تثبيت التطبيق
كيفية تثبيت التطبيق على iOS
قم بمتابعة الفيديو أدناه لمعرفة كيفية تثبيت موقعنا كتطبيق ويب على الشاشة الرئيسية.
ملاحظة: قد لا تكون هذه الميزة متاحة في بعض المتصفحات.
أنت تستخدم أحد المتصفحات القديمة. قد لا يتم عرض هذا الموقع أو المواقع الأخرى بشكل صحيح.
يجب عليك ترقية متصفحك أو استخدام أحد المتصفحات البديلة.
يجب عليك ترقية متصفحك أو استخدام أحد المتصفحات البديلة.
- بادئ الموضوع mhsadk
- تاريخ البدء
- 832
من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفي
وهذا التقرير
ComboFix 08-10-16.06 - MOHAD 10/17/2008 5:26:53.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.1539 [GMT 3:00]
Running from: C:\Documents and Settings\MOHAD\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-09-17 to 2008-10-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-17 02:27 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Skype
2008-10-17 02:26 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\DMCache
2008-10-17 02:20 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-10-17 02:07 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\CyberScrub
2008-10-17 02:07 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\cleaner
2008-10-16 22:31 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\skypePM
2008-10-16 22:12 2,472 ----a-w C:\WINDOWS\system32\tmp.reg
2008-10-16 22:06 0 ----a-w C:\osy3.sys
2008-10-16 21:42 --------- d-----w C:\Program Files\IObit
2008-10-16 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-16 11:20 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Azureus
2008-10-15 16:58 102,278 --sh--r C:\pnt.com
2008-10-12 20:44 --------- d-----w C:\Program Files\MSN Messenger
2008-10-10 05:58 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe
2008-10-10 05:58 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-10-01 12:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-10-01 09:29 --------- d-----w C:\Program Files\Winferno
2008-10-01 09:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Winferno
2008-10-01 02:54 --------- d-----w C:\Program Files\NgrabLite
2008-09-20 16:22 --------- d-----w C:\Program Files\NOS
2008-09-20 16:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-09-17 23:37 361,600 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-09-17 22:33 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\PC Suite
2008-09-15 12:12 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-14 16:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-09-11 21:17 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\U3
2008-09-11 19:54 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Nokia
2008-09-11 19:53 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-09-11 19:53 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-11 19:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-09-11 19:52 --------- d-----w C:\Program Files\Nokia
2008-09-11 19:47 --------- d-----w C:\Program Files\MSBuild
2008-09-11 19:43 --------- d-----w C:\Program Files\Reference Assemblies
2008-09-11 19:35 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-11 19:35 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-11 19:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-09-11 19:33 --------- d-----w C:\Program Files\DIFX
2008-09-11 19:33 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-09-08 20:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-08 14:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-05 10:26 --------- d-----w C:\Program Files\CoreCodec
2008-09-05 10:15 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-26 07:24 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-21 08:48 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\IDM
2008-08-18 09:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-08-14 10:09 2,145,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 09:33 2,023,936 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-07-30 22:02 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-07-28 17:07 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-07-23 03:14 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-07-23 03:14 9,094,268 ----a-w C:\Program Files\converter58.zip
2008-07-23 03:14 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-07-23 03:14 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-07-23 03:14 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-07-23 03:14 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-07-23 03:14 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-07-23 03:14 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-07-23 03:14 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
.
------- Sigcheck -------
06/20/2008 02:59 PM 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
08/04/2004 12:14 AM 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
04/13/2008 10:20 PM 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
04/13/2008 10:20 PM 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\ServicePackFiles\i386\TCPIP.SYS
09/18/2008 02:37 AM 361600 2f8c2b6e052a4c6ec5575ea10f8e5191 C:\WINDOWS\system32\dllcache\TCPIP.SYS
09/18/2008 02:37 AM 361600 2f8c2b6e052a4c6ec5575ea10f8e5191 C:\WINDOWS\system32\drivers\TCPIP.SYS
.
((((((((((((((((((((((((((((( snapshot@Fri 10-17-2008_ 3.26.10.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-20 19:54:12 166,912 ----a-r C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2008-10-17 01:40:30 166,912 ----a-r C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2004-07-31 15:50:36 51,200 ----a-w C:\WINDOWS\system32\dumphive.exe
+ 2008-05-18 18:40:35 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
+ 2003-06-05 18:13:00 53,248 ----a-w C:\WINDOWS\system32\Process.exe
+ 2006-04-27 14:49:30 288,417 ----a-w C:\WINDOWS\system32\SrchSTS.exe
+ 2006-01-09 07:36:06 40,960 ----a-w C:\WINDOWS\system32\swsc.exe
+ 2007-09-05 21:22:23 289,144 ----a-w C:\WINDOWS\system32\VCCLSID.exe
+ 2007-10-03 21:36:46 25,600 ----a-w C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [05/30/2008 03:54 PM 21718312]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [09/26/2008 10:47 PM 5674352]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [10/11/2007 03:15 AM 802816]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [06/17/2008 04:00 PM 1249280]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [08/11/2008 08:31 AM 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/28/2007 07:43 PM 8466432]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [06/28/2007 07:43 PM 81920]
"nwiz"="nwiz.exe" [06/28/2007 07:43 PM 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [05/04/2005 04:43 AM 90112 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [05/04/2005 08:01 PM 2805248 C:\WINDOWS\ALCWZRD.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/14/2008 03:12 AM 110592 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AFProg]
--a------ 06/26/2006 05:26 AM 118784 C:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
--a------ 08/01/2006 05:04 PM 3305472 C:\Program Files\BearShare\BearShare.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 04/14/2008 03:12 AM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 10/11/2007 03:15 AM 802816 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 09/26/2008 10:47 PM 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 11:50 AM 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 06/10/2008 04:27 AM 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 07/31/2008 01:02 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
--a------ 08/25/2006 02:45 PM 803184 C:\Program Files\Save\Save.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
--------- 01/07/2005 05:07 PM 61952 C:\WINDOWS\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [01/24/2008 12:25 AM 27136]
S3 AVPsys;AVPsys;C:\WINDOWS\system32\drivers\tdi.sys [04/13/2008 10:00 PM 19072]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [08/29/2008 10:00 AM 33752]
.
s of the 'Scheduled Tasks' folder
2008-10-17 C:\WINDOWS\Tasks\PCConfidential.job
- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe []
2008-10-15 C:\WINDOWS\Tasks\rpc.job
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\MOHAD\Application Data\Mozilla\Firefox\Profiles\jowjlsnz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\npnul32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nprjplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-10-17 05:27:53
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 10/17/2008 5:28:36
ComboFix-quarantined-files.txt 2008-10-17 02:28:29
ComboFix2.txt 2008-10-17 00:26:30
Pre-Run: 13,763,878,912 bytes free
Post-Run: 13,750,226,944 bytes free
189
ComboFix 08-10-16.06 - MOHAD 10/17/2008 5:26:53.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.1539 [GMT 3:00]
Running from: C:\Documents and Settings\MOHAD\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-09-17 to 2008-10-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-17 02:27 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Skype
2008-10-17 02:26 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\DMCache
2008-10-17 02:20 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 5
2008-10-17 02:07 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\CyberScrub
2008-10-17 02:07 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\cleaner
2008-10-16 22:31 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\skypePM
2008-10-16 22:12 2,472 ----a-w C:\WINDOWS\system32\tmp.reg
2008-10-16 22:06 0 ----a-w C:\osy3.sys
2008-10-16 21:42 --------- d-----w C:\Program Files\IObit
2008-10-16 19:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-16 11:20 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Azureus
2008-10-15 16:58 102,278 --sh--r C:\pnt.com
2008-10-12 20:44 --------- d-----w C:\Program Files\MSN Messenger
2008-10-10 05:58 82,944 ----a-w C:\WINDOWS\system32\o4Patch.exe
2008-10-10 05:58 82,944 ----a-w C:\WINDOWS\system32\IEDFix.C.exe
2008-10-01 12:51 87,552 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-10-01 09:29 --------- d-----w C:\Program Files\Winferno
2008-10-01 09:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Winferno
2008-10-01 02:54 --------- d-----w C:\Program Files\NgrabLite
2008-09-20 16:22 --------- d-----w C:\Program Files\NOS
2008-09-20 16:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-09-17 23:37 361,600 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-09-17 22:33 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\PC Suite
2008-09-15 12:12 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-14 16:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-09-11 21:17 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\U3
2008-09-11 19:54 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\Nokia
2008-09-11 19:53 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-09-11 19:53 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-11 19:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-09-11 19:52 --------- d-----w C:\Program Files\Nokia
2008-09-11 19:47 --------- d-----w C:\Program Files\MSBuild
2008-09-11 19:43 --------- d-----w C:\Program Files\Reference Assemblies
2008-09-11 19:35 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-11 19:35 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-11 19:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-09-11 19:33 --------- d-----w C:\Program Files\DIFX
2008-09-11 19:33 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-09-08 20:38 88,576 ----a-w C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-09-08 14:36 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-05 10:26 --------- d-----w C:\Program Files\CoreCodec
2008-09-05 10:15 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-26 07:24 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-21 08:48 --------- d-----w C:\Documents and Settings\MOHAD\Application Data\IDM
2008-08-18 09:19 82,432 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-08-14 10:09 2,145,280 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 09:33 2,023,936 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-07-30 22:02 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-07-28 17:07 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-07-23 03:14 90,112 ----a-w C:\WINDOWS\system32\agsaami.dll
2008-07-23 03:14 9,094,268 ----a-w C:\Program Files\converter58.zip
2008-07-23 03:14 610,304 ----a-w C:\WINDOWS\system32\agsaamg.dll
2008-07-23 03:14 372,736 ----a-w C:\WINDOWS\system32\agsaamc.dll
2008-07-23 03:14 2,535,424 ----a-w C:\WINDOWS\system32\agsaamj.dll
2008-07-23 03:14 196,608 ----a-w C:\WINDOWS\system32\maag.dll
2008-07-23 03:14 1,986,560 ----a-w C:\WINDOWS\system32\akll.dll
2008-07-23 03:14 1,245,184 ----a-w C:\WINDOWS\system32\bkll.dll
2008-07-23 03:14 1,212,416 ----a-w C:\WINDOWS\system32\ckll.dll
.
------- Sigcheck -------
06/20/2008 02:59 PM 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
08/04/2004 12:14 AM 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
04/13/2008 10:20 PM 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
04/13/2008 10:20 PM 361344 93ea8d04ec73a85db02eb8805988f733 C:\WINDOWS\ServicePackFiles\i386\TCPIP.SYS
09/18/2008 02:37 AM 361600 2f8c2b6e052a4c6ec5575ea10f8e5191 C:\WINDOWS\system32\dllcache\TCPIP.SYS
09/18/2008 02:37 AM 361600 2f8c2b6e052a4c6ec5575ea10f8e5191 C:\WINDOWS\system32\drivers\TCPIP.SYS
.
((((((((((((((((((((((((((((( snapshot@Fri 10-17-2008_ 3.26.10.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-20 19:54:12 166,912 ----a-r C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2008-10-17 01:40:30 166,912 ----a-r C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2004-07-31 15:50:36 51,200 ----a-w C:\WINDOWS\system32\dumphive.exe
+ 2008-05-18 18:40:35 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
+ 2003-06-05 18:13:00 53,248 ----a-w C:\WINDOWS\system32\Process.exe
+ 2006-04-27 14:49:30 288,417 ----a-w C:\WINDOWS\system32\SrchSTS.exe
+ 2006-01-09 07:36:06 40,960 ----a-w C:\WINDOWS\system32\swsc.exe
+ 2007-09-05 21:22:23 289,144 ----a-w C:\WINDOWS\system32\VCCLSID.exe
+ 2007-10-03 21:36:46 25,600 ----a-w C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [05/30/2008 03:54 PM 21718312]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [09/26/2008 10:47 PM 5674352]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [10/11/2007 03:15 AM 802816]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" [06/17/2008 04:00 PM 1249280]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [08/11/2008 08:31 AM 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/28/2007 07:43 PM 8466432]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [06/28/2007 07:43 PM 81920]
"nwiz"="nwiz.exe" [06/28/2007 07:43 PM 1626112 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [05/04/2005 04:43 AM 90112 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [05/04/2005 08:01 PM 2805248 C:\WINDOWS\ALCWZRD.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [04/14/2008 03:12 AM 110592 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AFProg]
--a------ 06/26/2006 05:26 AM 118784 C:\Program Files\Hotspot Shield\AnchorFree\ctrl\AFController.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
--a------ 08/01/2006 05:04 PM 3305472 C:\Program Files\BearShare\BearShare.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 04/14/2008 03:12 AM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 10/11/2007 03:15 AM 802816 C:\Program Files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 09/26/2008 10:47 PM 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 11:50 AM 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 06/10/2008 04:27 AM 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 07/31/2008 01:02 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
--a------ 08/25/2006 02:45 PM 803184 C:\Program Files\Save\Save.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
--------- 01/07/2005 05:07 PM 61952 C:\WINDOWS\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [01/24/2008 12:25 AM 27136]
S3 AVPsys;AVPsys;C:\WINDOWS\system32\drivers\tdi.sys [04/13/2008 10:00 PM 19072]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [08/29/2008 10:00 AM 33752]
.
s of the 'Scheduled Tasks' folder
2008-10-17 C:\WINDOWS\Tasks\PCConfidential.job
- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe []
2008-10-15 C:\WINDOWS\Tasks\rpc.job
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\MOHAD\Application Data\Mozilla\Firefox\Profiles\jowjlsnz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\npnul32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nppl3260.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nprjplug.dll
FF -: plugin - C:\Program Files\Mozilla Firefox 3 Beta 5\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-10-17 05:27:53
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 10/17/2008 5:28:36
ComboFix-quarantined-files.txt 2008-10-17 02:28:29
ComboFix2.txt 2008-10-17 00:26:30
Pre-Run: 13,763,878,912 bytes free
Post-Run: 13,750,226,944 bytes free
189
تأييد
0
من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفي
وهذا الهايجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:30:42, on 17/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
c:\silver\autorun.exe
C:\silver\AutoPlay\Docs\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5880 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:30:42, on 17/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
c:\silver\autorun.exe
C:\silver\AutoPlay\Docs\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5880 bytes
تأييد
0