تحليل تقرير

mehrez02 · 8 ديسمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:45:13, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\bujwnn.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: TBSB04001 - {64207EDA-AEDB-4C28-B1F9-D48763A056A7} - C:\Program Files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Bramjnet Toolbar - {BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - C:\Program Files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] bujwnn.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [Microsoft Update Machine] bujwnn.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Microsoft Update Machine] bujwnn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Bramjnet Toolbar - {BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - C:\Program Files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
O9 - Extra 'Tools' menuitem: Bramjnet Toolbar - {BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - C:\Program Files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7378 bytes

mehrez02 · 8 ديسمبر 2008

ماذا افعل

المانسي · 8 ديسمبر 2008

عذرا بنقل الموضوع الى القسم المناسب

Corporation · 8 ديسمبر 2008

أخوي الكريم

هل تعاني من مشكلة ما ( فيرسات أخطآء في الرجستري نوآفذ لا تفتح آلخ .. )

أذآ كنت كذلك أعمل الآتي

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

بعد التقرير

روح أخذف هذه القيم

O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [Microsoft Update Machine] bujwnn.exe

O4 - HKLM\..\RunServices: [Microsoft Update Machine] bujwnn.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\RunOnce: [nLite] %systemroot%\inf\nlite.cmd (User 'SERVICE RÉSEAU')

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

طريقة الحذف

وبذلك تكون تمت عملية الحذف

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبي فقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

واذا لم تنتهى المشكله

اعمل تقرير ثانى للهايجاك

k:

mehrez02 · 8 ديسمبر 2008

ComboFix 08-12-07.01 - Administrateur 2008-12-08 15:20:40.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.192 [GMT 1:00]
LancÚ depuis: c:\documents and settings\Administrateur\Mes documents\Downloads\Programs\ComboFix.exe
* Un nouveau point de restauration a ÚtÚ crÚÚ
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\IEToolbar
c:\program files\IEToolbar\Bramjnet Toolbar\_GadgetTJ6.html
c:\program files\IEToolbar\Bramjnet Toolbar\11.bmp
c:\program files\IEToolbar\Bramjnet Toolbar\11.bmp_14.bmp
c:\program files\IEToolbar\Bramjnet Toolbar\alexa.jpg
c:\program files\IEToolbar\Bramjnet Toolbar\basis.xml
c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.crc
c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
c:\program files\IEToolbar\Bramjnet Toolbar\comp.gif
c:\program files\IEToolbar\Bramjnet Toolbar\comp.jpg
c:\program files\IEToolbar\Bramjnet Toolbar\comp1.jpg
c:\program files\IEToolbar\Bramjnet Toolbar\favicon.ico
c:\program files\IEToolbar\Bramjnet Toolbar\icons.bmp
c:\program files\IEToolbar\Bramjnet Toolbar\info.txt
c:\program files\IEToolbar\Bramjnet Toolbar\logo.bmp
c:\program files\IEToolbar\Bramjnet Toolbar\logo.jpg
c:\program files\IEToolbar\Bramjnet Toolbar\newthread.gif
c:\program files\IEToolbar\Bramjnet Toolbar\radio.css
c:\program files\IEToolbar\Bramjnet Toolbar\radio.html
c:\program files\IEToolbar\Bramjnet Toolbar\radio_01.gif
c:\program files\IEToolbar\Bramjnet Toolbar\radio_02.gif
c:\program files\IEToolbar\Bramjnet Toolbar\radio_03.gif
c:\program files\IEToolbar\Bramjnet Toolbar\radio_on_01.gif
c:\program files\IEToolbar\Bramjnet Toolbar\radio_on_02.gif
c:\program files\IEToolbar\Bramjnet Toolbar\split.gif
c:\program files\IEToolbar\Bramjnet Toolbar\spliton.gif
c:\program files\IEToolbar\Bramjnet Toolbar\splitw.gif
c:\program files\IEToolbar\Bramjnet Toolbar\splitwon.gif
c:\program files\IEToolbar\Bramjnet Toolbar\stations.dll
c:\program files\IEToolbar\Bramjnet Toolbar\stations.js
c:\program files\IEToolbar\Bramjnet Toolbar\stations.xml
c:\program files\IEToolbar\Bramjnet Toolbar\tbhelper.dll
c:\program files\IEToolbar\Bramjnet Toolbar\tbs_include_script_004131.js
c:\program files\IEToolbar\Bramjnet Toolbar\uninstall.exe
c:\program files\IEToolbar\Bramjnet Toolbar\update.exe
c:\program files\IEToolbar\Bramjnet Toolbar\version.txt
c:\program files\IEToolbar\Bramjnet Toolbar\vol.gif
c:\program files\IEToolbar\Bramjnet Toolbar\volbg.gif
c:\program files\IEToolbar\Bramjnet Toolbar\webfilter.html
c:\program files\IEToolbar\Bramjnet Toolbar\webfilter_plugin.dll
c:\program files\IEToolbar\Bramjnet Toolbar\your_logo.png

.
((((((((((((((((((((((((((((( Fichiers crÚÚs du 2008-11-08 au 2008-12-08 ))))))))))))))))))))))))))))))))))))
.

2008-12-08 13:29 . 2008-12-08 13:29 <REP> d-------- c:\program files\Windows Defender
2008-12-08 12:51 . 2008-12-08 12:51 <REP> d-------- c:\windows\LastGood
2008-12-08 12:49 . 2008-12-08 12:49 <REP> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-08 12:22 . 2008-12-08 12:33 <REP> d-------- c:\program files\ma-config.com
2008-12-08 12:22 . 2008-12-08 12:33 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2008-12-08 11:41 . 2008-12-08 11:41 <REP> d-------- c:\program files\Trend Micro
2008-12-07 22:11 . 2005-07-08 14:44 159,616 --a------ c:\windows\system32\drivers\vax347b.sys
2008-12-07 22:11 . 2004-04-30 09:33 5,248 --a------ c:\windows\system32\drivers\vax347s.sys
2008-12-07 21:43 . 2008-12-07 21:43 <REP> d-------- c:\program files\Alcohol Soft
2008-12-07 16:41 . 2008-12-07 16:57 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2008-12-07 16:00 . 2008-12-07 16:00 <REP> d-------- c:\program files\Fichiers communs\xing shared
2008-12-07 15:46 . 2008-12-07 15:46 <REP> d-------- c:\program files\??????? ???????? ?? Microsoft
2008-12-06 15:29 . 2008-12-06 19:04 39 --a------ c:\windows\Irremote.ini
2008-12-06 15:06 . 2008-12-06 19:05 <REP> d-------- c:\program files\Nero
2008-12-06 15:05 . 2008-12-06 19:28 <REP> d-------- c:\program files\Fichiers communs\Nero
2008-12-06 15:05 . 2008-12-06 19:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Nero
2008-12-06 14:42 . 2008-12-06 14:42 1,536 --a------ c:\windows\system32\bcevent.dll
2008-12-06 14:31 . 2008-12-06 16:33 <REP> d-------- c:\documents and settings\Administrateur\Application Data\skypePM
2008-12-06 14:31 . 2008-12-06 14:31 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-12-06 14:22 . 2008-12-06 19:28 <REP> d-------- c:\documents and settings\All Users\Application Data\Skype
2008-12-05 21:55 . 2008-12-05 21:55 <REP> d-------- c:\documents and settings\Administrateur\Application Data\vlc
2008-12-05 20:46 . 2008-12-05 20:46 <REP> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2
2008-12-05 20:12 . 2008-12-05 20:12 <REP> d-------- c:\program files\VideoLAN
2008-12-05 14:33 . 2008-12-05 14:33 <REP> d-------- c:\documents and settings\All Users\Application Data\Winferno
2008-12-05 14:29 . 2006-07-24 08:56 212,240 --a------ c:\windows\system32\Richtx32.ocx
2008-12-02 19:25 . 2008-12-06 19:30 <REP> d-------- c:\program files\ALLPlayer
2008-11-30 18:06 . 2008-11-30 18:07 <REP> d-------- c:\program files\CCleaner
2008-11-30 13:26 . 2008-11-30 13:26 <REP> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-11-28 17:56 . 2008-12-06 16:00 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Nero
2008-11-28 15:14 . 2008-11-28 15:14 <REP> d-------- c:\program files\Real Alternative
2008-11-28 15:12 . 2008-11-28 15:12 <REP> d-------- c:\documents and settings\Administrateur\Application Data\BWMonitor
2008-11-26 19:46 . 2008-11-26 19:46 <REP> d-------- c:\documents and settings\All Users\Application Data\GRETECH
2008-11-26 19:46 . 2008-11-26 19:46 <REP> d-------- c:\documents and settings\Administrateur\Application Data\GRETECH
2008-11-26 19:45 . 2008-11-26 19:45 <REP> d-------- c:\program files\GRETECH
2008-11-26 19:45 . 2008-11-26 19:46 <REP> d-------- c:\program files\Google
2008-11-26 19:44 . 2008-11-26 19:45 <REP> d-------- c:\program files\DivX
2008-11-25 21:40 . 2008-01-10 13:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2008-11-25 21:40 . 2008-01-10 13:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2008-11-25 21:37 . 2003-06-23 02:44 1,415,680 --a------ c:\windows\system32\wmv9vcm.dll
2008-11-25 21:37 . 2003-08-29 00:55 423,424 --a------ c:\windows\system32\WMAVDS32.ax
2008-11-25 21:37 . 2001-05-16 16:54 309,616 --a------ c:\windows\system32\wmv8dmod.dll
2008-11-25 21:37 . 2001-03-26 03:41 245,760 --a------ c:\windows\system32\mp4sds32.ax
2008-11-25 19:41 . 2000-05-22 00:00 244,416 --a------ c:\windows\system32\calctrl.OCX
2008-11-25 19:12 . 2008-11-25 19:12 <REP> d-------- c:\windows\ARK
2008-11-25 19:12 . 2005-11-15 09:40 102,400 --a------ c:\windows\removeark.exe
2008-11-25 19:12 . 2005-07-12 14:12 86,016 --a------ c:\windows\removearkold.exe1
2008-11-25 19:12 . 2006-07-17 02:53 30,368 -ra------ c:\windows\system32\drivers\usb2vcom.sys
2008-11-25 18:51 . 2008-11-26 19:09 <REP> d-------- c:\program files\MOBILedit!
2008-11-24 20:57 . 2008-11-24 20:57 <REP> d-------- c:\windows\system32\LogFiles
2008-11-24 20:11 . 2008-11-24 20:57 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Babylon
2008-11-24 20:03 . 2008-11-24 20:59 <REP> d-------- c:\documents and settings\user\Modèles
2008-11-24 20:03 . 2008-11-24 20:59 <REP> d-------- c:\documents and settings\user\Favoris
2008-11-24 20:03 . 2008-11-24 20:59 <REP> d---s---- c:\documents and settings\user
2008-11-24 19:53 . 2008-11-24 19:53 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Apple Computer
2008-11-24 19:45 . 2008-11-24 19:45 <REP> d-------- c:\program files\Fichiers communs\Apple
2008-11-24 19:44 . 2008-11-24 20:59 <REP> d-------- c:\program files\QuickTime
2008-11-24 19:44 . 2008-11-24 20:59 <REP> d-------- c:\program files\Apple Software Update
2008-11-20 17:55 . 2008-11-20 17:55 <REP> d-------- c:\documents and settings\Administrateur\Application Data\IndexEducation
2008-11-17 18:23 . 2008-11-24 20:58 <REP> d-------- c:\program files\Windows Media Connect 2
2008-11-17 18:21 . 2008-11-24 20:58 <REP> d-------- c:\windows\system32\drivers\UMDF
2008-11-14 17:52 . 2008-11-14 17:52 <REP> d-------- c:\documents and settings\Administrateur\Application Data\TuneUp Software
2008-11-14 17:51 . 2008-11-14 17:51 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-11-14 17:43 . 2008-11-14 17:43 3,932,214 --a------ c:\windows\BricoPack Wallpaper.bmp
2008-11-14 17:40 . 2008-11-14 17:40 <REP> d-------- c:\windows\Packs
2008-11-14 11:53 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\DllCache\mrxsmb.sys
2008-11-14 11:52 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\DllCache\msxml3.dll
2008-11-13 19:38 . 2008-11-13 19:38 <REP> d--hs---- c:\windows\ftpcache
2008-11-13 19:37 . 2008-11-13 19:37 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Globe7
2008-11-12 19:22 . 2008-11-12 19:22 <REP> d-------- c:\program files\Fichiers communs\NSV
2008-11-12 19:14 . 2008-11-12 19:14 <REP> d-------- c:\program files\Fichiers communs\Nullsoft
2008-11-09 12:58 . 2008-11-09 12:58 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Ashampoo
2008-11-09 12:44 . 2008-11-15 14:33 <REP> d-------- c:\documents and settings\Administrateur\Application Data\BSplayer PRO
2008-11-09 12:42 . 2008-11-17 19:00 69 --a------ c:\windows\NeroDigital.ini
2008-11-09 12:40 . 2008-11-09 12:40 <REP> d-------- c:\documents and settings\All Users\Application Data\Ahead
2008-11-09 12:40 . 2008-11-09 12:43 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Ahead
2008-11-09 12:33 . 2008-11-16 13:22 <REP> d-------- c:\program files\Fichiers communs\ACD Systems

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 14:22 --------- d-----w c:\documents and settings\Administrateur\Application Data\DMCache
2008-12-07 15:00 --------- d-----w c:\program files\Fichiers communs\Real
2008-12-05 20:48 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-26 17:23 --------- d-----w c:\program files\Internet Download Manager
2008-11-25 20:41 --------- d-----w c:\program files\K-Lite Codec Pack
2008-11-24 19:57 --------- d-----w c:\documents and settings\Administrateur\Application Data\DivX
2008-11-24 19:31 --------- d-----w c:\program files\Java
2008-11-23 19:15 --------- d-----w c:\documents and settings\Administrateur\Application Data\IDM
2008-11-18 20:09 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-17 10:49 --------- d-----w c:\documents and settings\Administrateur\Application Data\LimeWire
2008-11-15 13:33 --------- d-----w c:\documents and settings\Administrateur\Application Data\SlipStream
2008-11-15 08:01 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-06 18:16 --------- d-----w c:\documents and settings\Administrateur\Application Data\FairStars Audio Converter
2008-11-02 19:26 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-01 21:44 --------- d-----w c:\documents and settings\Administrateur\Application Data\MSNInstaller
2008-11-01 15:08 --------- d-----w c:\program files\MSXML 4.0
2008-11-01 13:41 --------- d-----w c:\documents and settings\Administrateur\Application Data\SoftMaker
2008-10-31 20:26 --------- d-----w c:\program files\Fichiers communs\Scanner
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll
2008-10-28 18:00 --------- d-----w c:\documents and settings\All Users\Application Data\BurstCopy Labs
2008-10-26 14:44 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2008-10-26 14:43 --------- d-----w c:\program files\MSECache
2008-10-26 13:57 --------- d-----w c:\program files\MSBuild
2008-10-26 13:57 --------- d-----w c:\program files\Microsoft Works
2008-10-25 23:03 --------- d-----w c:\documents and settings\All Users\Application Data\MSScanAppDataDir
2008-10-25 13:27 --------- d-----w c:\program files\Fichiers communs\Adobe AIR
2008-10-24 19:07 --------- d-----w c:\program files\Real
2008-10-24 13:01 --------- d-----w c:\program files\Fichiers communs\Java
2008-10-24 12:42 --------- d-----w c:\documents and settings\Administrateur\Application Data\Media Player Classic
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 17:56 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-10-23 17:45 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-10-23 16:59 --------- d-----w c:\documents and settings\Administrateur\Application Data\Talkback
2008-10-22 20:48 --------- d-----w c:\program files\Analog Devices
2008-10-22 20:42 --------- d-----w c:\program files\microsoft frontpage
2008-10-22 20:14 --------- d-----w c:\program files\Modem Helper
2008-10-22 20:14 --------- d-----w c:\program files\Broadcom
2008-10-22 20:10 --------- d-----w c:\program files\ATI Technologies
2008-10-22 20:02 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-10-22 19:59 --------- d-----w c:\program files\CONEXANT
2008-10-22 19:57 --------- d-----w c:\program files\Dell
2008-10-22 19:50 --------- d-----w c:\program files\Alwil Software
2008-10-22 19:29 --------- d-----w c:\program files\Services en ligne
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-16 00:14 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-16 00:14 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-16 00:14 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-12 10:44 206,256 ----a-w c:\windows\system32\idmmbc.dll
2008-09-10 01:15 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-04-14 02:34 358,504 --sh--r c:\windows\system32\bujwnn.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ÚlÚments vides & les ÚlÚments initiaux lÚgitimes ne sont pas listÚs
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-10-01 840704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-12-07 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5wtxx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati5xgxx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati6jgxx.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\bujwnn.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 atiide;atiide;c:\windows\system32\DRIVERS\atiide.sys [2008-10-22 3456]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-30 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-30 20560]
R2 WinDefend;Windows Defender;"c:\program files\Windows Defender\MsMpEng.exe" [2006-11-03 13592]
S0 ati5wtxx;ati5wtxx;c:\windows\system32\Drivers\ati5wtxx.sys []
S0 ati5xgxx;ati5xgxx;c:\windows\system32\Drivers\ati5xgxx.sys []
S0 ati6jgxx;ati6jgxx;c:\windows\system32\Drivers\ati6jgxx.sys []
S3 usb2vcom;USB to Serial Bridge Controller;c:\windows\system32\Drivers\usb2vcom.sys [2008-11-25 30368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0ed47c7c-a783-11dd-ac03-00188b8feb0e}]
\Shell\AutoRun\command - v.com
\Shell\explore\Command - v.com
\Shell\open\Command - v.com

*Newly Created Service* - PROCEXP90
*Newly Created Service* - WINDEFEND
.
Contenu du dossier 'TÔches planifiÚes'

2008-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe []

2008-11-28 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe []

2008-12-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2008-12-08 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{64207EDA-AEDB-4C28-B1F9-D48763A056A7} - c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
Toolbar-{BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
WebBrowser-{BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
Notify-WgaLogon - (no file)

.
------- Examen supplÚmentaire -------
.
uStart Page = hxxp://my.freeze.com/?AcquisitionID=bf0351c1-583a-4412-94b2-323f008c0081&s=&ipc=
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - {BF3888F1-D74E-4209-B923-A2C3CEE67ABE} - c:\program files\IEToolbar\Bramjnet Toolbar\bramjnet.dll
FireFox -: Profile - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\1p8hdsqb.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www./vb3/index.php
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-08 15:22:00
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachÚs ...

Recherche d'ÚlÚments en dÚmarrage automatique cachÚs ...

Recherche de fichiers cachÚs ...

Scan terminÚ avec succÞs
Fichiers cachÚs: 0

**************************************************************************
.
Heure de fin: 2008-12-08 15:22:36
ComboFix-quarantined-files.txt 2008-12-08 14:22:33

Avant-CF: 107 796 242 432 octets libres
AprÞs-CF: 109,752,053,760 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

310 --- E O F --- 2008-12-05 19:54:18

Corporation · 8 ديسمبر 2008

أخوي بعد حذفك للقيم

سوي تقرير هاي جآك جديد

للنظر فيه

mehrez02 · 8 ديسمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:45:14, on 08/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\Administrateur\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\Administrateur\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 6613 bytes

Corporation · 8 ديسمبر 2008

التقرير سليم أخوي

وكل عام وأنت بخير

mehrez02 · 8 ديسمبر 2008

شكراا و كل عام وانت بخير كذلك

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم

تفعيل اخر اصدار من برنامج عملاق تجميد النظام Faronics Deep Freeze Standard 9.0.20.5760

تحليل تقرير

mehrez02

زيزوومي نشيط

mehrez02

زيزوومي نشيط

المانسي

عضو شرف

Corporation

زيزوومى فضى

توقيع : Corporation

mehrez02

زيزوومي نشيط

Corporation

زيزوومى فضى

توقيع : Corporation

mehrez02

زيزوومي نشيط

Corporation

زيزوومى فضى

توقيع : Corporation

mehrez02

زيزوومي نشيط

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومي نشيط

زيزوومي نشيط

عضو شرف

زيزوومى فضى

توقيع : Corporation

زيزوومي نشيط

زيزوومى فضى

توقيع : Corporation

زيزوومي نشيط

زيزوومى فضى

توقيع : Corporation

زيزوومي نشيط

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم