ههههههه الحقوني وشوفو وش طلع على سطح المكتب عاجل

حامد زيد · 11 ديسمبر 2008

ومارضى يروح الا يوم اعدت التشغيل

من شو هالسالفه :y:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

KoNaMi · 11 ديسمبر 2008

حياك اخوي

اعمل تقرير هايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

moustakhdem · 11 ديسمبر 2008

أخي الكريم يبدو أن المشكلة سببها برنامج يدعى ares
مع أني لا أدري ما هذا البرنامج
لكن في حال كان لديك هذا البرنامج احذفه كي لا تعود المشكلة للظهور

تحياتي

حامد زيد · 11 ديسمبر 2008

moustakhdem قال:
أخي الكريم يبدو أن المشكلة سببها برنامج يدعى ares

مع أني لا أدري ما هذا البرنامج
لكن في حال كان لديك هذا البرنامج احذفه كي لا تعود المشكلة للظهور

تحياتي

نعم يوجد هذا البرنامج

:er: بس هو نافعني وماابي احذفه

حامد زيد · 11 ديسمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:20:07 ص, on 11/12/08
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Ares\WebPro.exe
C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\cz\Desktop\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.87:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AF BHO - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - C:\Program Files\AnchorFree\bin\AFBho.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O3 - Toolbar: AFToolbar - {1F385865-F3D4-41ff-960D-7B7D0A7A72F6} - C:\Program Files\AnchorFree\bin\AFToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WinPro.exe] "C:\Program Files\Ares\WebPro.exe"
O4 - HKCU\..\Run: [AFProg] C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 11582 bytes

KoNaMi · 11 ديسمبر 2008

اخوي لما يطلعلك التقرير داخل المفكرة انسخه في ردك القادم

اعمل تقرير هايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

حامد زيد · 11 ديسمبر 2008

اوكي عدلت الرد فوق

ashalshaikh · 11 ديسمبر 2008

عذرا للتدخل :ـ

أحذف البرنامج ونصبه من جديد ,,, وإن شاء الله كل شي سيكون على ما يرام ,,

KoNaMi · 11 ديسمبر 2008

جاري التحليل.........

KoNaMi · 11 ديسمبر 2008

احذف التالي

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

طريقة الحذف

وبذلك تكون تمت عملية الحذف

بعدها حمل هذه الأدآة

استخدم هذه الاداة للتنظيف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعدين

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، انسخه والصقه بردك القادم

حامد زيد · 11 ديسمبر 2008

جاري العمل ويعكيك العافيه

حامد زيد · 11 ديسمبر 2008

ComboFix 08-12-09.03 - cz 12/11/2008 1:38:15.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1256.1.1025.18.1261 [GMT 3:00]
Running from: c:\users\cz\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Windows Live\Messenger\msimg32.dll
c:\windows\system32\KBL.LOG
.
((((((((((((((((((((((((( Files Created from 2008-11-10 to 2008-12-10 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-10 06:05 174 --sha-w c:\program files\desktop.ini
2008-12-10 06:04 --------- d-----w c:\program files\Windows Mail
2008-12-09 19:35 --------- d-----w c:\program files\P2P_Energy
2008-12-09 19:05 --------- d-----w c:\users\cz\AppData\Roaming\LimeWireTurbo
2008-12-04 18:17 --------- d-----w c:\program files\Common Files\Adobe
2008-12-03 17:46 --------- d-----w c:\users\cz\AppData\Roaming\HP
2008-12-03 17:46 --------- d-----w c:\users\cz\AppData\Roaming\CyberLink
2008-12-03 17:46 --------- d-----w c:\programdata\HP
2008-12-03 05:26 --------- d-----w c:\program files\Google
2008-12-01 18:29 --------- d-----w c:\program files\Ares
2008-12-01 17:52 --------- d-----w c:\program files\AnchorFree
2008-12-01 15:59 --------- d-----w c:\program files\Hotspot Shield
2008-12-01 00:06 707 ---ha-w C:\os848618.bin
2008-12-01 00:01 95,232 ----a-w c:\windows\System32\PortableDeviceClassExtension.dll
2008-12-01 00:01 241,152 ----a-w c:\windows\System32\PortableDeviceApi.dll
2008-12-01 00:01 160,768 ----a-w c:\windows\System32\PortableDeviceTypes.dll
2008-12-01 00:00 268,800 ----a-w c:\windows\System32\es.dll
2008-11-30 20:31 --------- d-----w c:\users\cz\AppData\Roaming\FileVOoM
2008-11-30 20:04 --------- d-----w c:\program files\Hotspot_Shield
2008-11-30 20:03 --------- d-----w c:\program files\Conduit
2008-11-30 15:24 --------- d-----w c:\programdata\Messenger Plus!
2008-11-30 14:23 --------- d-----w c:\users\cz\AppData\Roaming\Avira
2008-11-30 05:41 --------- d-----w c:\program files\Windows Sidebar
2008-11-30 05:41 --------- d-----w c:\program files\Windows Calendar
2008-11-30 05:38 61,440 ----a-w c:\windows\System32\winipsec.dll
2008-11-30 05:38 361,984 ----a-w c:\windows\System32\IPSECSVC.DLL
2008-11-30 05:38 28,672 ----a-w c:\windows\System32\FwRemoteSvr.dll
2008-11-30 05:38 272,896 ----a-w c:\windows\System32\polstore.dll
2008-11-30 05:36 194,560 ----a-w c:\windows\System32\WebClnt.dll
2008-11-30 05:36 110,080 ----a-w c:\windows\system32\drivers\mrxdav.sys
2008-11-30 05:35 428,032 ----a-w c:\windows\System32\EncDec.dll
2008-11-30 05:35 292,352 ----a-w c:\windows\System32\psisdecd.dll
2008-11-30 05:35 1,244,672 ----a-w c:\windows\System32\mcmde.dll
2008-11-30 05:34 41,984 ----a-w c:\windows\system32\drivers\monitor.sys
2008-11-30 05:34 1,060,920 ----a-w c:\windows\system32\drivers\ntfs.sys
2008-11-30 05:33 211,456 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2008-11-30 05:32 303,616 ----a-w c:\windows\System32\wmpeffects.dll
2008-11-30 05:32 2,048 ----a-w c:\windows\System32\msxml3r.dll
2008-11-30 05:32 2,027,520 ----a-w c:\windows\System32\win32k.sys
2008-11-30 05:32 1,194,496 ----a-w c:\windows\System32\msxml3.dll
2008-11-30 05:31 8,147,968 ----a-w c:\windows\System32\wmploc.DLL
2008-11-30 05:31 7,680 ----a-w c:\windows\System32\spwmp.dll
2008-11-30 05:31 4,096 ----a-w c:\windows\System32\dxmasf.dll
2008-11-30 05:31 356,864 ----a-w c:\windows\System32\MediadataHandler.dll
2008-11-30 05:29 803,328 ----a-w c:\windows\system32\drivers\tcpip.sys
2008-11-30 05:29 45,112 ----a-w c:\windows\system32\drivers\pciidex.sys
2008-11-30 05:29 24,064 ----a-w c:\windows\System32\netcfg.exe
2008-11-30 05:29 22,016 ----a-w c:\windows\System32\netiougc.exe
2008-11-30 05:29 216,632 ----a-w c:\windows\system32\drivers\netio.sys
2008-11-30 05:29 211,000 ----a-w c:\windows\system32\drivers\volsnap.sys
2008-11-30 05:29 21,560 ----a-w c:\windows\system32\drivers\atapi.sys
2008-11-30 05:29 17,464 ----a-w c:\windows\system32\drivers\intelide.sys
2008-11-30 05:29 167,424 ----a-w c:\windows\System32\tcpipcfg.dll
2008-11-30 05:29 154,624 ----a-w c:\windows\system32\drivers\nwifi.sys
2008-11-30 05:29 109,624 ----a-w c:\windows\system32\drivers\ataport.sys
2008-11-30 05:27 9,845,248 ----a-w c:\windows\System32\NlsData000a.dll
2008-11-30 05:27 797,696 ----a-w c:\windows\System32\NaturalLanguage6.dll
2008-11-30 05:27 6,917,120 ----a-w c:\windows\System32\NlsLexicons0c1a.dll
2008-11-30 05:27 4,493,312 ----a-w c:\windows\System32\NlsData0816.dll
2008-11-30 05:27 4,493,312 ----a-w c:\windows\System32\NlsData0416.dll
2008-11-30 05:27 4,493,312 ----a-w c:\windows\System32\NlsData0414.dll
2008-11-30 05:27 2,641,408 ----a-w c:\windows\System32\NlsData000c.dll
2008-11-30 05:27 2,340,864 ----a-w c:\windows\System32\NlsData000d.dll
2008-11-30 05:27 1,963,520 ----a-w c:\windows\System32\NlsData0c1a.dll
2008-11-30 05:27 1,963,520 ----a-w c:\windows\System32\NlsData081a.dll
2008-11-30 05:27 1,963,520 ----a-w c:\windows\System32\NlsData000f.dll
2008-11-30 05:25 29,184 ----a-w c:\windows\system32\drivers\BTHUSB.SYS
2008-11-30 05:25 220,160 ----a-w c:\windows\system32\drivers\bthport.sys
2008-11-30 05:25 19,456 ----a-w c:\windows\system32\drivers\bthenum.sys
2008-11-30 05:25 181,760 ----a-w c:\windows\System32\fsquirt.exe
2008-11-30 05:25 1,585,664 ----a-w c:\windows\System32\setupapi.dll
2008-11-30 05:23 9,728 ----a-w c:\windows\System32\LAPRXY.DLL
2008-11-30 05:23 290,304 ----a-w c:\windows\system32\drivers\srv.sys
2008-11-30 05:23 223,232 ----a-w c:\windows\System32\WMASF.DLL
2008-11-30 05:23 2,048 ----a-w c:\windows\System32\asferror.dll
2008-11-30 05:22 712,192 ----a-w c:\windows\System32\WindowsCodecs.dll
2008-11-30 05:22 441,856 ----a-w c:\windows\System32\win32spl.dll
2008-11-30 05:22 425,472 ----a-w c:\windows\System32\PhotodataHandler.dll
2008-11-30 05:22 37,376 ----a-w c:\windows\System32\printcom.dll
2008-11-30 05:22 347,136 ----a-w c:\windows\System32\WindowsCodecsExt.dll
2008-11-30 05:21 83,968 ----a-w c:\windows\System32\dnsrslvr.dll
2008-11-30 05:21 24,576 ----a-w c:\windows\System32\dnscacheugc.exe
2008-11-30 05:21 14,848 ----a-w c:\windows\System32\wshrm.dll
2008-11-30 05:21 113,664 ----a-w c:\windows\system32\drivers\rmcast.sys
2008-11-30 05:21 11,776 ----a-w c:\windows\System32\sbunattend.exe
2008-11-30 05:20 84,992 ----a-w c:\windows\system32\drivers\srvnet.sys
2008-11-30 05:20 58,368 ----a-w c:\windows\system32\drivers\mrxsmb20.sys
2008-11-30 05:20 130,048 ----a-w c:\windows\system32\drivers\srv2.sys
2008-11-30 05:20 101,888 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-11-30 05:20 --------- d-----w c:\program files\Common Files\Vbox
2008-11-30 05:19 84,480 ----a-w c:\windows\System32\INETRES.dll
2008-11-30 05:19 788,992 ----a-w c:\windows\System32\rpcrt4.dll
2008-11-30 05:19 737,792 ----a-w c:\windows\System32\inetcomm.dll
2008-11-30 05:19 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-30 05:18 1,645,568 ----a-w c:\windows\System32\connect.dll
2008-11-30 05:18 1,327,104 ----a-w c:\windows\System32\quartz.dll
2008-11-30 05:17 --------- d-----w c:\program files\MSXML 4.0
2008-11-30 00:03 3,505,208 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-11-30 00:03 3,470,904 ----a-w c:\windows\System32\ntoskrnl.exe
2008-11-30 00:03 2,048 ----a-w c:\windows\System32\msxml6r.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHot1.dll" [11/30/2008 11:04 PM 1784856]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P0.dll" [06/24/2008 11:17 PM 1569304]
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
06/24/2008 11:17 PM 1569304 --a------ c:\program files\P2P_Energy\tbP2P0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
11/30/2008 11:04 PM 1784856 --a------ c:\program files\Hotspot_Shield\tbHot1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files\Hotspot_Shield\tbHot1.dll" [11/30/2008 11:04 PM 1784856]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P0.dll" [06/24/2008 11:17 PM 1569304]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}"= "c:\program files\Hotspot_Shield\tbHot1.dll" [11/30/2008 11:04 PM 1784856]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\program files\P2P_Energy\tbP2P0.dll" [06/24/2008 11:17 PM 1569304]
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [11/30/2008 08:21 AM 1232896]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [08/23/2007 05:36 PM 455968]
"WinPro.exe"="c:\program files\Ares\WebPro.exe" [07/16/2007 02:08 PM 195748]
"AFProg"="c:\program files\AnchorFree\bin\ctrl\AFController.exe" [11/20/2006 11:19 AM 81920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [11/02/2006 03:35 PM 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [09/19/2007 11:05 PM 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [09/19/2007 11:05 PM 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [09/19/2007 11:05 PM 81920]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 11:29 AM 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [01/17/2007 04:34 PM 634880]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [07/25/2007 09:02 AM 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [10/01/2007 06:34 AM 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [09/20/2007 01:31 AM 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [09/05/2007 12:54 AM 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [08/17/2007 10:13 AM 218408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 02:06 PM 40048]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [02/17/2005 10:11 AM 49152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [09/13/2007 07:47 PM 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [01/09/2007 02:53 AM 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 03:00 PM 132496]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM 31016]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 08:24 PM 32768]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [06/12/2008 01:28 PM 266497]
"RtHDVCpl"="RtHDVCpl.exe" [08/17/2007 04:27 PM 4702208 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-04 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-09-06 727592]
SnagIt 8.lnk - c:\program files\TechSmith\SnagIt 8\SnagIt32.exe [2007-05-01 6395464]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{4A0B64D1-A303-40E5-B2B6-BA0B178FDF26}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{7053F7B5-ED5B-4EC1-AFF6-2DAE22E0AF84}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{D6C2FCF9-85EA-4B98-A5C7-478297C71968}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{AB4E3FCC-F011-4786-A9D8-9D12EC76D0DD}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{0D3C0E92-B228-40AA-AD48-1069487A1275}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{C8A44AF2-EC4D-4B2D-8D3C-CB9F7C885FB5}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{771B1EDE-5E23-486A-8618-FE64E5124938}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{EAC6825C-E745-4EC2-93C0-D986881AEE55}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4821F5FB-58CC-42C1-895D-DCA43F6B6A7F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8EAF7CBE-1E85-4A95-978E-DA2673B11EA5}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{830EABC7-D6B2-4CF0-9C29-8DF023E8D272}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"TCP Query User{5C5D0D77-E28E-427A-8857-FD9AAB0E6BB9}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{AEE3A44F-74A5-4C3F-A455-687F022758AF}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{2878FE53-275B-4E87-96E3-5602FE7787FE}c:\\program files\\real\\realplayer\\recordingmanager.exe"= UDP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"UDP Query User{C583179A-9DEC-46D0-80C5-42AB5BC948A2}c:\\program files\\real\\realplayer\\recordingmanager.exe"= TCP:c:\program files\real\realplayer\recordingmanager.exe:RealNetworks Download and Record Manager
"TCP Query User{08D0B6CD-D349-44E8-999D-02784E713458}c:\\program files\\leapftp\\leapftp.exe"= UDP:c:\program files\leapftp\leapftp.exe:File Transfer Protocol (FTP) Client
"UDP Query User{65E8F388-BAB2-4011-91CB-E855CF639EBB}c:\\program files\\leapftp\\leapftp.exe"= TCP:c:\program files\leapftp\leapftp.exe:File Transfer Protocol (FTP) Client
"TCP Query User{3144F804-23F1-409D-AB61-9B597F9EAC36}c:\\program files\\java\\jre1.6.0_02\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_02\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{D7CDD0DB-25F5-4510-9CB6-1727D8AF4EBE}c:\\program files\\java\\jre1.6.0_02\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_02\bin\javaw.exe:Java(TM) Platform SE binary
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 AntiVirMailService;Avira AntiVir Premium MailGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe" [2008-11-29 164097]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;"c:\program files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE" [2008-11-29 258305]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;"c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe" [2008-11-29 41217]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
*Newly Created Service* - PROCEXP90
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-11 01:42:10
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 12/11/2008 1:43:27
ComboFix-quarantined-files.txt 2008-12-10 22:43:25
Pre-Run: 97,516,711,936 bytes free
Post-Run: 97,501,831,168 bytes free
227 --- E O F --- 2008-12-10 05:48:35

KoNaMi · 11 ديسمبر 2008

اوكي قلبي الحين لاهنت مرة ثانيه سوي تقرير للهاجيك

اعمل تقرير هايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

حامد زيد · 11 ديسمبر 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:15 ص, on 11/12/08
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16764)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Ares\WebPro.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\cz\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.87:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AF BHO - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - C:\Program Files\AnchorFree\bin\AFBho.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll
O3 - Toolbar: AFToolbar - {1F385865-F3D4-41ff-960D-7B7D0A7A72F6} - C:\Program Files\AnchorFree\bin\AFToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P0.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WinPro.exe] "C:\Program Files\Ares\WebPro.exe"
O4 - HKCU\..\Run: [AFProg] C:\Program Files\AnchorFree\bin\ctrl\AFController.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 10900 bytes

تعبت هههههههه

ashalshaikh · 11 ديسمبر 2008

يا عيوني ,,,,
عذرا للتدخل
احذف البرنامج المذكور وأعد تنصيبه ,,, وإن شاء الله يكون كل شي على ما يرام ,,,

حامد زيد · 11 ديسمبر 2008

ashalshaikh قال:
يا عيوني ,,,,
عذرا للتدخل
احذف البرنامج المذكور وأعد تنصيبه ,,, وإن شاء الله يكون كل شي على ما يرام ,,,

والله هالبرنامج تعتب وانا ابحث عنه واذا حذفته وين الاقيه :q:

KoNaMi · 11 ديسمبر 2008

ashalshaikh قال:
يا عيوني ,,,,
عذرا للتدخل
احذف البرنامج المذكور وأعد تنصيبه ,,, وإن شاء الله يكون كل شي على ما يرام ,,,

اسمع قلبي سوي طريقة اخوي الغاليashalshaikh

KoNaMi · 11 ديسمبر 2008

جاري التحليل.......

ashalshaikh · 11 ديسمبر 2008

حامد زيد قال:
والله هالبرنامج تعتب وانا ابحث عنه واذا حذفته وين الاقيه :q:

البرنامج كذا أو كذا ,,, خلاص مع السلامة ,, إنتقل إلى رحمة الله :hh: :bleh: :no::cr:
إش اسم البرنامج يالغلا ,,, ؟؟؟

حامد زيد · 11 ديسمبر 2008

زيزوومي نشيط

زيزوومى فضى

توقيع : KoNaMi

زيزوومي نشيط

توقيع : moustakhdem

زيزوومي نشيط

زيزوومي نشيط

زيزوومى فضى

توقيع : KoNaMi

زيزوومي نشيط

زيزوومى فضى

توقيع : ashalshaikh

زيزوومى فضى

توقيع : KoNaMi

زيزوومى فضى

توقيع : KoNaMi

زيزوومي نشيط

زيزوومي نشيط

زيزوومى فضى

توقيع : KoNaMi

زيزوومي نشيط

زيزوومى فضى

توقيع : ashalshaikh

زيزوومي نشيط

زيزوومى فضى

توقيع : KoNaMi

زيزوومى فضى

توقيع : KoNaMi

زيزوومى فضى

توقيع : ashalshaikh

زيزوومي نشيط