الحالة
مغلق و غير مفتوح للمزيد من الردود.

Mr.SaUdI

زيزوومي جديد
إنضم
22 أكتوبر 2008
المشاركات
939
مستوى التفاعل
7
النقاط
0
غير متصل
السلام عليكم ورحمة الله وبركاته

تقرير كمبوفيكس , وقبل التقرير سويت بحث بـ الكاسبر سكورتي والافاست

كود:
ComboFix 08-11-23.02 - SaUdI CaFfe 11/24/2008 19:20:51.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1256.1.1025.18.80 [GMT 3:00]
Running from: d:\برامج\برامج\ComboFix.exe
 * Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator.ATHEER2-A639511\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
c:\windows\artools.dll
c:\windows\IE4 Error Log.txt
c:\windows\system32\AutoRun.inf
c:\windows\system32\hpowiax3.dll
c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll

.
(((((((((((((((((((((((((   Files Created from 2008-10-24 to 2008-11-24  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-24 16:25    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\DMCache
2008-11-24 15:15    ---------    d---a-w    c:\documents and settings\All Users\Application Data\TEMP
2008-11-24 12:49    ---------    d-----w    c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-11-24 01:11    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\PC Suite
2008-11-23 05:59    ---------    d-----w    c:\program files\WebExe
2008-11-22 22:04    ---------    d-----w    c:\program files\TuneUp Utilities 2009
2008-11-22 21:58    ---------    d-sh--w    c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-11-22 21:51    ---------    d-----w    c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-22 17:52    ---------    d-----w    c:\program files\G-Lock Software
2008-11-22 17:52    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\G-Lock Software
2008-11-22 12:27    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Uniblue
2008-11-22 11:47    ---------    d--h--w    c:\program files\InstallShield Installation Information
2008-11-21 14:30    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Media Player Classic
2008-11-20 11:23    0    ---ha-w    c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-11-20 11:22    0    ---ha-w    c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-20 05:31    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Nokia
2008-11-20 05:24    ---------    d-----w    c:\program files\Nokia
2008-11-20 05:24    ---------    d-----w    c:\program files\Common Files\PCSuite
2008-11-20 05:24    ---------    d-----w    c:\program files\Common Files\Nokia
2008-11-20 05:23    ---------    d-----w    c:\program files\PC Connectivity Solution
2008-11-20 05:21    ---------    d-----w    c:\documents and settings\All Users\Application Data\Installations
2008-11-17 13:23    ---------    d-----w    c:\program files\Flash Memory Toolkit
2008-11-15 08:44    ---------    d-----w    c:\documents and settings\All Users\Application Data\Avira
2008-11-15 00:40    ---------    d-----w    c:\program files\Allok RM RMVB to AVI MPEG DVD Converter
2008-11-14 20:55    164    ----a-w    C:\install.dat
2008-11-14 14:59    ---------    d-----w    c:\program files\Alwil Software
2008-11-14 11:35    ---------    d-----w    c:\program files\MSXML 4.0
2008-11-13 16:28    ---------    d-----w    c:\program files\Real_SC
2008-11-13 15:58    ---------    d-----w    c:\program files\RM to MP3 Converter
2008-11-13 15:24    ---------    d-----w    c:\program files\Free Audio Pack
2008-11-13 15:22    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Search Settings
2008-11-13 15:18    ---------    d-----w    c:\program files\Search Settings
2008-11-13 11:39    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\IDM
2008-11-09 15:03    ---------    d-----w    c:\program files\Scratch
2008-11-09 05:58    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\COWON
2008-11-09 05:55    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\ACD Systems
2008-11-08 13:29    ---------    d-----w    c:\program files\Internet Download Manager
2008-11-06 13:10    ---------    d-----w    c:\documents and settings\All Users\Application Data\HPSSUPPLY
2008-11-03 21:10    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\HP
2008-11-03 21:10    ---------    d-----w    c:\documents and settings\All Users\Application Data\HP
2008-11-03 15:15    ---------    d-----w    c:\documents and settings\All Users\Application Data\WEBREG
2008-11-03 15:12    ---------    d-----w    c:\program files\HP
2008-11-03 15:11    ---------    d-----w    c:\program files\Hewlett-Packard
2008-11-03 15:11    ---------    d-----w    c:\program files\Common Files\HP
2008-11-03 15:11    ---------    d-----w    c:\program files\Common Files\Hewlett-Packard
2008-11-03 15:11    ---------    d-----w    c:\documents and settings\All Users\Application Data\HP Product Assistant
2008-11-03 15:08    ---------    d-----w    c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-11-03 07:19    ---------    d-----w    c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-02 00:02    ---------    d-----w    c:\program files\QuickTime
2008-11-02 00:01    ---------    d-----w    c:\program files\Common Files\Apple
2008-11-02 00:01    ---------    d-----w    c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-02 00:00    ---------    d-----w    c:\program files\Apple Software Update
2008-11-02 00:00    ---------    d-----w    c:\documents and settings\All Users\Application Data\Apple
2008-11-01 22:23    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\DivX
2008-10-31 18:13    ---------    d-----w    c:\program files\Common Files\xing shared
2008-10-31 18:13    ---------    d-----w    c:\program files\Common Files\Real
2008-10-30 22:09    ---------    d-----w    c:\program files\Messenger Plus! Live
2008-10-26 22:25    ---------    d-----w    c:\program files\MSN Messenger
2008-10-26 21:53    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\TuneUp Software
2008-10-26 15:07    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\PC Suite
2008-10-26 01:31    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\COWON
2008-10-26 00:38    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\ACD Systems
2008-10-25 15:14    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\DivX
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNRecode.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroVision.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroShowTime.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroMediaHome.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroBackItUp.exe
2008-10-25 02:01    73,216    ----a-w    c:\windows\ST6UNST.EXE
2008-10-25 02:01    6,656    ----a-w    c:\windows\delttsul.exe
2008-10-25 02:01    47,104    ----a-w    c:\windows\AKDeInstall.exe
2008-10-25 02:01    46,592    ----a-w    c:\windows\setdebug.exe
2008-10-25 02:01    241,664    ----a-w    c:\windows\NuNInst.exe
2008-10-25 01:25    ---------    d-----w    c:\program files\JetAudio
2008-10-25 01:25    ---------    d-----w    c:\program files\ClocX
2008-10-24 19:52    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\TuneUp Software
2008-10-24 11:21    455,296    ----a-w    c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 13:24    ---------    d-----w    c:\program files\Java
2008-10-21 19:21    ---------    d-----w    c:\program files\Common Files\LightScribe
2008-10-21 16:01    ---------    d-----w    c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-19 17:09    ---------    d-----w    c:\documents and settings\All Users\Application Data\Microsoft Corporation
2008-10-17 22:47    ---------    d-----w    c:\program files\Paltalk Messenger
2008-10-16 21:30    ---------    d-----w    c:\program files\Ace Utilities
2008-10-15 16:10    ---------    d-----w    c:\program files\Microsoft Windows OneCare Live
2008-10-14 06:24    ---------    d-----w    c:\documents and settings\All Users\Application Data\LightScribe
2008-10-13 15:17    ---------    d-----w    c:\program files\Microsoft Works
2008-10-13 07:22    ---------    d-----w    c:\documents and settings\All Users\Application Data\TuneUp Software
2008-10-13 01:04    ---------    d-----w    c:\program files\Common Files\NSV
2008-10-12 23:48    ---------    dcsh--w    c:\program files\Common Files\WindowsLiveInstaller
2008-10-12 23:12    ---------    d-----w    c:\program files\Windows Live
2008-10-12 18:20    ---------    d-----w    c:\program files\Common Files\Ahead
2008-10-12 18:20    ---------    d-----w    c:\documents and settings\All Users\Application Data\Ahead
2008-10-12 18:17    ---------    d-----w    c:\program files\Nero
2008-10-12 18:17    ---------    d-----w    c:\documents and settings\All Users\Application Data\Nero
2008-10-12 17:58    ---------    d-----w    c:\program files\Macromedia
2008-10-12 17:58    ---------    d-----w    c:\program files\Common Files\InstallShield
2008-10-12 17:57    ---------    d-----w    c:\program files\Common Files\Adobe
2008-10-12 17:28    ---------    d-----w    c:\program files\DIFX
2008-10-12 17:28    ---------    d-----w    c:\documents and settings\All Users\Application Data\PC Suite
2008-10-12 17:25    ---------    d-----w    c:\documents and settings\All Users\Application Data\WinZip
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [10/28/2008 02:39 PM 2606512]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [10/02/2008 07:00 AM 1124352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [10/31/2008 09:13 PM 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 06:59 PM 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalStart.lnk]
backup=c:\windows\pss\PalStart.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 10/24/2008 11:12 PM 155648 c:\program files\Common Files\Ahead\Lib\nmbgmonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--a------ 10/24/2008 11:13 PM 1057280 c:\program files\Nero\Nero 7\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 10/24/2008 11:56 PM 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
--a------ 10/25/2008 04:59 AM 1629696 c:\program files\Nero\Nero 7\InCD\NBHGui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 10/24/2008 11:12 PM 843776 c:\program files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 10/31/2008 09:13 PM 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe"  -osboot
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-24 110160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-24 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2008-11-23 603904]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe -k netsvcs [2004-08-04 14336]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [2008-11-23 362240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
s of the 'Scheduled Tasks' folder

2008-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 12:34 PM]
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-LightScribe Control Panel - c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\SaUdI CaFfe\Application Data\Mozilla\Firefox\Profiles\kg7qiwql.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://ar.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:ar:official
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [URL="http://www.gmer.net/"]http://www.gmer.net[/URL]
Rootkit scan 2008-11-24 19:24:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\WgaLogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 11/24/2008 19:29:37 - machine was rebooted
ComboFix-quarantined-files.txt  2008-11-24 16:28:25

Pre-Run: 16,972,775,424 bytes free
Post-Run: 17,212,837,888 bytes free

243    --- E O F ---    2008-11-22 21:18:32

وجزاكم الله الف خير
 

توقيع : Mr.SaUdI
اخوي ماكس

حاولت اسوي فحص على البت ديفندر لكنه يطول جلس معي فووووووق 3 ساعات ولاطلعت بنتيجة فحص
وبالنسبه لاداة الكمبوفكس لما استخدمتها اول مرهـ عطلت عندي الكاسبر وصارت تجيني تقارير على سطح المكتب وهذا عنوانها
hs_err_pid3916.log

اي موقع تنصحني استخدم للسكان فايروس

بإنتظارك
 
توقيع : Mr.SaUdI
اخوي ماكس هذا تقرير الهايجاك

كود:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:27:25 م, on 02/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
I:\Zyzoom_HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.live.com/9uxp9en-us/hpg_lnk2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.87:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.0.0.138
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1223853490796
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 8321 bytes
 
توقيع : Mr.SaUdI
اخوي ماكس التقرير الاول

كود:
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6372e0f0, pid=2108, tid=1860
#
# Java VM: Java HotSpot(TM) Client VM (11.0-b15 mixed mode, sharing windows-x86)
# Problematic frame:
# C  [mshtml.dll+0x1ae0f0]
#
# If you would like to submit a bug report, please visit:
#   [URL]http://java.sun.com/webapps/bugreport/crash.jsp[/URL]
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#
---------------  T H R E A D  ---------------
Current thread (0x0ae59400):  JavaThread "Thread-0" [_thread_in_native, id=1860, stack(0x0b350000,0x0b450000)]
siginfo: ExceptionCode=0xc0000005, reading address 0x000000cc
Registers:
EAX=0x00000000, EBX=0x00000000, ECX=0x00000024, EDX=0x269b5ba0
ESP=0x0b44fa38, EBP=0x0b44fa50, ESI=0x03c96b20, EDI=0x7c8097d0
EIP=0x6372e0f0, EFLAGS=0x00010246
Top of Stack: (sp=0x0b44fa38)
0x0b44fa38:   00000000 03c96b20 269ae7e0 6373f030
0x0b44fa48:   03c96b20 00000000 0b44fa64 6373e445
0x0b44fa58:   03c96b20 0ae59400 269ae7e0 0b44fa70
0x0b44fa68:   63751dba 03c96b20 0b44fabc 6d412fa4
0x0b44fa78:   03c96b34 08289d11 0ae59514 0b44fac4
0x0b44fa88:   03c96b34 00000000 00000006 00000008
0x0b44fa98:   0ae59400 0b44fa9c 00000000 0b44fad0
0x0b44faa8:   269b5ba0 00000000 269ae7e0 00000000 
Instructions: (pc=0x6372e0f0)
0x6372e0e0:   fc 2c a7 63 8b 3d 70 13 58 63 8b f1 ff d7 33 db
0x6372e0f0:   39 98 cc 00 00 00 74 1f ff 35 fc 2c a7 63 ff d7 
 
Stack: [0x0b350000,0x0b450000],  sp=0x0b44fa38,  free space=1022k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [mshtml.dll+0x1ae0f0]
C  [mshtml.dll+0x1be445]
C  [mshtml.dll+0x1d1dba]
C  [jp2iexp.dll+0x2fa4]
j  sun.plugin2.main.server.IExplorerPlugin.Release(Lsun/plugin2/liveconnect/BrowserSide;)V+4
j  sun.plugin2.main.server.LiveConnectSupport$PerPluginInfo.releaseAlls()V+34
j  sun.plugin2.main.server.LiveConnectSupport.shutdown(I)V+42
j  sun.plugin2.main.server.JVMInstance.unregisterApplet(I)V+63
j  sun.plugin2.main.server.JVMInstance.dispose()V+67
j  sun.plugin2.main.server.JVMInstance.access$2600(Lsun/plugin2/main/server/JVMInstance;)V+1
j  sun.plugin2.main.server.JVMInstance$Listener.jvmExited(Lsun/plugin2/jvm/JVMLauncher;)V+86
j  sun.plugin2.jvm.JVMLauncher.fireJVMExited()V+31
j  sun.plugin2.jvm.JVMLauncher.access$300(Lsun/plugin2/jvm/JVMLauncher;)V+1
j  sun.plugin2.jvm.JVMLauncher$JVMWatcher.run()V+50
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j  sun.plugin2.main.server.IExplorerPlugin.iUnknownRelease(J)V+0
j  sun.plugin2.main.server.IExplorerPlugin.Release(Lsun/plugin2/liveconnect/BrowserSide;)V+4
j  sun.plugin2.main.server.LiveConnectSupport$PerPluginInfo.releaseAlls()V+34
j  sun.plugin2.main.server.LiveConnectSupport.shutdown(I)V+42
j  sun.plugin2.main.server.JVMInstance.unregisterApplet(I)V+63
j  sun.plugin2.main.server.JVMInstance.dispose()V+67
j  sun.plugin2.main.server.JVMInstance.access$2600(Lsun/plugin2/main/server/JVMInstance;)V+1
j  sun.plugin2.main.server.JVMInstance$Listener.jvmExited(Lsun/plugin2/jvm/JVMLauncher;)V+86
j  sun.plugin2.jvm.JVMLauncher.fireJVMExited()V+31
j  sun.plugin2.jvm.JVMLauncher.access$300(Lsun/plugin2/jvm/JVMLauncher;)V+1
j  sun.plugin2.jvm.JVMLauncher$JVMWatcher.run()V+50
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub
---------------  P R O C E S S  ---------------
Java Threads: ( => current thread )
  0x0ae62400 JavaThread "JRE 1.6.0.10 Heartbeat Thread" [_thread_blocked, id=4000, stack(0x0b750000,0x0b850000)]
=>0x0ae59400 JavaThread "Thread-0" [_thread_in_native, id=1860, stack(0x0b350000,0x0b450000)]
  0x0a447800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2524, stack(0x0ad10000,0x0ae10000)]
  0x0a3c5800 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=1124, stack(0x0aaa0000,0x0aba0000)]
  0x0a3bc800 JavaThread "CompilerThread0" daemon [_thread_blocked, id=3984, stack(0x0a9a0000,0x0aaa0000)]
  0x0a3bb000 JavaThread "Attach Listener" daemon [_thread_blocked, id=3296, stack(0x0a8a0000,0x0a9a0000)]
  0x0a3b9c00 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3652, stack(0x0a7a0000,0x0a8a0000)]
  0x0a373c00 JavaThread "Finalizer" daemon [_thread_blocked, id=2128, stack(0x0a6a0000,0x0a7a0000)]
  0x0a372800 JavaThread "Reference Handler" daemon [_thread_blocked, id=3764, stack(0x0a5a0000,0x0a6a0000)]
  0x0405a400 JavaThread "main" [_thread_in_native, id=2624, stack(0x01ea0000,0x01fa0000)]
Other Threads:
  0x0a370c00 VMThread [stack: 0x0a4a0000,0x0a5a0000] [id=2488]
  0x0a3c7c00 WatcherThread [stack: 0x0aba0000,0x0aca0000] [id=744]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
 def new generation   total 960K, used 356K [0x25990000, 0x25a90000, 0x25ac0000)
  eden space 896K,  32% used [0x25990000, 0x259d9210, 0x25a70000)
  from space 64K, 100% used [0x25a80000, 0x25a90000, 0x25a90000)
  to   space 64K,   0% used [0x25a70000, 0x25a70000, 0x25a80000)
 tenured generation   total 4096K, used 300K [0x25ac0000, 0x25ec0000, 0x26990000)
   the space 4096K,   7% used [0x25ac0000, 0x25b0b128, 0x25b0b200, 0x25ec0000)
 compacting perm gen  total 12288K, used 1360K [0x26990000, 0x27590000, 0x2a990000)
   the space 12288K,  11% used [0x26990000, 0x26ae4278, 0x26ae4400, 0x27590000)
    ro space 8192K,  63% used [0x2a990000, 0x2aea3b20, 0x2aea3c00, 0x2b190000)
    rw space 12288K,  53% used [0x2b190000, 0x2b7f7f38, 0x2b7f8000, 0x2bd90000)
Dynamic libraries:
0x00400000 - 0x0049c000  C:\Program Files\internet explorer\iexplore.exe
0x7c950000 - 0x7c9fa000  C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c950000  C:\WINDOWS\system32\kernel32.dll
0x77f50000 - 0x77ffb000  C:\WINDOWS\system32\ADVAPI32.dll
0x77d60000 - 0x77df2000  C:\WINDOWS\system32\RPCRT4.dll
0x77ed0000 - 0x77ee1000  C:\WINDOWS\system32\Secur32.dll
0x77cd0000 - 0x77d60000  C:\WINDOWS\system32\USER32.dll
0x77e00000 - 0x77e49000  C:\WINDOWS\system32\GDI32.dll
0x77ba0000 - 0x77bf8000  C:\WINDOWS\system32\msvcrt.dll
0x77e50000 - 0x77ec6000  C:\WINDOWS\system32\SHLWAPI.dll
0x7ca00000 - 0x7d213000  C:\WINDOWS\system32\SHELL32.dll
0x77470000 - 0x775ad000  C:\WINDOWS\system32\ole32.dll
0x5dca0000 - 0x5de55000  C:\WINDOWS\system32\iertutil.dll
0x1a400000 - 0x1a52b000  C:\WINDOWS\system32\urlmon.dll
0x770b0000 - 0x7713b000  C:\WINDOWS\system32\OLEAUT32.dll
0x762e0000 - 0x762fd000  C:\WINDOWS\system32\IMM32.DLL
0x62eb0000 - 0x62eb9000  C:\WINDOWS\system32\LPK.DLL
0x74cd0000 - 0x74d3b000  C:\WINDOWS\system32\USP10.dll
0x77360000 - 0x77463000  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x5d540000 - 0x5d5da000  C:\WINDOWS\system32\comctl32.dll
0x01120000 - 0x01c92000  C:\WINDOWS\system32\IEFRAME.dll
0x5b1f0000 - 0x5b228000  C:\WINDOWS\system32\UxTheme.dll
0x76300000 - 0x76368000  C:\WINDOWS\system32\comdlg32.dll
0x74660000 - 0x746ac000  C:\WINDOWS\system32\MSCTF.dll
0x65780000 - 0x657a3000  C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
0x77880000 - 0x77973000  C:\WINDOWS\system32\SETUPAPI.dll
0x01fa0000 - 0x0251b000  C:\WINDOWS\system32\xpsp2res.dll
0x76f60000 - 0x76fdf000  C:\WINDOWS\system32\CLBCATQ.DLL
0x76fe0000 - 0x7709f000  C:\WINDOWS\system32\COMRes.dll
0x77b90000 - 0x77b98000  C:\WINDOWS\system32\VERSION.dll
0x02720000 - 0x02763000  C:\Program Files\Internet Explorer\ieproxy.dll
0x63000000 - 0x630dc000  C:\WINDOWS\system32\WININET.dll
0x02880000 - 0x02889000  C:\WINDOWS\system32\Normaliz.dll
0x719f0000 - 0x71a07000  C:\WINDOWS\system32\ws2_32.dll
0x719e0000 - 0x719e8000  C:\WINDOWS\system32\WS2HELP.dll
0x771e0000 - 0x77202000  C:\WINDOWS\system32\appHelp.dll
0x76e70000 - 0x76eac000  C:\WINDOWS\system32\RASAPI32.dll
0x76e20000 - 0x76e32000  C:\WINDOWS\system32\rasman.dll
0x59550000 - 0x595a5000  C:\WINDOWS\system32\NETAPI32.dll
0x76e40000 - 0x76e6f000  C:\WINDOWS\system32\TAPI32.dll
0x76e10000 - 0x76e1e000  C:\WINDOWS\system32\rtutils.dll
0x76ab0000 - 0x76add000  C:\WINDOWS\system32\WINMM.dll
0x76930000 - 0x769e4000  C:\WINDOWS\system32\USERENV.dll
0x77c90000 - 0x77cb4000  C:\WINDOWS\system32\msv1_0.dll
0x76cf0000 - 0x76d09000  C:\WINDOWS\system32\iphlpapi.dll
0x72220000 - 0x72225000  C:\WINDOWS\system32\sensapi.dll
0x71990000 - 0x719cf000  C:\WINDOWS\system32\mswsock.dll
0x69830000 - 0x69887000  C:\WINDOWS\system32\hnetcfg.dll
0x719d0000 - 0x719d8000  C:\WINDOWS\System32\wshtcpip.dll
0x76f50000 - 0x76f56000  C:\WINDOWS\system32\rasadhlp.dll
0x76eb0000 - 0x76ed7000  C:\WINDOWS\system32\DNSAPI.dll
0x76f40000 - 0x76f48000  C:\WINDOWS\System32\winrnr.dll
0x76ef0000 - 0x76f1c000  C:\WINDOWS\system32\WLDAP32.dll
0x75c70000 - 0x75d01000  C:\WINDOWS\system32\MLANG.dll
0x753e0000 - 0x7540e000  C:\WINDOWS\system32\msctfime.ime
0x7e640000 - 0x7e6f0000  C:\WINDOWS\system32\SXS.DLL
0x71cb0000 - 0x71ccb000  C:\WINDOWS\system32\actxprxy.dll
0x63580000 - 0x63af2000  C:\WINDOWS\system32\mshtml.dll
0x035f0000 - 0x03619000  C:\WINDOWS\system32\msls31.dll
0x76b60000 - 0x76b6b000  C:\WINDOWS\system32\PSAPI.DLL
0x72ea0000 - 0x72f0f000  C:\WINDOWS\system32\ieapfltr.dll
0x779e0000 - 0x77a75000  C:\WINDOWS\system32\CRYPT32.dll
0x77a80000 - 0x77a92000  C:\WINDOWS\system32\MSASN1.dll
0x10000000 - 0x10007000  C:\Program Files\Internet Download Manager\idmmkb.dll
0x74630000 - 0x7465a000  C:\WINDOWS\system32\msimtf.dll
0x65700000 - 0x65718000  C:\Program Files\Alwil Software\Avast4\AhAScr.dll
0x65000000 - 0x65038000  C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll
0x65100000 - 0x65109000  C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll
0x7c340000 - 0x7c396000  C:\WINDOWS\system32\MSVCR71.dll
0x64500000 - 0x64538000  C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll
0x71a10000 - 0x71a19000  C:\WINDOWS\system32\WSOCK32.dll
0x7c3a0000 - 0x7c41b000  C:\WINDOWS\system32\MSVCP71.dll
0x64000000 - 0x64016000  C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll
0x64080000 - 0x640a0000  C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll
0x64100000 - 0x6412f000  C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll
0x64800000 - 0x6481d000  C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll
0x64580000 - 0x64622000  C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll
0x04060000 - 0x040d1000  C:\WINDOWS\system32\jscript.dll
0x748c0000 - 0x749d4000  C:\WINDOWS\system32\msxml3.dll
0x04740000 - 0x0474f000  C:\WINDOWS\system32\privacie.dll
0x47060000 - 0x47081000  C:\WINDOWS\system32\XmlLite.dll
0x76bc0000 - 0x76bee000  C:\WINDOWS\system32\wintrust.dll
0x76c20000 - 0x76c48000  C:\WINDOWS\system32\IMAGEHLP.dll
0x76760000 - 0x76787000  C:\WINDOWS\system32\schannel.dll
0x04290000 - 0x042c0000  C:\WINDOWS\system32\iepeers.dll
0x72f50000 - 0x72f76000  C:\WINDOWS\system32\WINSPOOL.DRV
0x72c70000 - 0x72c79000  C:\WINDOWS\system32\wdmaud.drv
0x72c60000 - 0x72c68000  C:\WINDOWS\system32\msacm32.drv
0x77b70000 - 0x77b85000  C:\WINDOWS\system32\MSACM32.dll
0x77b60000 - 0x77b67000  C:\WINDOWS\system32\midimap.dll
0x1b000000 - 0x1b00c000  C:\WINDOWS\system32\ImgUtil.dll
0x1b060000 - 0x1b06e000  C:\WINDOWS\system32\pngfilt.dll
0x68000000 - 0x68036000  C:\WINDOWS\system32\rsaenh.dll
0x4c910000 - 0x4cab6000  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\gdiplus.dll
0x73b10000 - 0x73b16000  C:\WINDOWS\system32\dciman32.dll
0x30000000 - 0x303af000  C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
0x6d930000 - 0x6d93a000  C:\WINDOWS\system32\ddrawex.dll
0x736b0000 - 0x736fb000  C:\WINDOWS\system32\DDRAW.dll
0x6d410000 - 0x6d42c000  C:\Program Files\Java\jre6\bin\jp2iexp.dll
0x07fe0000 - 0x08236000  C:\PROGRA~1\Java\jre6\bin\client\jvm.dll
0x6d280000 - 0x6d288000  C:\PROGRA~1\Java\jre6\bin\hpi.dll
0x6d7b0000 - 0x6d7bc000  C:\PROGRA~1\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000  C:\PROGRA~1\Java\jre6\bin\java.dll
0x6d7f0000 - 0x6d7ff000  C:\PROGRA~1\Java\jre6\bin\zip.dll
0x6d430000 - 0x6d436000  C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1c0000 - 0x6d1d3000  C:\Program Files\Java\jre6\bin\deploy.dll
0x0aca0000 - 0x0acf6000  C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d610000 - 0x6d623000  C:\Program Files\Java\jre6\bin\net.dll
0x6d630000 - 0x6d639000  C:\Program Files\Java\jre6\bin\nio.dll
0x6d6b0000 - 0x6d6f2000  C:\Program Files\Java\jre6\bin\regutils.dll
0x7d220000 - 0x7d4dc000  C:\WINDOWS\system32\msi.dll
0x6d000000 - 0x6d138000  C:\Program Files\Java\jre6\bin\awt.dll
0x7d4f0000 - 0x7d512000  C:\WINDOWS\system32\DHCPCSVC.DLL
0x77c50000 - 0x77c83000  C:\WINDOWS\system32\netman.dll
0x76cd0000 - 0x76ce8000  C:\WINDOWS\system32\MPRAPI.dll
0x77ef0000 - 0x77f22000  C:\WINDOWS\system32\ACTIVEDS.dll
0x76da0000 - 0x76dc5000  C:\WINDOWS\system32\adsldpc.dll
0x76a90000 - 0x76aa1000  C:\WINDOWS\system32\ATL.DLL
0x71b60000 - 0x71b73000  C:\WINDOWS\system32\SAMLIB.dll
0x76370000 - 0x76513000  C:\WINDOWS\system32\netshell.dll
0x76b70000 - 0x76bb6000  C:\WINDOWS\system32\credui.dll
0x615a0000 - 0x615aa000  C:\WINDOWS\system32\dot3api.dll
0x74580000 - 0x74586000  C:\WINDOWS\system32\dot3dlg.dll
0x61e10000 - 0x61e38000  C:\WINDOWS\system32\OneX.DLL
0x76ee0000 - 0x76ee8000  C:\WINDOWS\system32\WTSAPI32.dll
0x762b0000 - 0x762c0000  C:\WINDOWS\system32\WINSTA.dll
0x470c0000 - 0x470e2000  C:\WINDOWS\system32\eappcfg.dll
0x75fd0000 - 0x76035000  C:\WINDOWS\system32\MSVCP60.dll
VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar -Xmx16m -Djava.awt.headless=true -Dkernel.background.download=false -Dkernel.download.dialog=false -XX:MaxDirectMemorySize=64m 
java_command: <unknown>
Launcher Type: generic
Environment Variables:
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
USERNAME=SaUdI CaFfe
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
 
---------------  S Y S T E M  ---------------
OS: Windows XP Build 2600 Service Pack 3
CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 15 stepping 2, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3
Memory: 4k page, physical 489372k(78648k free), swap 1148064k(666128k free)
vm_info: Java HotSpot(TM) Client VM (11.0-b15) for windows-x86 JRE (1.6.0_10-b33), built on Sep 26 2008 01:00:43 by "java_re" with MS VC++ 7.1
time: Sat Nov 29 13:59:00 2008
elapsed time: 63 seconds

التقرير الثاني

كود:
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d06fe12, pid=3556, tid=4028
#
# Java VM: Java HotSpot(TM) Client VM (11.0-b15 mixed mode, sharing windows-x86)
# Problematic frame:
# C  [awt.dll+0x6fe12]
#
# If you would like to submit a bug report, please visit:
#   [URL]http://java.sun.com/webapps/bugreport/crash.jsp[/URL]
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#
---------------  T H R E A D  ---------------
Current thread (0x02fcdc00):  JavaThread "AWT-Windows" daemon [_thread_in_native, id=4028, stack(0x03430000,0x03480000)]
siginfo: ExceptionCode=0xc0000005, reading address 0x00000044
Registers:
EAX=0x00000000, EBX=0x00000001, ECX=0x00000000, EDX=0x00000000
ESP=0x0347f914, EBP=0x0347f94c, ESI=0x02fcdd14, EDI=0x00000000
EIP=0x6d06fe12, EFLAGS=0x00010246
Top of Stack: (sp=0x0347f914)
0x0347f914:   00009813 02fcdd14 6d096b47 00000000
0x0347f924:   0347f9b4 6d096710 00000000 7c961440
0x0347f934:   7c9613c1 02fcdd14 0347f924 0347f9d0
0x0347f944:   6d0b9f18 00000001 0347f978 77cd8734
0x0347f954:   002203d2 00009813 000d0344 00000000
0x0347f964:   6d096710 dcbaabcd 00000000 0347f9b4
0x0347f974:   6d096710 0347f9e0 77cd8816 6d096710
0x0347f984:   002203d2 00009813 000d0344 00000000 
Instructions: (pc=0x6d06fe12)
0x6d06fe02:   ce e8 c8 be 00 00 8b b6 80 01 00 00 85 f6 75 03
0x6d06fe12:   8b 77 44 8b 44 24 0c 50 56 e8 78 7f 04 00 5f 5e 
 
Stack: [0x03430000,0x03480000],  sp=0x0347f914,  free space=318k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [awt.dll+0x6fe12]
C  [USER32.dll+0x8734]
C  [USER32.dll+0x8816]
C  [USER32.dll+0x18ea0]
C  [USER32.dll+0x18eec]
C  [ntdll.dll+0xe453]
C  [USER32.dll+0x9402]
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j  sun.awt.windows.WToolkit.eventLoop()V+0
j  sun.awt.windows.WToolkit.run()V+69
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub
---------------  P R O C E S S  ---------------
Java Threads: ( => current thread )
  0x03199000 JavaThread "D3D Screen Updater" daemon [_thread_blocked, id=444, stack(0x03a30000,0x03a80000)]
  0x0317e800 JavaThread "thread applet-doook.DoookNetApplet-1" [_thread_blocked, id=2148, stack(0x039e0000,0x03a30000)]
  0x03175800 JavaThread "AWT-EventQueue-2" [_thread_in_native, id=3300, stack(0x03970000,0x039c0000)]
  0x02fd2400 JavaThread "Applet 1 LiveConnect Worker Thread" [_thread_blocked, id=1616, stack(0x03530000,0x03580000)]
  0x02fe7800 JavaThread "Browser Side  Cleanup Thread" [_thread_blocked, id=3660, stack(0x03920000,0x03970000)]
  0x02ff4400 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=664, stack(0x03670000,0x036c0000)]
  0x02ff6000 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=2956, stack(0x03620000,0x03670000)]
  0x02fd3800 JavaThread "Java Plug-In Heartbeat Thread" [_thread_blocked, id=1724, stack(0x03290000,0x032e0000)]
  0x02fcf400 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=1192, stack(0x034e0000,0x03530000)]
=>0x02fcdc00 JavaThread "AWT-Windows" daemon [_thread_in_native, id=4028, stack(0x03430000,0x03480000)]
  0x02fcc400 JavaThread "AWT-Shutdown" [_thread_blocked, id=3904, stack(0x033e0000,0x03430000)]
  0x02fc7800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=1248, stack(0x03390000,0x033e0000)]
  0x02fc6c00 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" [_thread_in_native, id=1808, stack(0x032f0000,0x03340000)]
  0x02fbb800 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=136, stack(0x03200000,0x03250000)]
  0x02fbe800 JavaThread "Timer-0" [_thread_blocked, id=720, stack(0x031b0000,0x03200000)]
  0x02ad2c00 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=2576, stack(0x02d40000,0x02d90000)]
  0x02ac9c00 JavaThread "CompilerThread0" daemon [_thread_blocked, id=2504, stack(0x02cf0000,0x02d40000)]
  0x02ac8400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2760, stack(0x02ca0000,0x02cf0000)]
  0x02ac7000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=396, stack(0x02c50000,0x02ca0000)]
  0x02a80800 JavaThread "Finalizer" daemon [_thread_blocked, id=3756, stack(0x02c00000,0x02c50000)]
  0x02a7f000 JavaThread "Reference Handler" daemon [_thread_blocked, id=3304, stack(0x02bb0000,0x02c00000)]
  0x002b6800 JavaThread "main" [_thread_blocked, id=2172, stack(0x008c0000,0x00910000)]
Other Threads:
  0x02a7d800 VMThread [stack: 0x02b60000,0x02bb0000] [id=4024]
  0x02ad4400 WatcherThread [stack: 0x02d90000,0x02de0000] [id=3216]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
 def new generation   total 960K, used 25K [0x22990000, 0x22a90000, 0x22e70000)
  eden space 896K,   2% used [0x22990000, 0x22996440, 0x22a70000)
  from space 64K,   0% used [0x22a70000, 0x22a70000, 0x22a80000)
  to   space 64K,   0% used [0x22a80000, 0x22a80000, 0x22a90000)
 tenured generation   total 4096K, used 1057K [0x22e70000, 0x23270000, 0x26990000)
   the space 4096K,  25% used [0x22e70000, 0x22f78750, 0x22f78800, 0x23270000)
 compacting perm gen  total 12288K, used 3295K [0x26990000, 0x27590000, 0x2a990000)
   the space 12288K,  26% used [0x26990000, 0x26cc7f88, 0x26cc8000, 0x27590000)
    ro space 8192K,  63% used [0x2a990000, 0x2aea3b20, 0x2aea3c00, 0x2b190000)
    rw space 12288K,  53% used [0x2b190000, 0x2b7f7f38, 0x2b7f8000, 0x2bd90000)
Dynamic libraries:
0x00400000 - 0x00424000  C:\Program Files\Java\jre6\bin\java.exe
0x7c950000 - 0x7c9fa000  C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c950000  C:\WINDOWS\system32\kernel32.dll
0x77f50000 - 0x77ffb000  C:\WINDOWS\system32\ADVAPI32.dll
0x77d60000 - 0x77df2000  C:\WINDOWS\system32\RPCRT4.dll
0x77ed0000 - 0x77ee1000  C:\WINDOWS\system32\Secur32.dll
0x7c340000 - 0x7c396000  C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d800000 - 0x6da56000  C:\Program Files\Java\jre6\bin\client\jvm.dll
0x77cd0000 - 0x77d60000  C:\WINDOWS\system32\USER32.dll
0x77e00000 - 0x77e49000  C:\WINDOWS\system32\GDI32.dll
0x76ab0000 - 0x76add000  C:\WINDOWS\system32\WINMM.dll
0x762e0000 - 0x762fd000  C:\WINDOWS\system32\IMM32.DLL
0x62eb0000 - 0x62eb9000  C:\WINDOWS\system32\LPK.DLL
0x74cd0000 - 0x74d3b000  C:\WINDOWS\system32\USP10.dll
0x6d280000 - 0x6d288000  C:\Program Files\Java\jre6\bin\hpi.dll
0x76b60000 - 0x76b6b000  C:\WINDOWS\system32\PSAPI.DLL
0x6d7b0000 - 0x6d7bc000  C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000  C:\Program Files\Java\jre6\bin\java.dll
0x6d7f0000 - 0x6d7ff000  C:\Program Files\Java\jre6\bin\zip.dll
0x6d430000 - 0x6d436000  C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1c0000 - 0x6d1d3000  C:\Program Files\Java\jre6\bin\deploy.dll
0x779e0000 - 0x77a75000  C:\WINDOWS\system32\CRYPT32.dll
0x77a80000 - 0x77a92000  C:\WINDOWS\system32\MSASN1.dll
0x77ba0000 - 0x77bf8000  C:\WINDOWS\system32\msvcrt.dll
0x7ca00000 - 0x7d213000  C:\WINDOWS\system32\SHELL32.dll
0x77e50000 - 0x77ec6000  C:\WINDOWS\system32\SHLWAPI.dll
0x77470000 - 0x775ad000  C:\WINDOWS\system32\ole32.dll
0x770b0000 - 0x7713b000  C:\WINDOWS\system32\OLEAUT32.dll
0x63000000 - 0x630dc000  C:\WINDOWS\system32\WININET.dll
0x02de0000 - 0x02de9000  C:\WINDOWS\system32\Normaliz.dll
0x1a400000 - 0x1a52b000  C:\WINDOWS\system32\urlmon.dll
0x5dca0000 - 0x5de55000  C:\WINDOWS\system32\iertutil.dll
0x77360000 - 0x77463000  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x6d6b0000 - 0x6d6f2000  C:\Program Files\Java\jre6\bin\regutils.dll
0x77b90000 - 0x77b98000  C:\WINDOWS\system32\VERSION.dll
0x7d220000 - 0x7d4dc000  C:\WINDOWS\system32\msi.dll
0x6d610000 - 0x6d623000  C:\Program Files\Java\jre6\bin\net.dll
0x719f0000 - 0x71a07000  C:\WINDOWS\system32\WS2_32.dll
0x719e0000 - 0x719e8000  C:\WINDOWS\system32\WS2HELP.dll
0x6d630000 - 0x6d639000  C:\Program Files\Java\jre6\bin\nio.dll
0x6d000000 - 0x6d138000  C:\Program Files\Java\jre6\bin\awt.dll
0x72f50000 - 0x72f76000  C:\WINDOWS\system32\WINSPOOL.DRV
0x5b1f0000 - 0x5b228000  C:\WINDOWS\system32\uxtheme.dll
0x74660000 - 0x746ac000  C:\WINDOWS\system32\MSCTF.dll
0x65780000 - 0x657a3000  C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
0x753e0000 - 0x7540e000  C:\WINDOWS\system32\msctfime.ime
0x6d220000 - 0x6d274000  C:\Program Files\Java\jre6\bin\fontmanager.dll
0x4d0d0000 - 0x4d276000  C:\WINDOWS\system32\d3d9.dll
0x6de90000 - 0x6de96000  C:\WINDOWS\system32\d3d8thk.dll
0x71990000 - 0x719cf000  C:\WINDOWS\System32\mswsock.dll
0x76eb0000 - 0x76ed7000  C:\WINDOWS\system32\DNSAPI.dll
0x76f40000 - 0x76f48000  C:\WINDOWS\System32\winrnr.dll
0x76ef0000 - 0x76f1c000  C:\WINDOWS\system32\WLDAP32.dll
0x76f50000 - 0x76f56000  C:\WINDOWS\system32\rasadhlp.dll
0x6d190000 - 0x6d1b3000  C:\Program Files\Java\jre6\bin\dcpr.dll
0x69830000 - 0x69887000  C:\WINDOWS\system32\hnetcfg.dll
0x719d0000 - 0x719d8000  C:\WINDOWS\System32\wshtcpip.dll
0x10000000 - 0x10007000  C:\Program Files\Internet Download Manager\idmmkb.dll
VM Arguments:
jvm_args: -D__jvm_launched=22811404180 -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar 
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid2108_pipe3,read_pipe_name=jpi2_pid2108_pipe2
Launcher Type: SUN_STANDARD
Environment Variables:
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
USERNAME=SaUdI CaFfe
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
 
---------------  S Y S T E M  ---------------
OS: Windows XP Build 2600 Service Pack 3
CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 15 stepping 2, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3
Memory: 4k page, physical 489372k(51716k free), swap 1148064k(627980k free)
vm_info: Java HotSpot(TM) Client VM (11.0-b15) for windows-x86 JRE (1.6.0_10-b33), built on Sep 26 2008 01:00:43 by "java_re" with MS VC++ 7.1
time: Sat Nov 29 13:59:00 2008
elapsed time: 61 second

التقرير الثالث

كود:
#
# An unexpected error has been detected by Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x033bfe12, pid=3916, tid=3300
#
# Java VM: Java HotSpot(TM) Client VM (11.0-b15 mixed mode, sharing windows-x86)
# Problematic frame:
# C  [awt.dll+0x6fe12]
#
# If you would like to submit a bug report, please visit:
#   [URL]http://java.sun.com/webapps/bugreport/crash.jsp[/URL]
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.
#
---------------  T H R E A D  ---------------
Current thread (0x0308d800):  JavaThread "AWT-Windows" daemon [_thread_in_native, id=3300, stack(0x035e0000,0x03630000)]
siginfo: ExceptionCode=0xc0000005, reading address 0x00000044
Registers:
EAX=0x00000000, EBX=0x00000001, ECX=0x00000000, EDX=0x00000000
ESP=0x0362f304, EBP=0x0362f33c, ESI=0x0308d914, EDI=0x00000000
EIP=0x033bfe12, EFLAGS=0x00010246
Top of Stack: (sp=0x0362f304)
0x0362f304:   00009813 0308d914 033e6b47 00000000
0x0362f314:   0362f3a4 033e6710 00000000 77cd885a
0x0362f324:   0362f338 0308d914 0362f314 0362f3c0
0x0362f334:   03409f18 00000001 0362f368 77cd8734
0x0362f344:   00050300 00009813 00030316 00000000
0x0362f354:   033e6710 dcbaabcd 00000000 0362f3a4
0x0362f364:   033e6710 0362f3d0 77cd8816 033e6710
0x0362f374:   00050300 00009813 00030316 00000000 
Instructions: (pc=0x033bfe12)
0x033bfe02:   ce e8 c8 be 00 00 8b b6 80 01 00 00 85 f6 75 03
0x033bfe12:   8b 77 44 8b 44 24 0c 50 56 e8 78 7f 04 00 5f 5e 
 
Stack: [0x035e0000,0x03630000],  sp=0x0362f304,  free space=316k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [awt.dll+0x6fe12]
C  [USER32.dll+0x8734]
C  [USER32.dll+0x8816]
C  [USER32.dll+0x18ea0]
C  [USER32.dll+0x18eec]
C  [ntdll.dll+0xe453]
C  [USER32.dll+0x1a43b]
C  [MSCTF.dll+0x1f18f]
C  [MSCTF.dll+0x1f734]
C  [MSCTF.dll+0x200df]
C  [MSCTF.dll+0x2067d]
C  [MSCTF.dll+0x20b92]
C  [MSCTF.dll+0x20ffa]
C  [MSCTF.dll+0x21738]
C  [MSCTF.dll+0x1d307]
C  [USER32.dll+0x8734]
C  [USER32.dll+0x8816]
C  [USER32.dll+0x89cd]
C  [USER32.dll+0x8a10]
Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j  sun.awt.windows.WToolkit.eventLoop()V+0
j  sun.awt.windows.WToolkit.run()V+69
j  java.lang.Thread.run()V+11
v  ~StubRoutines::call_stub
---------------  P R O C E S S  ---------------
Java Threads: ( => current thread )
  0x03d83000 JavaThread "thread applet-doook.DoookNetApplet-4" [_thread_blocked, id=3720, stack(0x04550000,0x045a0000)]
  0x03d54000 JavaThread "AWT-EventQueue-5" [_thread_blocked, id=1120, stack(0x04080000,0x040d0000)]
  0x03262c00 JavaThread "Applet 4 LiveConnect Worker Thread" [_thread_blocked, id=932, stack(0x04500000,0x04550000)]
  0x03d8d800 JavaThread "thread applet-doook.DoookNetApplet-3" [_thread_blocked, id=3800, stack(0x04270000,0x042c0000)]
  0x03c90800 JavaThread "AWT-EventQueue-4" [_thread_in_native, id=1700, stack(0x04310000,0x04360000)]
  0x031dd400 JavaThread "Applet 3 LiveConnect Worker Thread" [_thread_blocked, id=3828, stack(0x042c0000,0x04310000)]
  0x03204800 JavaThread "thread applet-doook.DoookNetApplet-2" [_thread_blocked, id=2524, stack(0x04180000,0x041d0000)]
  0x02b80800 JavaThread "AWT-EventQueue-3" [_thread_blocked, id=2400, stack(0x040d0000,0x04120000)]
  0x02b80400 JavaThread "Applet 2 LiveConnect Worker Thread" [_thread_blocked, id=1080, stack(0x04130000,0x04180000)]
  0x03c33000 JavaThread "D3D Screen Updater" daemon [_thread_blocked, id=2728, stack(0x04030000,0x04080000)]
  0x03265c00 JavaThread "thread applet-doook.DoookNetApplet-1" [_thread_blocked, id=4076, stack(0x03b40000,0x03b90000)]
  0x030a7000 JavaThread "AWT-EventQueue-2" [_thread_blocked, id=3948, stack(0x03af0000,0x03b40000)]
  0x0323ec00 JavaThread "AWT-Shutdown" [_thread_blocked, id=176, stack(0x03aa0000,0x03af0000)]
  0x03070400 JavaThread "Applet 1 LiveConnect Worker Thread" [_thread_blocked, id=348, stack(0x03300000,0x03350000)]
  0x03096800 JavaThread "Browser Side  Cleanup Thread" [_thread_blocked, id=988, stack(0x03730000,0x03780000)]
  0x030abc00 JavaThread "CacheCleanUpThread" daemon [_thread_blocked, id=1932, stack(0x03590000,0x035e0000)]
  0x030bbc00 JavaThread "CacheMemoryCleanUpThread" daemon [_thread_blocked, id=2240, stack(0x03780000,0x037d0000)]
  0x03092400 JavaThread "Java Plug-In Heartbeat Thread" [_thread_blocked, id=764, stack(0x036e0000,0x03730000)]
=>0x0308d800 JavaThread "AWT-Windows" daemon [_thread_in_native, id=3300, stack(0x035e0000,0x03630000)]
  0x03087800 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=2108, stack(0x03540000,0x03590000)]
  0x03082800 JavaThread "Java Plug-In Pipe Worker Thread (Client-Side)" [_thread_in_native, id=1084, stack(0x034a0000,0x034f0000)]
  0x02bde000 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=2080, stack(0x03270000,0x032c0000)]
  0x02bdb400 JavaThread "Timer-0" [_thread_blocked, id=2540, stack(0x03020000,0x03070000)]
  0x02b52400 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=3528, stack(0x02dc0000,0x02e10000)]
  0x02b49c00 JavaThread "CompilerThread0" daemon [_thread_blocked, id=1096, stack(0x02d70000,0x02dc0000)]
  0x02b48400 JavaThread "Attach Listener" daemon [_thread_blocked, id=2364, stack(0x02d20000,0x02d70000)]
  0x02b47000 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=2536, stack(0x02cd0000,0x02d20000)]
  0x02b00800 JavaThread "Finalizer" daemon [_thread_blocked, id=3708, stack(0x02c80000,0x02cd0000)]
  0x02aff000 JavaThread "Reference Handler" daemon [_thread_blocked, id=2380, stack(0x02c30000,0x02c80000)]
  0x002b6800 JavaThread "main" [_thread_blocked, id=2368, stack(0x00920000,0x00970000)]
Other Threads:
  0x02afd800 VMThread [stack: 0x02be0000,0x02c30000] [id=3596]
  0x02b54800 WatcherThread [stack: 0x02e10000,0x02e60000] [id=3740]
VM state:not at safepoint (normal execution)
VM Mutex/Monitor currently owned by a thread: None
Heap
 def new generation   total 960K, used 857K [0x22990000, 0x22a90000, 0x22e70000)
  eden space 896K,  88% used [0x22990000, 0x22a56da8, 0x22a70000)
  from space 64K,  97% used [0x22a80000, 0x22a8f8a0, 0x22a90000)
  to   space 64K,   0% used [0x22a70000, 0x22a70000, 0x22a80000)
 tenured generation   total 4096K, used 1927K [0x22e70000, 0x23270000, 0x26990000)
   the space 4096K,  47% used [0x22e70000, 0x23051cc0, 0x23051e00, 0x23270000)
 compacting perm gen  total 12288K, used 3943K [0x26990000, 0x27590000, 0x2a990000)
   the space 12288K,  32% used [0x26990000, 0x26d69e88, 0x26d6a000, 0x27590000)
    ro space 8192K,  63% used [0x2a990000, 0x2aea3b20, 0x2aea3c00, 0x2b190000)
    rw space 12288K,  53% used [0x2b190000, 0x2b7f7f38, 0x2b7f8000, 0x2bd90000)
Dynamic libraries:
0x00400000 - 0x00424000  C:\Program Files\Java\jre6\bin\java.exe
0x7c950000 - 0x7c9fa000  C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c950000  C:\WINDOWS\system32\kernel32.dll
0x77f50000 - 0x77ffb000  C:\WINDOWS\system32\ADVAPI32.dll
0x77d60000 - 0x77df2000  C:\WINDOWS\system32\RPCRT4.dll
0x77ed0000 - 0x77ee1000  C:\WINDOWS\system32\Secur32.dll
0x7c340000 - 0x7c396000  C:\Program Files\Java\jre6\bin\msvcr71.dll
0x6d800000 - 0x6da56000  C:\Program Files\Java\jre6\bin\client\jvm.dll
0x77cd0000 - 0x77d60000  C:\WINDOWS\system32\USER32.dll
0x77e00000 - 0x77e49000  C:\WINDOWS\system32\GDI32.dll
0x76ab0000 - 0x76add000  C:\WINDOWS\system32\WINMM.dll
0x762e0000 - 0x762fd000  C:\WINDOWS\system32\IMM32.DLL
0x62eb0000 - 0x62eb9000  C:\WINDOWS\system32\LPK.DLL
0x74cd0000 - 0x74d3b000  C:\WINDOWS\system32\USP10.dll
0x6d710000 - 0x6d723000  C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
0x76b60000 - 0x76b6b000  C:\WINDOWS\system32\PSAPI.DLL
0x6d730000 - 0x6d743000  C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
0x6d020000 - 0x6d035000  C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll
0x77e50000 - 0x77ec6000  C:\WINDOWS\system32\SHLWAPI.dll
0x77ba0000 - 0x77bf8000  C:\WINDOWS\system32\msvcrt.dll
0x6d4c0000 - 0x6d4c6000  C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
0x6d280000 - 0x6d288000  C:\Program Files\Java\jre6\bin\hpi.dll
0x6d7b0000 - 0x6d7bc000  C:\Program Files\Java\jre6\bin\verify.dll
0x6d320000 - 0x6d33f000  C:\Program Files\Java\jre6\bin\java.dll
0x6d7f0000 - 0x6d7ff000  C:\Program Files\Java\jre6\bin\zip.dll
0x6d430000 - 0x6d436000  C:\Program Files\Java\jre6\bin\jp2native.dll
0x6d1c0000 - 0x6d1d3000  C:\Program Files\Java\jre6\bin\deploy.dll
0x779e0000 - 0x77a75000  C:\WINDOWS\system32\CRYPT32.dll
0x77a80000 - 0x77a92000  C:\WINDOWS\system32\MSASN1.dll
0x7ca00000 - 0x7d213000  C:\WINDOWS\system32\SHELL32.dll
0x77470000 - 0x775ad000  C:\WINDOWS\system32\ole32.dll
0x770b0000 - 0x7713b000  C:\WINDOWS\system32\OLEAUT32.dll
0x63000000 - 0x630dc000  C:\WINDOWS\system32\WININET.dll
0x02e60000 - 0x02e69000  C:\WINDOWS\system32\Normaliz.dll
0x1a400000 - 0x1a52b000  C:\WINDOWS\system32\urlmon.dll
0x5dca0000 - 0x5de55000  C:\WINDOWS\system32\iertutil.dll
0x77360000 - 0x77463000  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
0x6d6b0000 - 0x6d6f2000  C:\Program Files\Java\jre6\bin\regutils.dll
0x77b90000 - 0x77b98000  C:\WINDOWS\system32\VERSION.dll
0x7d220000 - 0x7d4dc000  C:\WINDOWS\system32\msi.dll
0x6d610000 - 0x6d623000  C:\Program Files\Java\jre6\bin\net.dll
0x719f0000 - 0x71a07000  C:\WINDOWS\system32\WS2_32.dll
0x719e0000 - 0x719e8000  C:\WINDOWS\system32\WS2HELP.dll
0x6d630000 - 0x6d639000  C:\Program Files\Java\jre6\bin\nio.dll
0x03350000 - 0x03488000  C:\Program Files\Java\jre6\bin\awt.dll
0x72f50000 - 0x72f76000  C:\WINDOWS\system32\WINSPOOL.DRV
0x5b1f0000 - 0x5b228000  C:\WINDOWS\system32\uxtheme.dll
0x74660000 - 0x746ac000  C:\WINDOWS\system32\MSCTF.dll
0x753e0000 - 0x7540e000  C:\WINDOWS\system32\msctfime.ime
0x6d220000 - 0x6d274000  C:\Program Files\Java\jre6\bin\fontmanager.dll
0x4d0d0000 - 0x4d276000  C:\WINDOWS\system32\d3d9.dll
0x6de90000 - 0x6de96000  C:\WINDOWS\system32\d3d8thk.dll
0x71990000 - 0x719cf000  C:\WINDOWS\System32\mswsock.dll
0x76eb0000 - 0x76ed7000  C:\WINDOWS\system32\DNSAPI.dll
0x76cf0000 - 0x76d09000  C:\WINDOWS\system32\iphlpapi.dll
0x76f40000 - 0x76f48000  C:\WINDOWS\System32\winrnr.dll
0x76ef0000 - 0x76f1c000  C:\WINDOWS\system32\WLDAP32.dll
0x68000000 - 0x68036000  C:\WINDOWS\system32\rsaenh.dll
0x69830000 - 0x69887000  C:\WINDOWS\system32\hnetcfg.dll
0x719d0000 - 0x719d8000  C:\WINDOWS\System32\wshtcpip.dll
0x76f50000 - 0x76f56000  C:\WINDOWS\system32\rasadhlp.dll
0x6d190000 - 0x6d1b3000  C:\Program Files\Java\jre6\bin\dcpr.dll
0x10000000 - 0x10007000  C:\Program Files\Internet Download Manager\idmmkb.dll
0x76930000 - 0x769e4000  C:\WINDOWS\system32\USERENV.dll
0x59550000 - 0x595a5000  C:\WINDOWS\system32\netapi32.dll
VM Arguments:
jvm_args: -D__jvm_launched=427624116 -Xbootclasspath/a:C:\PROGRA~1\Java\jre6\lib\deploy.jar;C:\PROGRA~1\Java\jre6\lib\javaws.jar;C:\PROGRA~1\Java\jre6\lib\plugin.jar 
java_command: sun.plugin2.main.client.PluginMain write_pipe_name=jpi2_pid3004_pipe3,read_pipe_name=jpi2_pid3004_pipe2
Launcher Type: SUN_STANDARD
Environment Variables:
PATH=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\QuickTime\QTSystem
USERNAME=SaUdI CaFfe
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 2, GenuineIntel
 
---------------  S Y S T E M  ---------------
OS: Windows XP Build 2600 Service Pack 3
CPU:total 2 (2 cores per cpu, 1 threads per core) family 6 model 15 stepping 2, cmov, cx8, fxsr, mmx, sse, sse2, sse3, ssse3
Memory: 4k page, physical 489372k(50204k free), swap 1141880k(683628k free)
vm_info: Java HotSpot(TM) Client VM (11.0-b15) for windows-x86 JRE (1.6.0_10-b33), built on Sep 26 2008 01:00:43 by "java_re" with MS VC++ 7.1
time: Mon Nov 24 23:28:52 2008
elapsed time: 86 seconds

اخوي ماكس ياليت يالغالي توضح لي خلاصة التقرير الاول غير الباتش يعني فيه قيمه خطأ او شيئ زي كذا ؟
وتقرير الهايجاك ياليت تخبرني عنه والتقارير الثلاثه ذي .. وبالنسبه للكاسبر انا حاط اعدادات زيزوميه
ومسوي عليها زيادهـ بعض الخيارات وقبل شوي مسوي سكاان للجهاز

بإنتظارك
 
توقيع : Mr.SaUdI
هذي بعد اداة الكمبوفكس صارت تطلع لي على سطح المكتب

ليش تسأل ؟
 
توقيع : Mr.SaUdI
اهااا
لاني ما عرفت ايش هي

لا هنت ارفع التقارير كاملة
 
اخوي ماكس ..
الثلاث التقارير اللي على سطح المكتب نسختها ولصقتها مافيه غيرهم ..
وبسوي لك تقرير على جديد على الكمبو فكس والهايجاك

اخوي ماكس ياليت يالغالي توضح لي
خلاصة التقرير الاول للكمبوفكس غير الباتش يعني فيه قيمه خطأ او شيئ زي كذا ؟
وتقرير الهايجاك ياليت تخبرني عنه
 
توقيع : Mr.SaUdI
تقرير الكمبوفكس


كود:
ComboFix 08-12-01.03 - SaUdI CaFfe 12/03/2008  6:45:33.3 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1256.1.1025.18.109 [GMT 3:00]
Running from: i:\برامج\برامج\البرامج\ComboFix.exe
 * Created a new restore point

[COLOR=RED][B]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\IE4 Error Log.txt

.
(((((((((((((((((((((((((   Files Created from 2008-11-03 to 2008-12-03  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-03 03:50    499,744    --sha-w    c:\windows\system32\drivers\fidbox2.dat
2008-12-03 03:50    4,884    --sha-w    c:\windows\system32\drivers\fidbox2.idx
2008-12-03 03:49    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\DMCache
2008-12-03 03:49    ---------    d-----w    c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-03 03:47    30,448    --sha-w    c:\windows\system32\drivers\fidbox.idx
2008-12-03 03:47    3,490,848    --sha-w    c:\windows\system32\drivers\fidbox.dat
2008-12-02 21:50    ---------    d-----w    c:\program files\WinPcap
2008-12-02 15:54    ---------    d---a-w    c:\documents and settings\All Users\Application Data\TEMP
2008-12-02 06:40    ---------    d-----w    c:\program files\Google
2008-12-01 11:01    ---------    d-----w    c:\program files\Messenger Plus! Live
2008-12-01 07:39    ---------    d-----w    c:\program files\Windows Live
2008-12-01 07:39    ---------    d-----w    c:\program files\Microsoft SQL Server Compact Edition
2008-12-01 07:37    ---------    d-----w    c:\program files\Microsoft
2008-12-01 06:29    ---------    d-----w    c:\program files\Common Files\Windows Live
2008-12-01 06:09    ---------    d-----w    c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-29 13:02    96,976    ----a-w    c:\windows\system32\drivers\klin.dat
2008-11-29 13:02    87,855    ----a-w    c:\windows\system32\drivers\klick.dat
2008-11-29 13:00    ---------    d-----w    c:\program files\Kaspersky Lab
2008-11-29 06:57    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Ahead
2008-11-27 17:49    ---------    dc-h--w    c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-26 04:46    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\IDM
2008-11-24 01:11    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\PC Suite
2008-11-22 22:04    ---------    d-----w    c:\program files\TuneUp Utilities 2009
2008-11-22 22:00    603,904    ----a-w    c:\windows\system32\TUProgSt.exe
2008-11-22 22:00    362,240    ----a-w    c:\windows\system32\TuneUpDefragService.exe
2008-11-22 21:58    ---------    d-sh--w    c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-11-22 17:52    ---------    d-----w    c:\program files\G-Lock Software
2008-11-22 17:52    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\G-Lock Software
2008-11-22 12:27    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Uniblue
2008-11-22 11:47    ---------    d--h--w    c:\program files\InstallShield Installation Information
2008-11-21 14:30    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Media Player Classic
2008-11-20 11:23    0    ---ha-w    c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-11-20 11:22    0    ---ha-w    c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-20 05:31    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Nokia
2008-11-20 05:24    ---------    d-----w    c:\program files\Nokia
2008-11-20 05:24    ---------    d-----w    c:\program files\Common Files\PCSuite
2008-11-20 05:24    ---------    d-----w    c:\program files\Common Files\Nokia
2008-11-20 05:23    ---------    d-----w    c:\program files\PC Connectivity Solution
2008-11-20 05:21    ---------    d-----w    c:\documents and settings\All Users\Application Data\Installations
2008-11-17 13:23    ---------    d-----w    c:\program files\Flash Memory Toolkit
2008-11-15 08:44    ---------    d-----w    c:\documents and settings\All Users\Application Data\Avira
2008-11-15 00:40    ---------    d-----w    c:\program files\Allok RM RMVB to AVI MPEG DVD Converter
2008-11-14 20:55    164    ----a-w    C:\install.dat
2008-11-14 14:59    ---------    d-----w    c:\program files\Alwil Software
2008-11-14 11:35    ---------    d-----w    c:\program files\MSXML 4.0
2008-11-13 15:58    ---------    d-----w    c:\program files\RM to MP3 Converter
2008-11-13 15:24    ---------    d-----w    c:\program files\Free Audio Pack
2008-11-13 15:22    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\Search Settings
2008-11-13 15:18    ---------    d-----w    c:\program files\Search Settings
2008-11-12 13:44    27,904    ----a-w    c:\windows\system32\uxtuneup.dll
2008-11-11 17:00    218,376    ----a-w    c:\windows\system32\klogon.dll
2008-11-11 16:58    25,601    ----a-w    c:\windows\system32\drivers\klopp.dat
2008-11-09 15:03    ---------    d-----w    c:\program files\Scratch
2008-11-09 05:58    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\COWON
2008-11-09 05:55    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\ACD Systems
2008-11-08 13:29    ---------    d-----w    c:\program files\Internet Download Manager
2008-11-06 13:10    ---------    d-----w    c:\documents and settings\All Users\Application Data\HPSSUPPLY
2008-11-03 21:10    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\HP
2008-11-03 21:10    ---------    d-----w    c:\documents and settings\All Users\Application Data\HP
2008-11-03 15:15    ---------    d-----w    c:\documents and settings\All Users\Application Data\WEBREG
2008-11-03 15:12    ---------    d-----w    c:\program files\HP
2008-11-03 15:11    ---------    d-----w    c:\program files\Hewlett-Packard
2008-11-03 15:11    ---------    d-----w    c:\program files\Common Files\HP
2008-11-03 15:11    ---------    d-----w    c:\program files\Common Files\Hewlett-Packard
2008-11-03 15:11    ---------    d-----w    c:\documents and settings\All Users\Application Data\HP Product Assistant
2008-11-03 15:08    ---------    d-----w    c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-11-03 07:19    ---------    d-----w    c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-02 00:02    ---------    d-----w    c:\program files\QuickTime
2008-11-02 00:01    ---------    d-----w    c:\program files\Common Files\Apple
2008-11-02 00:01    ---------    d-----w    c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-02 00:00    ---------    d-----w    c:\program files\Apple Software Update
2008-11-02 00:00    ---------    d-----w    c:\documents and settings\All Users\Application Data\Apple
2008-11-01 22:23    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\DivX
2008-10-31 18:14    203,776    ----a-w    c:\windows\system32\clrviddc.dll
2008-10-31 18:13    499,712    ----a-w    c:\windows\system32\msvcp71.dll
2008-10-31 18:13    348,160    ----a-w    c:\windows\system32\msvcr71.dll
2008-10-31 18:13    ---------    d-----w    c:\program files\Common Files\xing shared
2008-10-31 18:13    ---------    d-----w    c:\program files\Common Files\Real
2008-10-26 21:53    ---------    d-----w    c:\documents and settings\SaUdI CaFfe\Application Data\TuneUp Software
2008-10-26 15:07    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\PC Suite
2008-10-26 01:31    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\COWON
2008-10-26 00:38    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\ACD Systems
2008-10-25 15:14    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\DivX
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNRecode.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroVision.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroShowTime.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroMediaHome.exe
2008-10-25 02:17    974,848    ----a-w    c:\windows\UNNeroBackItUp.exe
2008-10-25 02:01    73,216    ----a-w    c:\windows\ST6UNST.EXE
2008-10-25 02:01    6,656    ----a-w    c:\windows\delttsul.exe
2008-10-25 02:01    47,104    ----a-w    c:\windows\AKDeInstall.exe
2008-10-25 02:01    46,592    ----a-w    c:\windows\setdebug.exe
2008-10-25 02:01    241,664    ----a-w    c:\windows\NuNInst.exe
2008-10-25 01:25    ---------    d-----w    c:\program files\JetAudio
2008-10-25 01:25    ---------    d-----w    c:\program files\ClocX
2008-10-24 19:52    ---------    d-----w    c:\documents and settings\Administrator.ATHEER2-A639511\Application Data\TuneUp Software
2008-10-24 11:21    455,296    ----a-w    c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 00:35    410,976    ----a-w    c:\windows\system32\deploytk.dll
2008-10-23 13:24    ---------    d-----w    c:\program files\Java
2008-10-21 19:21    ---------    d-----w    c:\program files\Common Files\LightScribe
.

(((((((((((((((((((((((((((((   snapshot@Thu 11-27-2008_10.39.34.14   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-25 02:00:41    213,504    ----a-w    c:\windows\$hf_mig$\KB915865\spuninst.exe
+ 2005-10-12 23:12:26    213,216    ----a-w    c:\windows\$hf_mig$\KB915865\spuninst.exe
- 2008-10-25 02:00:41    716,288    ----a-w    c:\windows\$hf_mig$\KB915865\update\update.exe
+ 2005-10-12 23:12:28    716,000    ----a-w    c:\windows\$hf_mig$\KB915865\update\update.exe
- 2008-10-25 02:00:43    213,504    ----a-w    c:\windows\$hf_mig$\KB938127-v2-IE7\spuninst.exe
+ 2007-03-06 00:57:38    213,216    ----a-w    c:\windows\$hf_mig$\KB938127-v2-IE7\spuninst.exe
- 2008-10-25 02:00:43    713,216    ----a-w    c:\windows\$hf_mig$\KB938127-v2-IE7\update\update.exe
+ 2007-03-06 00:57:55    712,928    ----a-w    c:\windows\$hf_mig$\KB938127-v2-IE7\update\update.exe
- 2008-10-25 02:00:52    231,424    ----a-w    c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 12:39:01    231,288    ----a-w    c:\windows\$hf_mig$\KB953839\spuninst.exe
- 2008-10-25 02:00:52    752,640    ----a-w    c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 12:39:03    752,504    ----a-w    c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2005-10-12 23:12:25    22,752    -c----w    c:\windows\$NtUninstallKB915865$\spcustom.dll
+ 2005-10-12 23:12:25    14,048    -c----w    c:\windows\$NtUninstallKB915865$\spmsg.dll
+ 2008-10-25 02:00:41    213,504    -c----w    c:\windows\$NtUninstallKB915865$\spuninst.exe
+ 2008-10-25 02:00:41    716,288    -c----w    c:\windows\$NtUninstallKB915865$\update.exe
+ 2005-10-12 23:12:33    371,424    -c----w    c:\windows\$NtUninstallKB915865$\updspapi.dll
+ 2008-06-12 08:28:02    121,856    -c----w    c:\windows\$NtUninstallKB915865$\xmllite.dll
+ 2008-12-01 01:22:36    45,056    ----a-w    c:\windows\BDOSCAN8\avxdisk.dll
+ 2008-12-01 01:22:36    10,240    ----a-w    c:\windows\BDOSCAN8\avxs.dll
+ 2008-12-01 01:22:37    27,136    ----a-w    c:\windows\BDOSCAN8\avxt.dll
+ 2008-12-01 01:22:44    102,400    ----a-w    c:\windows\BDOSCAN8\bdcore.dll
+ 2008-01-09 12:01:48    118,784    ----a-w    c:\windows\BDOSCAN8\bdupd.dll
+ 2008-01-09 12:01:48    53,248    ----a-w    c:\windows\BDOSCAN8\ipsupd.dll
+ 2008-12-01 01:22:48    142,848    ----a-w    c:\windows\BDOSCAN8\libfn.dll
+ 2008-12-01 01:22:38    86,016    ----a-w    c:\windows\BDOSCAN8\librtvr.dll
+ 2008-01-09 12:01:48    118,784    ----a-w    c:\windows\Downloaded Program Files\CONFLICT.1\bdupd.dll
+ 2008-01-09 12:01:48    53,248    ----a-w    c:\windows\Downloaded Program Files\CONFLICT.1\ipsupd.dll
+ 2006-09-06 14:42:02    213,216    -c--a-w    c:\windows\ie7\spuninst\spuninst.exe
+ 2007-08-13 15:39:00    123,904    -c----w    c:\windows\ie7updates\KB956390-IE7\advpack.dll
+ 2007-08-13 15:35:46    346,624    -c----w    c:\windows\ie7updates\KB956390-IE7\dxtmsft.dll
+ 2007-08-13 15:35:38    214,528    -c----w    c:\windows\ie7updates\KB956390-IE7\dxtrans.dll
+ 2007-08-13 15:54:10    131,584    -c----w    c:\windows\ie7updates\KB956390-IE7\extmgr.dll
+ 2007-08-13 15:36:26    61,952    -c----w    c:\windows\ie7updates\KB956390-IE7\icardie.dll
+ 2007-08-13 15:39:06    54,784    -c----w    c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2007-08-13 15:39:26    152,064    -c----w    c:\windows\ie7updates\KB956390-IE7\ieakeng.dll
+ 2007-08-13 15:39:54    229,376    -c----w    c:\windows\ie7updates\KB956390-IE7\ieaksie.dll
+ 2007-08-13 14:56:54    161,792    -c----w    c:\windows\ie7updates\KB956390-IE7\ieakui.dll
+ 2007-02-12 13:10:12    2,451,312    -c----w    c:\windows\ie7updates\KB956390-IE7\ieapfltr.dat
- 2008-06-23 16:15:19    383,488    -c----w    c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-07-11 09:27:48    383,488    -c----w    c:\windows\ie7updates\KB956390-IE7\ieapfltr.dll
+ 2007-08-13 15:39:50    382,976    -c----w    c:\windows\ie7updates\KB956390-IE7\iedkcs32.dll
+ 2007-08-13 15:54:10    6,049,280    -c----w    c:\windows\ie7updates\KB956390-IE7\ieframe.dll
+ 2007-08-13 15:39:10    43,008    -c----w    c:\windows\ie7updates\KB956390-IE7\iernonce.dll
+ 2007-08-13 15:34:04    266,752    -c----w    c:\windows\ie7updates\KB956390-IE7\iertutil.dll
- 2008-06-23 09:20:26    13,824    -c----w    c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 15:39:10    13,312    -c----w    c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2007-08-13 15:43:56    622,080    -c----w    c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2007-08-13 15:54:10    27,136    -c----w    c:\windows\ie7updates\KB956390-IE7\jsproxy.dll
+ 2007-08-13 15:54:10    458,752    -c----w    c:\windows\ie7updates\KB956390-IE7\msfeeds.dll
+ 2007-08-13 15:54:10    50,688    -c----w    c:\windows\ie7updates\KB956390-IE7\msfeedsbs.dll
+ 2007-08-13 15:54:12    3,578,368    -c----w    c:\windows\ie7updates\KB956390-IE7\mshtml.dll
+ 2007-08-13 15:54:10    475,648    -c----w    c:\windows\ie7updates\KB956390-IE7\mshtmled.dll
+ 2007-08-13 15:44:26    192,000    -c----w    c:\windows\ie7updates\KB956390-IE7\msrating.dll
+ 2007-08-13 15:54:10    670,720    -c----w    c:\windows\ie7updates\KB956390-IE7\mstime.dll
+ 2007-08-13 15:44:06    101,376    -c----w    c:\windows\ie7updates\KB956390-IE7\occache.dll
+ 2007-08-13 15:36:12    44,544    -c----w    c:\windows\ie7updates\KB956390-IE7\pngfilt.dll
+ 2007-03-06 00:57:32    22,752    -c----w    c:\windows\ie7updates\KB956390-IE7\spcustom.dll
+ 2007-03-06 00:57:33    14,560    -c----w    c:\windows\ie7updates\KB956390-IE7\spmsg.dll
+ 2007-03-06 00:57:38    213,216    -c----w    c:\windows\ie7updates\KB956390-IE7\spuninst.exe
+ 2007-03-06 00:57:56    712,928    -c----w    c:\windows\ie7updates\KB956390-IE7\update.exe
+ 2007-03-06 00:58:46    369,376    -c----w    c:\windows\ie7updates\KB956390-IE7\updspapi.dll
+ 2007-08-13 15:44:30    105,984    -c----w    c:\windows\ie7updates\KB956390-IE7\url.dll
+ 2007-08-13 15:54:10    1,162,240    -c----w    c:\windows\ie7updates\KB956390-IE7\urlmon.dll
+ 2007-08-13 15:54:10    231,424    -c----w    c:\windows\ie7updates\KB956390-IE7\webcheck.dll
+ 2007-08-13 15:54:10    818,688    -c----w    c:\windows\ie7updates\KB956390-IE7\wininet.dll
+ 2008-12-01 07:38:14    86,746    ----a-r    c:\windows\Installer\{15B40774-B925-4368-AB67-E85AA6998D14}\wlmail.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-12-02 06:41:16    26,694    ----a-r    c:\windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 2008-12-01 07:39:27    119,296    ----a-r    c:\windows\Installer\{219DC5E2-21E6-4E19-B1F1-EDB8C93211A8}\WLXPhotoGalleryIcon.exe
+ 2008-12-01 07:37:45    29,926    ----a-r    c:\windows\Installer\{A2A5C10B-3D4D-4B2B-B60E-37BE1A352DCE}\MsblIco.Exe
+ 2004-03-31 05:00:00    61,440    ----a-w    c:\windows\system32\ADLOC.dll
- 2008-08-22 00:06:30    72,704    ----a-w    c:\windows\system32\admparse.dll
+ 2007-08-13 15:39:20    71,680    ----a-w    c:\windows\system32\admparse.dll
- 2008-08-22 00:06:16    128,512    ----a-w    c:\windows\system32\advpack.dll
+ 2008-08-26 07:57:14    124,928    ----a-w    c:\windows\system32\advpack.dll
+ 2004-03-31 05:00:00    45,056    ----a-w    c:\windows\system32\APLOC.dll
+ 2002-07-17 06:54:22    36,864    ----a-w    c:\windows\system32\ascbalo3N.dll
+ 2003-09-23 05:00:00    36,864    ----a-w    c:\windows\system32\ascbalon.dll
+ 2003-10-23 05:00:00    27,824    ----a-w    c:\windows\system32\ascIP95.DLL
+ 2003-10-23 05:00:00    27,408    ----a-w    c:\windows\system32\ascIPNT.DLL
+ 2003-10-23 05:00:00    352,256    ----a-w    c:\windows\system32\ASLOC.dll
- 2008-04-14 15:59:33    1,025,024    ----a-w    c:\windows\system32\browseui.dll
+ 2006-09-23 10:12:32    1,022,976    ----a-w    c:\windows\system32\browseui.dll
+ 2002-12-05 17:55:43    569,616    ----a-w    c:\windows\system32\COMCTL3N.DLL
- 2008-11-26 04:41:05    32,768    -c--a-w    c:\windows\system32\config\systemprofile\s\index.dat
+ 2008-12-02 21:41:55    32,768    -c--a-w    c:\windows\system32\config\systemprofile\s\index.dat
- 2008-11-26 04:41:05    32,768    -c--a-w    c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-02 21:41:55    32,768    -c--a-w    c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-11-26 04:41:05    32,768    -c--a-w    c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\.IE5\index.dat
+ 2008-12-02 21:41:55    32,768    -c--a-w    c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\.IE5\index.dat
- 2008-08-22 00:07:08    18,944    ----a-w    c:\windows\system32\corpol.dll
+ 2004-08-04 00:55:34    35,328    ------w    c:\windows\system32\corpol.dll
+ 2006-11-29 10:06:18    3,426,072    ----a-w    c:\windows\system32\d3dx9_32.dll
- 2008-04-14 18:29:36    32,768    ----a-w    c:\windows\system32\dispex.dll
+ 2004-08-09 18:27:00    28,672    ----a-w    c:\windows\system32\dispex.dll
- 2008-08-22 00:06:30    72,704    -c--a-w    c:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 15:39:20    71,680    -c--a-w    c:\windows\system32\dllcache\admparse.dll
- 2008-08-22 00:06:16    128,512    -c--a-w    c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:57:14    124,928    -c----w    c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 15:59:33    1,025,024    -c--a-w    c:\windows\system32\dllcache\browseui.dll
+ 2006-09-23 10:12:32    1,022,976    -c--a-w    c:\windows\system32\dllcache\browseui.dll
- 2008-08-22 00:07:08    18,944    -c--a-w    c:\windows\system32\dllcache\corpol.dll
+ 2004-08-04 00:55:34    35,328    -c----w    c:\windows\system32\dllcache\corpol.dll
- 2004-05-11 21:18:58    28,672    -c--a-w    c:\windows\system32\dllcache\custsat.dll
+ 2007-08-13 15:54:10    33,792    -c--a-w    c:\windows\system32\dllcache\custsat.dll
- 2008-04-14 18:29:36    32,768    -c--a-w    c:\windows\system32\dllcache\dispex.dll
+ 2004-08-09 18:27:00    28,672    -c--a-w    c:\windows\system32\dllcache\dispex.dll
- 2008-08-22 00:05:16    346,624    -c--a-w    c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:57:14    347,136    -c----w    c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-22 00:05:10    217,088    -c--a-w    c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:57:14    214,528    -c----w    c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-22 00:00:28    68,608    -c--a-w    c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 15:18:02    60,416    -c--a-w    c:\windows\system32\dllcache\hmmapi.dll
- 2008-08-22 00:05:20    61,952    -c--a-w    c:\windows\system32\dllcache\icardie.dll
+ 2008-08-26 07:57:14    63,488    -c--a-w    c:\windows\system32\dllcache\icardie.dll
- 2008-08-22 00:06:24    162,304    -c--a-w    c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-08-25 08:35:50    70,656    -c----w    c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-22 00:06:36    124,928    -c--a-w    c:\windows\system32\dllcache\ieakeng.dll
+ 2008-08-26 07:57:14    153,088    -c----w    c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-22 00:06:40    228,864    -c--a-w    c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:57:14    230,400    -c----w    c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-22 00:06:24    163,840    -c--a-w    c:\windows\system32\dllcache\ieakui.dll
+ 2008-08-23 05:54:51    161,792    -c----w    c:\windows\system32\dllcache\ieakui.dll
- 2008-07-29 19:58:08    3,670,112    -c--a-w    c:\windows\system32\dllcache\ieapfltr.dat
+ 2007-04-17 09:32:38    2,455,488    -c--a-w    c:\windows\system32\dllcache\ieapfltr.dat
- 2008-08-21 23:42:22    443,392    -c--a-w    c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-26 07:57:15    383,488    -c--a-w    c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-22 00:06:44    385,024    -c--a-w    c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-08-26 07:57:15    384,512    -c----w    c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 15:45:18    78,336    -c--a-w    c:\windows\system32\dllcache\ieencode.dll
- 2008-08-22 00:10:34    11,985,408    -c--a-w    c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-03 16:58:14    6,066,176    -c--a-w    c:\windows\system32\dllcache\ieframe.dll
- 2008-08-22 00:05:24    186,880    -c--a-w    c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 15:54:10    191,488    -c--a-w    c:\windows\system32\dllcache\iepeers.dll
- 2008-08-22 00:06:20    55,808    -c--a-w    c:\windows\system32\dllcache\iernonce.dll
+ 2008-08-26 07:57:16    44,544    -c----w    c:\windows\system32\dllcache\iernonce.dll
- 2008-08-22 00:06:02    1,778,688    -c--a-w    c:\windows\system32\dllcache\iertutil.dll
+ 2008-08-26 07:57:17    267,776    -c--a-w    c:\windows\system32\dllcache\iertutil.dll
- 2008-08-22 00:06:24    71,680    -c--a-w    c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 15:39:12    55,296    -c--a-w    c:\windows\system32\dllcache\iesetup.dll
- 2008-09-08 17:20:40    637,984    -c--a-w    c:\windows\system32\dllcache\iexplore.exe
+ 2008-08-23 05:56:15    635,848    -c----w    c:\windows\system32\dllcache\iexplore.exe
- 2008-08-22 00:05:14    35,840    -c--a-w    c:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 15:36:06    36,352    -c--a-w    c:\windows\system32\dllcache\imgutil.dll
- 2008-08-22 00:06:16    94,720    -c--a-w    c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 15:39:02    92,672    -c--a-w    c:\windows\system32\dllcache\inseng.dll
- 2008-08-22 00:06:30    552,960    -c--a-w    c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:53:39    512,000    -c--a-w    c:\windows\system32\dllcache\jscript.dll
- 2008-08-22 00:06:58    28,672    -c--a-w    c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-26 07:57:17    27,648    -c----w    c:\windows\system32\dllcache\jsproxy.dll
- 2008-08-22 00:08:00    43,008    -c--a-w    c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 15:44:18    40,960    -c--a-w    c:\windows\system32\dllcache\licmgr10.dll
- 2008-08-22 00:05:48    580,608    -c--a-w    c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-26 07:57:18    459,264    -c--a-w    c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-22 00:05:22    53,760    -c--a-w    c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-08-26 07:57:18    52,224    -c--a-w    c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-22 00:04:54    45,568    -c--a-w    c:\windows\system32\dllcache\mshta.exe
+ 2007-08-13 15:32:30    45,568    -c--a-w    c:\windows\system32\dllcache\mshta.exe
- 2008-08-22 00:09:32    5,699,584    -c--a-w    c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-27 11:27:20    3,593,216    -c----w    c:\windows\system32\dllcache\mshtml.dll
- 2008-08-22 00:05:08    70,656    -c--a-w    c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-26 07:57:19    477,696    -c----w    c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-22 00:05:00    48,128    -c--a-w    c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 15:01:12    48,128    -c--a-w    c:\windows\system32\dllcache\mshtmler.dll
- 2008-08-21 23:57:56    156,160    -c--a-w    c:\windows\system32\dllcache\msls31.dll
+ 2007-08-13 15:54:10    156,160    -c--a-w    c:\windows\system32\dllcache\msls31.dll
- 2008-08-22 00:07:50    193,536    -c--a-w    c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:57:19    193,024    -c----w    c:\windows\system32\dllcache\msrating.dll
- 2008-08-22 00:05:34    630,272    -c--a-w    c:\windows\system32\dllcache\mstime.dll
+ 2008-08-26 07:57:20    671,232    -c----w    c:\windows\system32\dllcache\mstime.dll
- 2008-08-22 00:07:50    116,224    -c--a-w    c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:57:20    102,912    -c----w    c:\windows\system32\dllcache\occache.dll
- 2008-08-22 00:05:14    45,056    -c--a-w    c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-26 07:57:20    44,544    -c----w    c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 15:59:41    1,499,136    -c--a-w    c:\windows\system32\dllcache\shdocvw.dll
+ 2006-09-23 10:12:32    1,497,088    -c--a-w    c:\windows\system32\dllcache\shdocvw.dll
- 2008-04-14 15:59:41    474,112    -c--a-w    c:\windows\system32\dllcache\shlwapi.dll
+ 2006-09-23 10:12:32    474,112    -c--a-w    c:\windows\system32\dllcache\shlwapi.dll
- 2008-08-22 00:07:58    105,984    -c--a-w    c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:57:20    105,984    -c----w    c:\windows\system32\dllcache\url.dll
- 2008-08-22 00:08:22    1,206,784    -c--a-w    c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-26 07:57:21    1,159,680    -c----w    c:\windows\system32\dllcache\urlmon.dll
- 2008-08-22 00:06:36    434,176    -c--a-w    c:\windows\system32\dllcache\vbscript.dll
+ 2008-05-09 10:53:40    430,080    -c--a-w    c:\windows\system32\dllcache\vbscript.dll
- 2008-08-22 00:07:20    755,200    -c--a-w    c:\windows\system32\dllcache\VGX.dll
+ 2008-05-27 17:23:58    765,952    -c--a-w    c:\windows\system32\dllcache\vgx.dll
- 2008-08-22 00:08:08    236,544    -c--a-w    c:\windows\system32\dllcache\webcheck.dll
+ 2008-08-26 07:57:21    233,472    -c----w    c:\windows\system32\dllcache\webcheck.dll
- 2008-08-22 00:08:06    878,592    -c--a-w    c:\windows\system32\dllcache\wininet.dll
+ 2008-08-26 07:57:21    826,368    -c----w    c:\windows\system32\dllcache\wininet.dll
- 2008-04-14 18:29:46    36,864    -c--a-w    c:\windows\system32\dllcache\wshcon.dll
+ 2004-08-09 18:27:06    28,672    -c--a-w    c:\windows\system32\dllcache\wshcon.dll
- 2008-11-24 21:09:14    227,344    ----a-w    c:\windows\system32\drivers\klif.sys
+ 2008-11-29 12:59:19    227,344    ----a-w    c:\windows\system32\drivers\klif.sys
+ 2007-01-25 17:31:34    42,000    ----a-w    c:\windows\system32\drivers\npf.sys
- 2008-08-22 00:05:16    346,624    ----a-w    c:\windows\system32\dxtmsft.dll
+ 2008-08-26 07:57:14    347,136    ----a-w    c:\windows\system32\dxtmsft.dll
- 2008-08-22 00:05:10    217,088    ----a-w    c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:57:14    214,528    ----a-w    c:\windows\system32\dxtrans.dll
- 2008-10-26 16:29:50    334,664    ----a-w    c:\windows\system32\FNTCACHE.DAT
+ 2008-12-01 08:01:31    337,848    ----a-w    c:\windows\system32\FNTCACHE.DAT
- 2008-08-22 00:05:20    61,952    ----a-w    c:\windows\system32\icardie.dll
+ 2008-08-26 07:57:14    63,488    ----a-w    c:\windows\system32\icardie.dll
- 2008-08-22 00:06:24    162,304    ----a-w    c:\windows\system32\ie4uinit.exe
+ 2008-08-25 08:35:50    70,656    ------w    c:\windows\system32\ie4uinit.exe
- 2008-08-22 00:06:36    124,928    ----a-w    c:\windows\system32\ieakeng.dll
+ 2008-08-26 07:57:14    153,088    ------w    c:\windows\system32\ieakeng.dll
- 2008-08-22 00:06:40    228,864    ----a-w    c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:57:14    230,400    ------w    c:\windows\system32\ieaksie.dll
- 2008-08-22 00:06:24    163,840    ----a-w    c:\windows\system32\ieakui.dll
+ 2008-08-23 05:54:51    161,792    ------w    c:\windows\system32\ieakui.dll
- 2008-07-29 19:58:08    3,670,112    ----a-w    c:\windows\system32\ieapfltr.dat
+ 2007-04-17 09:32:38    2,455,488    ----a-w    c:\windows\system32\ieapfltr.dat
- 2008-08-21 23:42:22    443,392    ----a-w    c:\windows\system32\ieapfltr.dll
+ 2008-08-26 07:57:15    383,488    ----a-w    c:\windows\system32\ieapfltr.dll
- 2008-08-22 00:06:44    385,024    ----a-w    c:\windows\system32\iedkcs32.dll
+ 2008-08-26 07:57:15    384,512    ------w    c:\windows\system32\iedkcs32.dll
+ 2007-08-13 15:45:18    78,336    ----a-w    c:\windows\system32\ieencode.dll
- 2008-08-22 00:10:34    11,985,408    ----a-w    c:\windows\system32\ieframe.dll
+ 2008-10-03 16:58:14    6,066,176    ----a-w    c:\windows\system32\ieframe.dll
- 2008-08-22 00:05:24    186,880    ----a-w    c:\windows\system32\iepeers.dll
+ 2007-08-13 15:54:10    191,488    ----a-w    c:\windows\system32\iepeers.dll
- 2008-08-22 00:06:20    55,808    ----a-w    c:\windows\system32\iernonce.dll
+ 2008-08-26 07:57:16    44,544    ------w    c:\windows\system32\iernonce.dll
- 2008-08-22 00:06:02    1,778,688    ----a-w    c:\windows\system32\iertutil.dll
+ 2008-08-26 07:57:17    267,776    ----a-w    c:\windows\system32\iertutil.dll
- 2008-08-22 00:06:24    71,680    ----a-w    c:\windows\system32\iesetup.dll
+ 2007-08-13 15:39:12    55,296    ----a-w    c:\windows\system32\iesetup.dll
- 2008-08-22 00:06:24    36,864    ----a-w    c:\windows\system32\ieudinit.exe
+ 2008-08-25 08:38:00    13,824    ----a-w    c:\windows\system32\ieudinit.exe
- 2008-08-21 23:58:12    181,760    ----a-w    c:\windows\system32\ieui.dll
+ 2007-08-13 15:54:10    180,736    ------w    c:\windows\system32\ieui.dll
- 2008-08-22 00:05:14    35,840    ----a-w    c:\windows\system32\imgutil.dll
+ 2007-08-13 15:36:06    36,352    ----a-w    c:\windows\system32\imgutil.dll
- 2008-08-22 00:06:16    94,720    ----a-w    c:\windows\system32\inseng.dll
+ 2007-08-13 15:39:02    92,672    ----a-w    c:\windows\system32\inseng.dll
- 2008-08-22 00:06:30    552,960    ----a-w    c:\windows\system32\jscript.dll
+ 2008-05-09 10:53:39    512,000    ----a-w    c:\windows\system32\jscript.dll
- 2008-08-22 00:06:58    28,672    ----a-w    c:\windows\system32\jsproxy.dll
+ 2008-08-26 07:57:17    27,648    ------w    c:\windows\system32\jsproxy.dll
- 2008-08-22 00:08:00    43,008    ----a-w    c:\windows\system32\licmgr10.dll
+ 2007-08-13 15:44:18    40,960    ----a-w    c:\windows\system32\licmgr10.dll
- 2008-08-22 00:05:48    580,608    ----a-w    c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:57:18    459,264    ----a-w    c:\windows\system32\msfeeds.dll
- 2008-08-22 00:05:22    53,760    ----a-w    c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:57:18    52,224    ----a-w    c:\windows\system32\msfeedsbs.dll
- 2008-08-22 00:05:22    13,312    ----a-w    c:\windows\system32\msfeedssync.exe
+ 2007-08-13 15:36:40    12,288    ------w    c:\windows\system32\msfeedssync.exe
- 2008-08-22 00:04:54    45,568    ----a-w    c:\windows\system32\mshta.exe
+ 2007-08-13 15:32:30    45,568    ----a-w    c:\windows\system32\mshta.exe
- 2008-08-22 00:09:32    5,699,584    ----a-w    c:\windows\system32\mshtml.dll
+ 2008-08-27 11:27:20    3,593,216    ----a-w    c:\windows\system32\mshtml.dll
- 2008-08-22 00:05:08    70,656    ----a-w    c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:57:19    477,696    ------w    c:\windows\system32\mshtmled.dll
- 2008-08-22 00:05:00    48,128    ----a-w    c:\windows\system32\mshtmler.dll
+ 2007-08-13 15:01:12    48,128    ----a-w    c:\windows\system32\mshtmler.dll
- 2008-08-21 23:57:56    156,160    ----a-w    c:\windows\system32\msls31.dll
+ 2007-08-13 15:54:10    156,160    ----a-w    c:\windows\system32\msls31.dll
- 2008-08-22 00:07:50    193,536    ----a-w    c:\windows\system32\msrating.dll
+ 2008-08-26 07:57:19    193,024    ------w    c:\windows\system32\msrating.dll
+ 2002-12-05 17:57:30    118,784    ----a-w    c:\windows\system32\MSSTDFMN.DLL
- 2000-05-23 19:45:58    118,784    ----a-w    c:\windows\system32\MSSTDFMT.DLL
+ 2003-09-23 05:00:00    118,784    ----a-w    c:\windows\system32\MSSTDFMT.DLL
- 1998-08-09 08:07:34    94,208    ----a-w    c:\windows\system32\MSSTKPRP.DLL
+ 2003-09-23 05:00:00    94,208    ----a-w    c:\windows\system32\Msstkprp.dll
- 2008-08-22 00:05:34    630,272    ----a-w    c:\windows\system32\mstime.dll
+ 2008-08-26 07:57:20    671,232    ------w    c:\windows\system32\mstime.dll
+ 2002-12-05 17:58:05    1,388,544    ----a-w    c:\windows\system32\MSVBVM6N.DLL
+ 2003-09-23 05:00:00    434,252    ----a-w    c:\windows\system32\MSVCRTD.DLL
- 2008-08-22 00:07:50    116,224    ----a-w    c:\windows\system32\occache.dll
+ 2008-08-26 07:57:20    102,912    ------w    c:\windows\system32\occache.dll
+ 2002-12-05 17:58:17    614,672    ----a-w    c:\windows\system32\OLEAUT3N.DLL
+ 2007-01-25 17:31:34    88,952    ----a-w    c:\windows\system32\Packet.dll
- 2008-08-22 00:05:14    45,056    ----a-w    c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:57:20    44,544    ----a-w    c:\windows\system32\pngfilt.dll
+ 2007-01-25 17:31:36    53,299    ----a-w    c:\windows\system32\pthreadVC.dll
- 2008-04-14 15:59:41    1,499,136    ----a-w    c:\windows\system32\shdocvw.dll
+ 2006-09-23 10:12:32    1,497,088    ----a-w    c:\windows\system32\shdocvw.dll
- 2008-04-14 15:59:41    474,112    ----a-w    c:\windows\system32\shlwapi.dll
+ 2006-09-23 10:12:32    474,112    ----a-w    c:\windows\system32\shlwapi.dll
- 2007-01-19 09:53:04    51,056    ----a-w    c:\windows\system32\sirenacm.dll
+ 2008-09-08 21:03:46    51,712    ----a-w    c:\windows\system32\sirenacm.dll
+ 2008-06-30 13:16:52    153,600    ----a-w    c:\windows\system32\TLBINF32.DLL
- 2008-08-22 00:07:58    105,984    ----a-w    c:\windows\system32\url.dll
+ 2008-08-26 07:57:20    105,984    ----a-w    c:\windows\system32\url.dll
- 2008-08-22 00:08:22    1,206,784    ----a-w    c:\windows\system32\urlmon.dll
+ 2008-08-26 07:57:21    1,159,680    ----a-w    c:\windows\system32\urlmon.dll
- 2008-08-22 00:06:36    434,176    ----a-w    c:\windows\system32\vbscript.dll
+ 2008-05-09 10:53:40    430,080    ----a-w    c:\windows\system32\vbscript.dll
+ 2007-01-25 17:31:34    68,480    ----a-w    c:\windows\system32\WanPacket.dll
- 2008-08-22 00:08:08    236,544    ----a-w    c:\windows\system32\webcheck.dll
+ 2008-08-26 07:57:21    233,472    ----a-w    c:\windows\system32\webcheck.dll
- 2008-08-22 00:08:22    208,384    ----a-w    c:\windows\system32\WinFXDocObj.exe
+ 2007-08-13 15:45:16    206,336    ------w    c:\windows\system32\WinFXDocObj.exe
- 2008-08-22 00:08:06    878,592    ----a-w    c:\windows\system32\wininet.dll
+ 2008-08-26 07:57:21    826,368    ----a-w    c:\windows\system32\wininet.dll
+ 2007-01-25 17:31:36    240,496    ----a-w    c:\windows\system32\wpcap.dll
- 2008-04-14 18:29:46    36,864    ----a-w    c:\windows\system32\wshcon.dll
+ 2004-08-09 18:27:06    28,672    ----a-w    c:\windows\system32\wshcon.dll
- 2008-06-12 08:28:02    121,856    ----a-w    c:\windows\system32\xmllite.dll
+ 2006-07-14 15:51:51    121,856    ----a-w    c:\windows\system32\xmllite.dll
+ 2004-01-10 22:17:00    45,568    ----a-w    c:\windows\system32\YM11AUTH.DLL
+ 2008-12-03 03:48:49    16,384    ----atw    c:\windows\Temp\Perflib_Perfdata_184.dat
+ 2007-11-06 17:23:58    224,768    ----a-w    c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2007-11-06 22:19:34    568,832    ----a-w    c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-06 22:19:34    655,872    ----a-w    c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2008-09-05 13:04:52    287,744    ----a-w    c:\windows\WLXPGSS.SCR
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [04/29/2006 11:53 AM 817896]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [10/02/2008 07:00 AM 1124352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [10/31/2008 09:13 PM 185872]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [09/06/2008 03:09 PM 413696]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [11/11/2008 07:59 PM 206088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 06:59 PM 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalStart.lnk]
backup=c:\windows\pss\PalStart.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 10/24/2008 11:12 PM 155648 c:\program files\Common Files\Ahead\Lib\nmbgmonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
--a------ 10/24/2008 11:13 PM 1057280 c:\program files\Nero\Nero 7\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 10/24/2008 11:56 PM 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
--a------ 10/25/2008 04:59 AM 1629696 c:\program files\Nero\Nero 7\InCD\NBHGui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
--a------ 10/24/2008 11:12 PM 843776 c:\program files\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 10/31/2008 09:13 PM 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe"  -osboot
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2008-11-23 603904]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
s of the 'Scheduled Tasks' folder

2008-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 12:34 PM]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\SaUdI CaFfe\Application Data\Mozilla\Firefox\Profiles\rx8kpl6q.default\
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-03 06:48:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 


**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\system32\mspaint.exe
c:\windows\system32\mspaint.exe
c:\windows\system32\mspaint.exe
.
**************************************************************************
.
Completion time: 12/03/2008  6:55:20 - machine was rebooted
ComboFix-quarantined-files.txt  2008-12-03 03:53:24
ComboFix2.txt  2008-11-27 07:42:24
ComboFix3.txt  2008-11-24 16:29:38

Pre-Run: 16,260,177,920 bytes free
Post-Run: 16,252,350,464 bytes free
543 --- E O F --- 2008-12-02 04:11:34
 
توقيع : Mr.SaUdI
ومن الهايجاك

اختار Do a system scan and save log

انتظر وانتظر

لكن

مايطلع لي تقرير ؟؟

 
التعديل الأخير بواسطة المشرف:
توقيع : Mr.SaUdI
ومن الهايجاك

اختار Do a system scan and save log

انتظر وانتظر

لكن

مايطلع لي تقرير ؟؟
[/B]

استخدم هذه الاداة بدل الهايجاك
حمل الاداة التالية



شغلها بدبل كلك ،، ثواني يظهر المفكرة وفيها تقرير ،، اعمل تحديد الكل وانسخه والصقه بمشاركتك القادمة
 
التعديل الأخير بواسطة المشرف:
.
--------------------------\\\ Start Report Of HijackThis ---------------
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:56:26 م, on 03/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\runn.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.live.com/9uxp9en-us/hpg_lnk2
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.87:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.0.0.138
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1223853490796
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 8247 bytes
.
.
--------------------------\\\ End Report Of Of HijackThis ---------------
.
.
.
.
--------------------------\\\ Start Report Of Running Processes ---------------
.
==================================================
Process Name : smss.exe
ProcessID : 1544
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows NT Session Manager
Company : Microsoft Corporation
Window Title :
File Size : 50,688
File Created Date : 18/06/1425 12:56:30 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\smss.exe
Base Address : 0x48580000
Created On : 05/12/1429 04:29:51 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 124 K
Mem Usage Peak : 476 K
Page Faults : 218
Pagefile Usage : 168 K
Pagefile Peak Usage : 1668 K
File Attributes : A
==================================================

==================================================
Process Name : csrss.exe
ProcessID : 812
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Client Server Runtime Process
Company : Microsoft Corporation
Window Title :
File Size : 6,144
File Created Date : 18/06/1425 12:56:08 ص
File Modified Date : 08/04/1429 03:59:49 م
Filename : C:\WINDOWS\system32\csrss.exe
Base Address : 0x4A680000
Created On : 05/12/1429 04:30:13 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 5096 K
Mem Usage Peak : 5688 K
Page Faults : 9777
Pagefile Usage : 7788 K
Pagefile Peak Usage : 7800 K
File Attributes : A
==================================================

==================================================
Process Name : winlogon.exe
ProcessID : 892
Priority : High
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : Windows NT Logon Application
Company : Microsoft Corporation
Window Title :
File Size : 506,880
File Created Date : 18/06/1425 12:56:36 ص
File Modified Date : 08/04/1429 04:00:06 م
Filename : C:\WINDOWS\system32\winlogon.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:14 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2452 K
Mem Usage Peak : 16488 K
Page Faults : 7654
Pagefile Usage : 6880 K
Pagefile Peak Usage : 10212 K
File Attributes : A
==================================================

==================================================
Process Name : services.exe
ProcessID : 996
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : ‎‎Services and Controller app
Company : Microsoft Corporation
Window Title :
File Size : 108,544
File Created Date : 18/06/1425 12:56:30 ص
File Modified Date : 08/04/1429 04:00:02 م
Filename : C:\WINDOWS\system32\services.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1672 K
Mem Usage Peak : 3788 K
Page Faults : 3469
Pagefile Usage : 1820 K
Pagefile Peak Usage : 2372 K
File Attributes : A
==================================================

==================================================
Process Name : lsass.exe
ProcessID : 1008
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2113)
Description : LSA Shell (Export Version)
Company : Microsoft Corporation
Window Title :
File Size : 13,312
File Created Date : 18/06/1425 12:56:18 ص
File Modified Date : 08/04/1429 03:59:55 م
Filename : C:\WINDOWS\system32\lsass.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1592 K
Mem Usage Peak : 6200 K
Page Faults : 4260
Pagefile Usage : 3948 K
Pagefile Peak Usage : 4256 K
File Attributes : A
==================================================

==================================================
Process Name : Ati2evxx.exe
ProcessID : 1208
Priority : Normal
Product Name : ATI External Event Utility for Windows
Version : 6.14.10.4207
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 573,440
File Created Date : 24/06/1428 10:32:57 م
File Modified Date : 19/08/1429 02:05:57 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1504 K
Mem Usage Peak : 3360 K
Page Faults : 888
Pagefile Usage : 1980 K
Pagefile Peak Usage : 1980 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1228
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:15 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2316 K
Mem Usage Peak : 5252 K
Page Faults : 1540
Pagefile Usage : 3268 K
Pagefile Peak Usage : 23584 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1408
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1784 K
Mem Usage Peak : 4460 K
Page Faults : 1296
Pagefile Usage : 1932 K
Pagefile Peak Usage : 2072 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1532
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 10648 K
Mem Usage Peak : 30256 K
Page Faults : 14995
Pagefile Usage : 18172 K
Pagefile Peak Usage : 26732 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 1796
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 2740 K
Mem Usage Peak : 6664 K
Page Faults : 1839
Pagefile Usage : 4920 K
Pagefile Peak Usage : 5224 K
File Attributes : A
==================================================

==================================================
Process Name : Ati2evxx.exe
ProcessID : 1928
Priority : Normal
Product Name : ATI External Event Utility for Windows
Version : 6.14.10.4207
Description : ATI External Event Utility EXE Module
Company : ATI Technologies Inc.
Window Title :
File Size : 573,440
File Created Date : 24/06/1428 10:32:57 م
File Modified Date : 19/08/1429 02:05:57 ص
Filename : C:\WINDOWS\system32\Ati2evxx.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1612 K
Mem Usage Peak : 3820 K
Page Faults : 1008
Pagefile Usage : 2172 K
Pagefile Peak Usage : 2208 K
File Attributes : A
==================================================

==================================================
Process Name : spoolsv.exe
ProcessID : 2032
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Spooler SubSystem App
Company : Microsoft Corporation
Window Title :
File Size : 57,856
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\spoolsv.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:16 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 2080 K
Mem Usage Peak : 5740 K
Page Faults : 2927
Pagefile Usage : 3884 K
Pagefile Peak Usage : 4040 K
File Attributes : A
==================================================

==================================================
Process Name : Explorer.EXE
ProcessID : 1636
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 6.00.2900.5512 (xpsp.080413-2105)
Description : Windows Explorer
Company : Microsoft Corporation
Window Title : Program Manager
File Size : 1,031,168
File Created Date : 18/06/1425 12:56:12 ص
File Modified Date : 08/04/1429 03:59:52 م
Filename : C:\WINDOWS\Explorer.EXE
Base Address : 0x01000000
Created On : 05/12/1429 04:30:21 م
Visible Windows : 2
Hidden Windows : 26
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 17380 K
Mem Usage Peak : 38896 K
Page Faults : 41508
Pagefile Usage : 24520 K
Pagefile Peak Usage : 28228 K
File Attributes : A
==================================================

==================================================
Process Name : realsched.exe
ProcessID : 204
Priority : Normal
Product Name : RealPlayer (32-bit)
Version : 0.1.1.68
Description : RealNetworks Scheduler
Company : RealNetworks, Inc.
Window Title :
File Size : 185,872
File Created Date : 12/10/1429 05:19:54 م
File Modified Date : 02/11/1429 06:13:01 م
Filename : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 2
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 216 K
Mem Usage Peak : 3048 K
Page Faults : 7801
Pagefile Usage : 1072 K
Pagefile Peak Usage : 1260 K
File Attributes : A
==================================================

==================================================
Process Name : ctfmon.exe
ProcessID : 272
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2105)
Description : CTF Loader
Company : Microsoft Corporation
Window Title :
File Size : 15,360
File Created Date : 18/06/1425 12:56:08 ص
File Modified Date : 08/04/1429 03:59:49 م
Filename : C:\WINDOWS\system32\ctfmon.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 5
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 1680 K
Mem Usage Peak : 3340 K
Page Faults : 973
Pagefile Usage : 968 K
Pagefile Peak Usage : 976 K
File Attributes : A
==================================================

==================================================
Process Name : IDMan.exe
ProcessID : 312
Priority : Normal
Product Name : Internet Download Manager (IDM)
Version : 5, 0, 2, 14
Description : Internet Download Manager Application (IDM)
Company : Internet Download Manager Corp., Tonec Inc.
Window Title : Internet Download Manager 5.02
File Size : 817,896
File Created Date : 28/10/1429 11:35:04 ص
File Modified Date : 01/04/1427 08:53:54 ص
Filename : C:\Program Files\Internet Download Manager\IDMan.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 1
Hidden Windows : 6
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6272 K
Mem Usage Peak : 14132 K
Page Faults : 8662
Pagefile Usage : 8656 K
Pagefile Peak Usage : 10228 K
File Attributes : A
==================================================

==================================================
Process Name : PCSuite.exe
ProcessID : 336
Priority : Normal
Product Name : PC Suite
Version : 7, 0, 41, 14
Description : Nokia Launch Application
Company : Nokia
Window Title :
File Size : 1,124,352
File Created Date : 02/10/1429 04:00:38 ص
File Modified Date : 02/10/1429 04:00:38 ص
Filename : C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:23 م
Visible Windows : 0
Hidden Windows : 6
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 5400 K
Mem Usage Peak : 23964 K
Page Faults : 8806
Pagefile Usage : 11404 K
Pagefile Peak Usage : 11556 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 804
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 3156 K
Mem Usage Peak : 6036 K
Page Faults : 2293
Pagefile Usage : 2980 K
Pagefile Peak Usage : 3460 K
File Attributes : A
==================================================

==================================================
Process Name : InCDsrv.exe
ProcessID : 852
Priority : Normal
Product Name : Nero AG incdsrv
Version : 5, 5, 3, 0
Description : incdsrv
Company : Nero AG
Window Title :
File Size : 1,552,680
File Created Date : 10/06/1428 05:47:12 ص
File Modified Date : 10/06/1428 05:47:12 ص
Filename : C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 4132 K
Mem Usage Peak : 5224 K
Page Faults : 1377
Pagefile Usage : 2396 K
Pagefile Peak Usage : 2452 K
File Attributes : A
==================================================

==================================================
Process Name : jqs.exe
ProcessID : 692
Priority : Low
Product Name : Java(TM) Platform SE 6 U10
Version : 6.0.100.33
Description : Java(TM) Quick Starter Service
Company : Sun Microsystems, Inc.
Window Title :
File Size : 152,984
File Created Date : 23/10/1429 01:24:24 م
File Modified Date : 24/10/1429 12:35:16 ص
Filename : C:\Program Files\Java\jre6\bin\jqs.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1380 K
Mem Usage Peak : 16892 K
Page Faults : 536614
Pagefile Usage : 2504 K
Pagefile Peak Usage : 2704 K
File Attributes : A
==================================================

==================================================
Process Name : LSSrvc.exe
ProcessID : 1280
Priority : Normal
Product Name : LightScribe
Version : 1.10.13.1
Description : LightScribe Service
Company : Hewlett-Packard Company
Window Title :
File Size : 79,136
File Created Date : 10/08/1428 02:40:48 م
File Modified Date : 10/08/1428 02:40:48 م
Filename : C:\Program Files\Common Files\LightScribe\LSSrvc.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 740 K
Mem Usage Peak : 2740 K
Page Faults : 700
Pagefile Usage : 772 K
Pagefile Peak Usage : 772 K
File Attributes :
==================================================

==================================================
Process Name : MDM.EXE
ProcessID : 1332
Priority : Normal
Product Name : Microsoft® Visual Studio .NET
Version : 7.00.9466
Description : Machine Debug Manager
Company : Microsoft Corporation
Window Title :
File Size : 322,120
File Created Date : 19/04/1424 08:25:00 م
File Modified Date : 19/04/1424 08:25:00 م
Filename : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
Base Address : 0x00400000
Created On : 05/12/1429 04:30:27 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1284 K
Mem Usage Peak : 2960 K
Page Faults : 841
Pagefile Usage : 1024 K
Pagefile Peak Usage : 1040 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 172
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1168 K
Mem Usage Peak : 2996 K
Page Faults : 784
Pagefile Usage : 1096 K
Pagefile Peak Usage : 1096 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 292
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 1136 K
Mem Usage Peak : 2972 K
Page Faults : 778
Pagefile Usage : 1092 K
Pagefile Peak Usage : 1092 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 420
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\system32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1372 K
Mem Usage Peak : 4548 K
Page Faults : 1239
Pagefile Usage : 2492 K
Pagefile Peak Usage : 2628 K
File Attributes : A
==================================================

==================================================
Process Name : TUProgSt.exe
ProcessID : 192
Priority : Normal
Product Name : TuneUp Utilities
Version : 8.0.1100.0
Description : TuneUp Program Statistics Service
Company : TuneUp Software
Window Title :
File Size : 603,904
File Created Date : 24/11/1429 10:00:20 م
File Modified Date : 24/11/1429 10:00:20 م
Filename : C:\WINDOWS\System32\TUProgSt.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1660 K
Mem Usage Peak : 2828 K
Page Faults : 4844
Pagefile Usage : 1040 K
Pagefile Peak Usage : 1040 K
File Attributes : A
==================================================

==================================================
Process Name : wdfmgr.exe
ProcessID : 1628
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.2.3790.1230 built by: DNSRV(bld4act)
Description : Windows User Mode Driver Manager
Company : Microsoft Corporation
Window Title :
File Size : 38,912
File Created Date : 24/06/1425 07:05:14 م
File Modified Date : 24/06/1425 07:05:14 م
Filename : C:\WINDOWS\system32\wdfmgr.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:30 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 696 K
Mem Usage Peak : 1880 K
Page Faults : 473
Pagefile Usage : 1616 K
Pagefile Peak Usage : 1648 K
File Attributes : A
==================================================

==================================================
Process Name : ServiceLayer.exe
ProcessID : 2748
Priority : Normal
Product Name : PC Connectivity Solution
Version : 7, 0, 13, 0
Description : ServiceLayer Module
Company : Nokia.
Window Title :
File Size : 575,488
File Created Date : 05/08/1429 08:17:30 ص
File Modified Date : 05/08/1429 08:17:30 ص
Filename : C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:37 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1584 K
Mem Usage Peak : 4476 K
Page Faults : 1165
Pagefile Usage : 1304 K
Pagefile Peak Usage : 1320 K
File Attributes : A
==================================================

==================================================
Process Name : NclUSBSrv.exe
ProcessID : 3212
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 5, 0
Description : NclUSBSrv Application
Company :
Window Title :
File Size : 130,560
File Created Date : 03/08/1429 11:11:04 ص
File Modified Date : 03/08/1429 11:11:04 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:30:40 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1216 K
Mem Usage Peak : 2576 K
Page Faults : 1265
Pagefile Usage : 1740 K
Pagefile Peak Usage : 1784 K
File Attributes : A
==================================================

==================================================
Process Name : alg.exe
ProcessID : 3560
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-0852)
Description : Application Layer Gateway Service
Company : Microsoft Corporation
Window Title :
File Size : 44,544
File Created Date : 18/06/1425 12:56:04 ص
File Modified Date : 08/04/1429 03:59:46 م
Filename : C:\WINDOWS\System32\alg.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:30:41 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 856 K
Mem Usage Peak : 3292 K
Page Faults : 861
Pagefile Usage : 1156 K
Pagefile Peak Usage : 1168 K
File Attributes : A
==================================================

==================================================
Process Name : NclRSSrv.exe
ProcessID : 3892
Priority : High
Product Name : PC Connectivity Solution
Version : 7, 0, 1, 0
Description : NclRSSrv Application
Company :
Window Title :
File Size : 120,320
File Created Date : 03/08/1429 11:10:58 ص
File Modified Date : 03/08/1429 11:10:58 ص
Filename : C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:31:04 م
Visible Windows : 0
Hidden Windows : 2
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 880 K
Mem Usage Peak : 2152 K
Page Faults : 553
Pagefile Usage : 684 K
Pagefile Peak Usage : 684 K
File Attributes : A
==================================================

==================================================
Process Name : svchost.exe
ProcessID : 2052
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Generic Host Process for Win32 Services
Company : Microsoft Corporation
Window Title :
File Size : 14,336
File Created Date : 18/06/1425 12:56:32 ص
File Modified Date : 08/04/1429 04:00:03 م
Filename : C:\WINDOWS\System32\svchost.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:31:07 م
Visible Windows : 0
Hidden Windows : 0
User Name : NT AUTHORITY\SYSTEM
Mem Usage : 1312 K
Mem Usage Peak : 3544 K
Page Faults : 928
Pagefile Usage : 1668 K
Pagefile Peak Usage : 1692 K
File Attributes : A
==================================================

==================================================
Process Name : firefox.exe
ProcessID : 400
Priority : Normal
Product Name : Firefox
Version : 1.9.0.4
Description : Firefox
Company : Mozilla Corporation
Window Title : جهازي وتقرير كمبوفيكس - الصفحة 2 - زيزوووم للأمن والحمايه - موزيلا فايرفوكس
File Size : 307,712
File Created Date : 26/11/1429 09:43:18 م
File Modified Date : 02/11/1429 09:05:47 م
Filename : C:\Program Files\Mozilla Firefox\firefox.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:35:14 م
Visible Windows : 1
Hidden Windows : 22
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 59468 K
Mem Usage Peak : 91592 K
Page Faults : 202873
Pagefile Usage : 81264 K
Pagefile Peak Usage : 83196 K
File Attributes : A
==================================================

==================================================
Process Name : IEXPLORE.EXE
ProcessID : 1680
Priority : Normal
Product Name : Windows® Internet Explorer
Version : 7.00.6000.16735 (vista_gdr.080820-1506)
Description : Internet Explorer
Company : Microsoft Corporation
Window Title : جهازي وتقرير كمبوفيكس - الصفحة 2 - زيزوووم للأمن والحمايه#post651472 - Windows Internet Explorer
File Size : 635,848
File Created Date : 24/09/1420 09:00:00 م
File Modified Date : 21/08/1429 05:56:15 ص
Filename : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Base Address : 0x00400000
Created On : 05/12/1429 04:50:49 م
Visible Windows : 2
Hidden Windows : 37
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6332 K
Mem Usage Peak : 47072 K
Page Faults : 20358
Pagefile Usage : 33488 K
Pagefile Peak Usage : 34768 K
File Attributes :
==================================================

==================================================
Process Name : WLLoginProxy.exe
ProcessID : 2160
Priority : Normal
Product Name : Microsoft® Windows Live Login Helper
Version : 5.000.744.4
Description : WLLoginProxy.exe
Company : Microsoft Corporation
Window Title :
File Size : 120,384
File Created Date : 15/02/1429 12:30:38 م
File Modified Date : 15/02/1429 12:30:38 م
Filename : C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6212 K
Mem Usage Peak : 8064 K
Page Faults : 2157
Pagefile Usage : 4444 K
Pagefile Peak Usage : 4496 K
File Attributes : A
==================================================

==================================================
Process Name : wltuser.exe
ProcessID : 3160
Priority : Normal
Product Name : Windows Live Toolbar Beta
Version : 14.0.5023.0902
Description : Windows Live Toolbar Beta User Elevation Helper
Company : Microsoft Corporation
Window Title :
File Size : 134,160
File Created Date : 02/09/1429 06:13:38 م
File Modified Date : 02/09/1429 06:13:38 م
Filename : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:50:52 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 6000 K
Mem Usage Peak : 7412 K
Page Faults : 2093
Pagefile Usage : 2260 K
Pagefile Peak Usage : 2356 K
File Attributes : A
==================================================

==================================================
Process Name : wmiprvse.exe
ProcessID : 3924
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2108)
Description : WMI
Company : Microsoft Corporation
Window Title :
File Size : 218,112
File Created Date : 24/06/1428 11:13:57 م
File Modified Date : 08/04/1429 04:00:06 م
Filename : C:\WINDOWS\system32\wbem\wmiprvse.exe
Base Address : 0x01000000
Created On : 05/12/1429 04:55:35 م
Visible Windows : 0
Hidden Windows : 0
User Name :
Mem Usage : 5760 K
Mem Usage Peak : 5760 K
Page Faults : 1474
Pagefile Usage : 2976 K
Pagefile Peak Usage : 2976 K
File Attributes : A
==================================================

==================================================
Process Name : runn.exe
ProcessID : 3288
Priority : Normal
Product Name :
Version :
Description :
Company :
Window Title :
File Size : 71,680
File Created Date : 05/12/1429 01:55:29 م
File Modified Date : 23/01/1429 10:24:25 م
Filename : C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\runn.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:56:24 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2100 K
Mem Usage Peak : 2116 K
Page Faults : 638
Pagefile Usage : 612 K
Pagefile Peak Usage : 700 K
File Attributes : A
==================================================

==================================================
Process Name : cmd.exe
ProcessID : 3528
Priority : Normal
Product Name : Microsoft® Windows® Operating System
Version : 5.1.2600.5512 (xpsp.080413-2111)
Description : Windows Command Processor
Company : Microsoft Corporation
Window Title :
File Size : 389,120
File Created Date : 18/06/1425 12:56:06 ص
File Modified Date : 08/04/1429 03:59:48 م
Filename : C:\WINDOWS\system32\cmd.exe
Base Address : 0x4AD00000
Created On : 05/12/1429 04:56:25 م
Visible Windows : 0
Hidden Windows : 1
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2920 K
Mem Usage Peak : 2984 K
Page Faults : 840
Pagefile Usage : 2076 K
Pagefile Peak Usage : 2152 K
File Attributes : A
==================================================

==================================================
Process Name : CProcess.exe
ProcessID : 560
Priority : Normal
Product Name : CurrProcess
Version : 1.11
Description : CurrProcess
Company : NirSoft
Window Title :
File Size : 35,840
File Created Date : 05/12/1429 01:55:29 م
File Modified Date : 08/06/1426 04:46:34 ص
Filename : C:\DOCUME~1\SAUDIC~1\LOCALS~1\Temp\bntoz\CProcess.exe
Base Address : 0x00400000
Created On : 05/12/1429 04:56:26 م
Visible Windows : 0
Hidden Windows : 0
User Name : ATHEER2-A639511\SaUdI CaFfe
Mem Usage : 2200 K
Mem Usage Peak : 2244 K
Page Faults : 949
Pagefile Usage : 888 K
Pagefile Peak Usage : 944 K
File Attributes : A
==================================================

.
.
--------------------------\\\ End Report Of Running Processes ---------------
.
.
.
.
--------------------------\\\ Windows XP Startup List ---------------
.

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
autocheck autochk *
autocheck autochk *
Auto Check Utility
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\autochk.exe

HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
rdpclip
rdpclip
RDP Clip Monitor
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\rdpclip.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
Userinit Logon Application
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\userinit.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Explorer.exe
Explorer.exe
Windows Explorer
Microsoft Corporation
6.00.2900.5512
c:\windows\explorer.exe

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
RealNetworks Scheduler
RealNetworks, Inc.
0.01.0001.0068
c:\program files\common files\real\update_ob\realsched.exe
QuickTime Task
"C:\Program Files\QuickTime\qttask.exe" -atboottime
QuickTime Task
Apple Inc.
7.55.0090.0070
c:\program files\quicktime\qttask.exe
AVP
"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
Kaspersky Anti-Virus
Kaspersky Lab
8.00.0000.0506
c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
CTF Loader
Microsoft Corporation
5.01.2600.5512
c:\windows\system32\ctfmon.exe
IDMan
C:\Program Files\Internet Download Manager\IDMan.exe /onboot
Internet Download Manager Application (IDM)
Internet Download Manager Corp., Tonec Inc.
5.00.0002.0014
c:\program files\internet download manager\idman.exe
PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
Nokia Launch Application
Nokia
7.00.0041.0014
c:\program files\nokia\nokia pc suite 7\pcsuite.exe

Task Scheduler
AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
Apple Software Update
Apple Inc.
2.01.0001.0116
c:\program files\apple software update\softwareupdate.exe
.
.
----------- End Report ---------------
 
توقيع : Mr.SaUdI
حدد القيم التالية واحذفها

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

طريقة الحذف

mg%20(3).png


mg%20(4).png


بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود


ثم نزل هذه الاداة واتبع الشرح التالي





التوافق : ويندوز اكسبيفقط


شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة


002.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

 
اخوي ماكس بعد اعادة التشغيل اعطاني خطأ وش اختار وش اسوي

بإنتظاارك

zyzoom-f8d98cb10a.jpg
 
توقيع : Mr.SaUdI
اخوي ماكس جزاك الله خيررر الان انتهيت


بعد ما انتهيت من الاداهـ الاخيرهـ رحت على برنامج التون آب لقيت عندي 30 خطأ بالريجستر حذفتهم
والحمدلله الجهاااز بالنسبه عن اول يفرق كثير ..

تبي ارفع لك تقارير اخوي ماااكس

بإنتظارك
 
توقيع : Mr.SaUdI
جزاك الله خير وماقصرت ..

بارك الله فيك اخوي مآكس

تقبل اعتزازي

وودي واحترامي
 
توقيع : Mr.SaUdI
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى