
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" [04/19/2006 06:03 PM 65536]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [05/04/2006 11:34 AM 86016]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/23/2006 01:17 PM 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/23/2006 01:13 PM 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/23/2006 01:17 PM 118784]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/21/2006 04:16 PM 761946]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [01/12/2006 05:40 PM 155648]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [06/08/2007 04:59 PM 224248]
"PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" [11/03/2006 11:01 AM 319488]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [10/07/2008 10:37 PM 6731312]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [09/15/2008 03:13 AM 29744]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38 AM 34672]
"KON"="C:\PROGRA~1\KON\KON\KON.exe" [07/19/2002 04:13 PM 2379600]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [02/08/2008 06:36 PM 227856]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/05/2004 02:00 PM 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [07/21/2006 05:56 PM 16261632 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [05/16/2006 07:04 PM 2879488 C:\WINDOWS\SkyTel.exe]
"SMSERIAL"="sm56hlpr.exe" [01/20/2006 01:34 PM 544768 C:\WINDOWS\sm56hlpr.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/05/2004 02:00 PM 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 49152]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
12/20/2001 11:34 PM 24576 C:\Program Files\AlienGUIse\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [04/28/2003 12:27 PM 9867]
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [08/14/2007 08:28 AM 728920]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [12/13/2007 01:28 PM 24592]
R3 PAC7302;PAC7302 VGA USB Camera;C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [06/14/2007 03:29 PM 457856]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d09dbb22-8f73-11dc-87c6-001302e20948}]
\Shell\Auto\command - printer.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe
.
s of the 'Scheduled Tasks' folder
2008-10-16 C:\WINDOWS\Tasks\GlaryInitialize.job
- C:\Program Files\Glary Utilities\initialize.exe []
2008-10-15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B4669883-0308-4230-B520-658CF58355E5}.job
- C:\WINDOWS\system32\msfeedssync.exe [08/22/2008 03:05 AM]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
HKCU-Run-ErrorRepairPro - C:\Documents and Settings\fsc\Bureau\ملف التنظيف\autostart.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\fsc\Application Data\Mozilla\Firefox\Profiles\mvo83ejr.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://mystart.magentic.com/french/
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1070.1219\npCIDetect11.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM1.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM2.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM3.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM5.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM6.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.
.
------- File Associations -------
.
txtfile=C:\WINDOWS\notepad.exe %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-10-16 14:38:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\DOCUME~1\fsc\LOCALS~1\Temp\RGI1.tmp 7136 bytes
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 10/16/2008 14:49:56 - machine was rebooted [fsc]
ComboFix-quarantined-files.txt 2008-10-16 12:49:28
Pre-Run: 39,113,195,520 octets libres
Post-Run: 39,041,085,440 octets libres
C:\WINDOWS\IE4 Error Log.txt
ComboFix 08-10-15.08 - fsc 10/16/2008 14:29:34.1 - NTFSx86
Microsoft Windows XP Edition familiale 5.1.2600.2.1256.1.1036.18.176 [GMT 2:00]Running from: C:\Documents and Settings\fsc\Bureau\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\fsc\s\UEVSC.HOB
228 --- E O F --- 2008-10-15 12:00:13
.
((((((((((((((((((((((((( Files Created from 2008-09-16 to 2008-10-16 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-16 12:40 24,138,272 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-16 12:38 1,506,592 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-16 12:36 324,260 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-16 12:36 142,244 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-16 12:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-16 01:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-15 23:23 --------- d-----w C:\Documents and Settings\fsc\Application Data\cleaner
2008-10-15 23:13 --------- d-----w C:\Documents and Settings\fsc\Application Data\CyberScrub
2008-10-15 13:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-15 12:07 --------- d-----w C:\Documents and Settings\fsc\Application Data\IDM
2008-10-15 12:04 --------- d-----w C:\Documents and Settings\fsc\Application Data\DMCache
2008-10-14 21:52 --------- d-----w C:\Program Files\Opera
2008-10-14 15:49 --------- d-----w C:\Program Files\JetAudio
2008-10-14 01:04 720,896 ----a-w C:\WINDOWS\iun6002.exe
2008-10-14 01:04 --------- d-----w C:\Program Files\Abadisoft
2008-10-12 18:50 --------- d-----w C:\Program Files\Smarty Uninstaller Pro
2008-10-12 18:25 --------- d-----w C:\Program Files\Magentic
2008-10-12 13:06 --------- d-----w C:\Program Files\Fichiers communs\SWF Studio
2008-10-12 13:01 --------- d-----w C:\Program Files\KON
2008-10-12 01:59 --------- d-----w C:\Program Files\Advanced System Optimizer
2008-10-12 00:18 --------- d-----w C:\Documents and Settings\fsc\Application Data\Thinstall
2008-10-09 12:25 --------- d-----w C:\Program Files\Monopoly Here & Now Edition
2008-10-09 01:17 --------- d-----w C:\Program Files\Desktop Icon Toy
2008-10-09 01:11 --------- d-----w C:\Documents and Settings\fsc\Application Data\WinAmp Control
2008-10-07 12:30 --------- d-----w C:\Program Files\Samy_Soft
2008-10-06 22:18 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-06 22:18 --------- d-----w C:\Documents and Settings\fsc\Application Data\Malwarebytes
2008-10-06 22:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-04 20:35 230,432 ----a-w C:\PA7302.DAT
2008-10-04 15:26 62,976 ----a-w C:\WINDOWS\PegtopUI.exe
2008-10-02 17:46 --------- d-----w C:\Program Files\Fichiers communs\Adobe AIR
2008-10-02 17:42 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-28 02:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-27 12:34 --------- d-----w C:\Program Files\Internet Download Manager
2008-09-27 00:01 --------- d-----w C:\Program Files\AskBarDis
2008-09-26 23:10 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-09-26 23:05 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
2008-09-25 01:27 --------- d-----w C:\Documents and Settings\fsc\Application Data\Systweak
2008-09-20 01:02 --------- d-----w C:\Program Files\Wise Disk Cleaner
2008-09-15 15:39 1,846,144 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-15 01:13 --------- d-----w C:\Program Files\Google
2008-09-13 16:04 --------- d-----w C:\Program Files\AlienGUIse
2008-09-10 13:05 --------- d-----w C:\Program Files\Error Repair Professional
2008-09-10 12:49 --------- d-----w C:\Program Files\Java
2008-09-10 12:29 --------- d-----w C:\Documents and Settings\fsc\Application Data\URSoft
2008-09-09 22:07 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-09 22:07 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-09-09 16:51 --------- d-----w C:\Documents and Settings\fsc\Application Data\elefundesktops
2008-09-06 01:35 --------- d-----w C:\Program Files\Alky for Applications
2008-08-31 00:00 4,314 ----a-w C:\WINDOWS\system32\tmp.reg
2008-08-28 12:07 --------- d-----w C:\Program Files\Real
2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-27 01:09 --------- d-----w C:\Documents and Settings\fsc\Application Data\Aston
2008-08-27 00:33 --------- d-----w C:\Documents and Settings\fsc\Application Data\Orbit
2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\system32\WININET.DLL
2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\system32\admparse.dll
2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\system32\iesetup.dll
2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-08-22 01:05 48,640 ------w C:\WINDOWS\system32\PrivacIE.dll
2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
2008-08-16 00:06 --------- d-----w C:\Program Files\TGTSoft
2008-08-14 13:39 2,144,768 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:39 2,022,912 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-13 14:45 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
2008-08-04 07:51 750,984 ----a-w C:\WINDOWS\system32\Magentic Screensaver.scr
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
07/17/2008 05:20 PM 279944 --a------ C:\Program Files\AskBarDis\bar\bin\askBar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "C:\Program Files\AskBarDis\bar\bin\askBar1.dll" [07/17/2008 05:20 PM 279944]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "C:\Program Files\AskBarDis\bar\bin\askBar1.dll" [07/17/2008 05:20 PM 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/05/2004 02:00 PM 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM 4670704]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [06/08/2007 04:59 PM 224248]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [11/19/2007 10:21 PM 68856]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/24/2006 08:31 PM 1372160]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/30/2008 02:16 PM 2610608]
"DesktopIconToy"="C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe" [05/11/2008 11:26 AM 450560]
"Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [08/04/2008 09:51 AM 488808]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Privacy Suite"="C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" [11/20/2007 02:19 PM 872080]
"ClearPageFileAtShutDown"="C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" [11/20/2007 02:19 PM 872080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe" [07/25/2005 02:36 PM 32768]
"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe" [04/19/2006 06:03 PM 65536]
"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe" [05/04/2006 11:34 AM 86016]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [03/23/2006 01:17 PM 94208]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [03/23/2006 01:13 PM 77824]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [03/23/2006 01:17 PM 118784]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/21/2006 04:16 PM 761946]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [01/12/2006 05:40 PM 155648]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [06/08/2007 04:59 PM 224248]
"PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" [11/03/2006 11:01 AM 319488]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [10/07/2008 10:37 PM 6731312]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM 144784]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [09/15/2008 03:13 AM 29744]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38 AM 34672]
"KON"="C:\PROGRA~1\KON\KON\KON.exe" [07/19/2002 04:13 PM 2379600]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [02/08/2008 06:36 PM 227856]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/05/2004 02:00 PM 110592 C:\WINDOWS\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [07/21/2006 05:56 PM 16261632 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [05/16/2006 07:04 PM 2879488 C:\WINDOWS\SkyTel.exe]
"SMSERIAL"="sm56hlpr.exe" [01/20/2006 01:34 PM 544768 C:\WINDOWS\sm56hlpr.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/05/2004 02:00 PM 15360]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-06-16 49152]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Program Files\\TGTSoft\\StyleXP\\Logon\\CurrentLogon.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
12/20/2001 11:34 PM 24576 C:\Program Files\AlienGUIse\fastload.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Magentic\\bin\\MgImp.exe"=
"C:\\Program Files\\Magentic\\bin\\Magentic.exe"=
"C:\\Program Files\\Magentic\\bin\\MgApp.exe"=
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [04/28/2003 12:27 PM 9867]
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [08/14/2007 08:28 AM 728920]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [12/13/2007 01:28 PM 24592]
R3 PAC7302;PAC7302 VGA USB Camera;C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [06/14/2007 03:29 PM 457856]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys [ ]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d09dbb22-8f73-11dc-87c6-001302e20948}]
\Shell\Auto\command - printer.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL printer.exe
.
s of the 'Scheduled Tasks' folder
2008-10-16 C:\WINDOWS\Tasks\GlaryInitialize.job
- C:\Program Files\Glary Utilities\initialize.exe []
2008-10-15 C:\WINDOWS\Tasks\User_Feed_Synchronization-{B4669883-0308-4230-B520-658CF58355E5}.job
- C:\WINDOWS\system32\msfeedssync.exe [08/22/2008 03:05 AM]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
HKCU-Run-ErrorRepairPro - C:\Documents and Settings\fsc\Bureau\ملف التنظيف\autostart.exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\fsc\Application Data\Mozilla\Firefox\Profiles\mvo83ejr.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://mystart.magentic.com/french/
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1070.1219\npCIDetect11.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM1.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM2.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM3.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM5.dll
FF -: plugin - C:\Program Files\Opera\program\plugins\NP_IDM6.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll
.
.
------- File Associations -------
.
txtfile=C:\WINDOWS\notepad.exe %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-10-16 14:38:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\DOCUME~1\fsc\LOCALS~1\Temp\RGI1.tmp 7136 bytes
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 10/16/2008 14:49:56 - machine was rebooted [fsc]
ComboFix-quarantined-files.txt 2008-10-16 12:49:28
Pre-Run: 39,113,195,520 octets libres
Post-Run: 39,041,085,440 octets libres
C:\WINDOWS\IE4 Error Log.txt
تأييد
0
وهذا الهايجال
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:10, on 16-10-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Documents and Settings\fsc\Bureau\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KON] C:\PROGRA~1\KON\KON\KON.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DesktopIconToy] C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\fsc\Application Data\CyberScrub\Privacy Suite"
O4 - HKCU\..\RunOnce: [ClearPageFileAtShutDown] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" -XP
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:10, on 16-10-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Documents and Settings\fsc\Bureau\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KON] C:\PROGRA~1\KON\KON\KON.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DesktopIconToy] C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\fsc\Application Data\CyberScrub\Privacy Suite"
O4 - HKCU\..\RunOnce: [ClearPageFileAtShutDown] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" -XP
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
تأييد
0
فارس الملاك
زيزوومى محترف
غير متصل
احذف هذه القيم
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - (no file)
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [KON] C:\PROGRA~1\KON\KON\KON.exe
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\fsc\Application Data\CyberScrub\Privacy Suite"
O4 - HKCU\..\RunOnce: [ClearPageFileAtShutDown] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" -XP
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
=================================
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
=O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: (no name) - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - (no file)
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar1.dll
O4 - HKLM\..\Run: [KON] C:\PROGRA~1\KON\KON\KON.exe
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\fsc\Application Data\CyberScrub\Privacy Suite"
O4 - HKCU\..\RunOnce: [ClearPageFileAtShutDown] "C:\Documents and Settings\fsc\Application Data\cleaner\CSPSeraser.exe" -XP
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
طريقة الحذف
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
=================================
بعدها عطنا النتائج
توقيع : فارس الملاك
تأييد
0
Al jNtEeL
زيزوومى فضى
- إنضم
- 1 نوفمبر 2007
- المشاركات
- 7,298
- مستوى التفاعل
- 66
- النقاط
- 840
- الإقامة
- |-Al Hilal Club-|
- الموقع الالكتروني
- www.zyzoom.org
غير متصل
تأييد
0
اخوك مبتداء في الاعلامية
ما اعرف كيف اصوره وبعدين شريط المهام موجود فاضي لايوجد
فيه اي اختصارات مثل تفعيل برنامج الحماية والصوت ليس موجودين في شريط المهام الذي تحت يعني شريط المهام موجود فيه فقط الساعة وابداء ولايمكن حتى الوصول اليهم بالماوس لان موشر الماوس كل ما اقرب الى الشريط يعطينا مشغول شكر اخي الغالي
ياريت تشفلي حل انا عندي بحث دكتوراة وخايف يضيع الملعومات
ما اعرف كيف اصوره وبعدين شريط المهام موجود فاضي لايوجد
فيه اي اختصارات مثل تفعيل برنامج الحماية والصوت ليس موجودين في شريط المهام الذي تحت يعني شريط المهام موجود فيه فقط الساعة وابداء ولايمكن حتى الوصول اليهم بالماوس لان موشر الماوس كل ما اقرب الى الشريط يعطينا مشغول شكر اخي الغالي
ياريت تشفلي حل انا عندي بحث دكتوراة وخايف يضيع الملعومات
تأييد
0