مشاكلي كثرت الله يعينكم علي

ط

طآغي النظرهـ

زيزوومى محترف
إنضم
2 ديسمبر 2008
المشاركات
2,329
مستوى التفاعل
339
النقاط
770
الإقامة
Hotmail Company
غير متصل
ـآلسـلآم عليـكـم ورحمة ـآلله وبركـاته

صبآحكم عسل يآلزيازيم

مشكلتي //

عندي الجهاز يعلق ماعاد يتحرك فيه أي شي حتى الفاره كل شي فيه يصلب
لدرجه إني أطفيه من الزر اللي بالجهاز....:er::er::er::er:

وعندي كمان إستفسار ماله شغل بمشكلتي :-:q:

عندي بالماسنجر كذ1 إيميل من اللي بالقائمه عندي بجنبه نجمه صفراء
نفسي أعرف النجمه الصفراء هذي إيش معناتها :b::b:

والله يعطيكم العافيه

أنتظر حلولكم بفارغ الصبر
 

توقيع : طآغي النظرهـ
ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام​


==============
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم





(2)
واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم



 
التعديل الأخير بواسطة المشرف:
تأييد 0
المعذره اخي هاوي لم انتبه لردك كل الشكر والتقدير
 
توقيع : صمت السكوت
تأييد 0
عندي بالماسنجر كذ1 إيميل من اللي بالقائمه عندي بجنبه نجمه صفراء
نفسي أعرف النجمه الصفراء هذي إيش معناتها :b::b:

والله يعطيكم العافيه

أنتظر حلولكم بفارغ الصبر



هي واحد بحطها اسم نجمه بلس هي لتبيه فقط عشان تنبيه فقط مش اكتر لاتضر ولاتنفع :OK
zyzoom-98bbc3119f.gif
هي على هذه الشكل سلام


انتظر تقريرك
 
توقيع : format
تأييد 0
خلـــود قال:
المعذره اخي هاوي لم انتبه لردك كل الشكر والتقدير
أنقر للتوسيع...

هلابك خلود مافيه داعي للعذر الله يحفظك
وانا والله والاخوان نستفيد منك كثير وجهودك واضحه في ركن المشاكل لمساعدة الاخوان
جزاك الله خير على ماتقومين به
3.gif
 
تأييد 0
ComboFix 08-12-14.04 - طاغي 12/15/2008 11:06:09.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1025.18.735.459 [GMT 3:00]
Running from: d:\documents and settings\طاغي\سطح المكتب\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf

((((((((((((((((((((((((( Files Created from 2008-11-15 to 2008-12-15 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-15 08:16 15,181,856 --sha-w d:\windows\system32\drivers\fidbox.dat
2008-12-15 08:14 699,168 --sha-w d:\windows\system32\drivers\fidbox2.dat
2008-12-15 08:11 68,636 --sha-w d:\windows\system32\drivers\fidbox2.idx
2008-12-15 08:11 211,592 --sha-w d:\windows\system32\drivers\fidbox.idx
2008-12-15 07:29 --------- d-----w d:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-15 00:29 --------- d-----w d:\program files\Hotspot_Shield
2008-12-15 00:28 --------- d-----w d:\program files\Hotspot Shield
2008-12-15 00:28 --------- d-----w d:\program files\Conduit
2008-12-13 00:52 --------- d-----w d:\documents and settings\طاغي\Application Data\cleaner
2008-12-11 06:30 --------- d-----w d:\documents and settings\طاغي\Application Data\CyberScrub
2008-12-11 00:08 --------- d-----w d:\program files\Golden Al-Wafi Translator
2008-12-10 14:47 --------- d-----w d:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-09 22:40 --------- d-----w d:\program files\Vuze
2008-12-09 20:51 --------- d-----w d:\documents and settings\طاغي\Application Data\Azureus
2008-12-09 12:21 --------- d-----w d:\documents and settings\All Users\Application Data\Apple Computer
2008-12-09 12:16 --------- d-----w d:\program files\Video Convert Master
2008-12-09 12:13 81,920 ----a-w d:\documents and settings\طاغي\Application Data\ezpinst.exe
2008-12-09 12:13 47,360 ----a-w d:\windows\system32\drivers\pcouffin.sys
2008-12-09 12:13 47,360 ----a-w d:\documents and settings\طاغي\Application Data\pcouffin.sys
2008-12-09 12:13 --------- d-----w d:\documents and settings\طاغي\Application Data\Vso
2008-12-09 11:48 --------- d-----w d:\program files\Xilisoft
2008-12-09 11:48 --------- d-----w d:\program files\QuickTime
2008-12-09 11:22 --------- d-----w d:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2008-12-07 18:57 --------- d-----w d:\program files\Zone Labs
2008-12-07 12:41 --------- d-----w d:\program files\Free Internet TV
2008-12-05 23:51 --------- d-----w d:\program files\PC Tools Internet Security
2008-12-05 23:47 --------- d-----w d:\program files\Common Files\PC Tools
2008-12-05 23:47 --------- d-----w d:\documents and settings\All Users\Application Data\PC Tools
2008-12-05 23:46 --------- d---a-w d:\documents and settings\All Users\Application Data\TEMP
2008-12-05 23:44 --------- d-----w d:\program files\Browser Defender
2008-12-05 21:30 --------- d-----w d:\documents and settings\طاغي\Application Data\PCToolsSpamMonitorPlus
2008-12-05 21:30 --------- d-----w d:\documents and settings\طاغي\Application Data\PCToolsFirewallPlus
2008-12-05 18:20 --------- d-----w d:\program files\Common Files\InstallShield
2008-12-05 17:52 757,760 ----a-w d:\windows\system32\SkinCrafter.dll
2008-12-05 16:35 --------- d--h--w d:\program files\InstallShield Installation Information
2008-12-05 16:08 --------- d-----w d:\program files\Circle Developement
2008-12-05 16:07 --------- d-----w d:\documents and settings\طاغي\Application Data\BodyWipeNoun
2008-12-05 15:03 --------- d-----w d:\documents and settings\All Users\Application Data\Azureus
2008-12-05 14:08 --------- d-----w d:\program files\Windows Media Connect 2
2008-12-04 23:08 --------- d-----w d:\documents and settings\All Users\Application Data\Messenger Plus!
2008-12-04 23:05 --------- d-----w d:\program files\Windows Live
2008-12-04 23:04 --------- d-----w d:\documents and settings\All Users\Application Data\WLInstaller
2008-12-04 21:56 --------- d-----w d:\documents and settings\All Users\Application Data\STORE LESS JUGS SURF
2008-12-04 21:36 --------- d-----w d:\program files\BodyWipeNoun
2008-12-04 21:35 --------- d-----w d:\program files\Messenger Plus! Live
2008-12-04 19:33 --------- d-----w d:\program files\MSECACHE
2008-12-04 18:45 --------- d-----w d:\documents and settings\طاغي\Application Data\ADPHONE
2008-12-04 09:28 --------- d-----w d:\program files\MSN Messenger
2008-12-04 09:22 --------- d-----w d:\program files\Microsoft Office Outlook Connector
2008-12-04 09:09 --------- d-----w d:\program files\Windows Live Toolbar
2008-12-04 09:06 --------- d-----w d:\program files\Microsoft
2008-12-04 08:03 --------- d-----w d:\program files\Windows Installer Clean Up
2008-12-04 08:03 --------- d-----w d:\program files\Common Files\Windows Live
2008-12-04 07:29 410,976 ----a-w d:\windows\system32\deploytk.dll
2008-12-04 07:29 --------- d-----w d:\program files\Java
2008-12-04 07:01 --------- d-----w d:\program files\Yahoo!
2008-12-04 07:01 --------- d-----w d:\program files\CCleaner
2008-12-03 16:22 --------- d-----w d:\program files\IDA
2008-12-03 05:19 --------- d-----w d:\documents and settings\طاغي\Application Data\Internet Download Accelerator
2008-12-03 02:34 --------- d-----w d:\documents and settings\طاغي\Application Data\Media Player Classic
2008-12-03 02:30 2,223,653 ----a-w D:\mpc2kxp6490.zip
2008-12-02 19:50 --------- d-----w d:\program files\Common Files\Adobe
2008-12-02 18:31 75,921,920 ----a-w D:\ps55try.exe
2008-12-02 17:29 827,382 ----a-w D:\Trojan_u.zip
2008-12-02 17:15 --------- d-----w d:\program files\GIF Movie Gear
2008-12-02 17:14 985,989 ----a-w D:\MovieGear4.exe
2008-12-02 16:39 --------- d-----w d:\documents and settings\طاغي\Application Data\CursorArts
2008-12-02 16:38 --------- d-----w d:\program files\ImageForge3
2008-12-02 16:36 6,766,448 ----a-w D:\imf_pro.exe
2008-12-02 14:16 40,073 ----a-w D:\patcher.zip
2008-12-02 14:09 --------- d-----w d:\program files\SWiSHmax
2008-12-02 14:05 9,783,685 ----a-w D:\SetupSwishmax_20050505.exe
2008-12-01 14:09 357,973 ----a-w D:\شطرنج.zip
2008-12-01 13:03 0 ---ha-w d:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-12-01 13:03 0 ---ha-w d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-12-01 12:33 499,712 ----a-w d:\windows\system32\msvcp71.dll
2008-12-01 12:33 348,160 ----a-w d:\windows\system32\msvcr71.dll
2008-12-01 12:33 --------- d-----w d:\program files\Common Files\xing shared
2008-12-01 12:33 --------- d-----w d:\program files\Common Files\Real
2008-12-01 11:59 8,552 ----a-w d:\windows\system32\drivers\asctrm.sys
2008-12-01 11:59 --------- d-----w d:\program files\Real
2008-12-01 11:59 --------- d-----w d:\program files\aod
2008-11-30 16:28 --------- d-----w d:\documents and settings\طاغي\Application Data\HiYo
2008-11-30 00:41 --------- d-----w d:\program files\CEDP Stealer 6.0 for Messenger
2008-11-29 23:55 --------- d-----w d:\documents and settings\All Users\Application Data\iolo
2008-11-29 23:53 --------- d-----w d:\documents and settings\طاغي\Application Data\iolo
2008-11-29 21:19 --------- d-----w d:\program files\Microsoft SQL Server Compact Edition
2008-11-29 19:56 --------- dcsh--w d:\program files\Common Files\WindowsLiveInstaller
2008-11-23 15:13 --------- d-----w d:\documents and settings\All Users\Application Data\Bluetooth
2008-11-23 05:49 102,400 ----a-w d:\windows\system32\STemp_01.exe
2008-11-19 22:54 --------- d-----w d:\documents and settings\طاغي\Application Data\AntiSpywareGuard
2008-11-16 10:03 73,216 ----a-w d:\windows\ST6UNST.EXE
2008-11-16 10:03 172,032 ------w d:\windows\Setup1.exe
2008-11-14 16:30 --------- d-----w d:\program files\Windows Live Favorites
2008-11-14 16:28 --------- d-----w d:\documents and settings\All Users\Application Data\Windows Live Toolbar
2008-11-11 15:32 21,035 ----a-w d:\windows\system32\drivers\AegisP.sys
2008-11-11 15:31 --------- d-----w d:\program files\REALTEK RTL8187 Wireless LAN Driver and Utility
2008-10-24 11:21 455,296 ----a-w d:\windows\system32\drivers\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w d:\windows\system32\gdi32.dll
2008-10-16 20:04 826,368 ----a-w d:\windows\system32\wininet.dll
2006-10-11 08:04 61,036 ----a-w d:\program files\mozilla firefox\components\jar50.dll
2006-10-11 08:04 48,742 ----a-w d:\program files\mozilla firefox\components\jsd3250.dll
2006-10-11 08:05 29,313 ----a-w d:\program files\mozilla firefox\components\myspell.dll
2006-10-11 08:05 41,082 ----a-w d:\program files\mozilla firefox\components\spellchk.dll
2006-10-11 08:04 166,510 ----a-w d:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((( snapshot@Wed 12-10-2008_ 5.14.47.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-16 19:31:55 124,928 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\advpack.dll
+ 2008-10-16 19:31:55 347,136 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtmsft.dll
+ 2008-10-16 19:31:55 214,528 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\dxtrans.dll
+ 2008-10-16 19:31:55 132,608 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\extmgr.dll
+ 2008-10-16 19:31:55 63,488 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\icardie.dll
+ 2008-10-16 12:46:08 70,656 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2008-10-16 19:31:55 153,088 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakeng.dll
+ 2008-10-16 19:31:55 230,400 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieaksie.dll
+ 2008-10-15 06:33:26 161,792 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dat
+ 2008-10-16 19:31:55 380,928 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieapfltr.dll
+ 2008-10-16 19:31:56 388,608 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-16 19:31:57 6,068,224 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieframe.dll
+ 2008-10-16 19:31:57 44,544 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iernonce.dll
+ 2008-10-16 19:31:57 267,776 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iertutil.dll
+ 2008-10-16 12:46:08 13,824 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2008-10-15 06:34:58 633,632 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
+ 2008-10-16 19:31:58 27,648 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\jsproxy.dll
+ 2008-10-16 19:31:58 459,264 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeeds.dll
+ 2008-10-16 19:31:58 52,224 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msfeedsbs.dll
+ 2008-10-16 19:32:01 3,595,264 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
+ 2008-10-16 19:32:02 477,696 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtmled.dll
+ 2008-10-16 19:32:02 193,024 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\msrating.dll
+ 2008-10-16 19:32:02 671,232 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mstime.dll
+ 2008-10-16 19:32:02 102,912 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\occache.dll
+ 2008-10-16 19:32:02 44,544 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\pngfilt.dll
+ 2008-10-16 19:32:02 105,984 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\url.dll
+ 2008-10-16 19:32:03 1,163,264 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\urlmon.dll
+ 2008-10-16 19:32:03 233,472 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\webcheck.dll
+ 2008-10-16 19:32:03 827,904 ----a-w d:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
+ 2007-03-06 00:57:33 14,560 ----a-w d:\windows\$hf_mig$\KB958215-IE7\spmsg.dll
+ 2007-03-06 00:57:38 213,216 ----a-w d:\windows\$hf_mig$\KB958215-IE7\spuninst.exe
+ 2007-03-06 00:57:32 22,752 ----a-w d:\windows\$hf_mig$\KB958215-IE7\update\spcustom.dll
+ 2007-03-06 00:57:56 712,928 ----a-w d:\windows\$hf_mig$\KB958215-IE7\update\update.exe
+ 2007-03-06 00:58:46 369,376 ----a-w d:\windows\$hf_mig$\KB958215-IE7\update\updspapi.dll
+ 2006-10-18 17:03:58 100,864 -c----w d:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2007-07-27 06:42:32 231,288 -c----w d:\windows\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe
+ 2007-07-27 06:41:48 382,840 -c----w d:\windows\$NtUninstallKB952069_WM9$\spuninst\updspapi.dll
+ 2006-10-18 18:47:20 937,984 -c----w d:\windows\$NtUninstallKB952069_WM9$\wmnetmgr.dll
+ 2006-10-18 18:47:22 2,450,944 -c----w d:\windows\$NtUninstallKB952069_WM9$\wmvcore.dll
+ 2008-08-26 07:57:14 124,928 -c----w d:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:57:14 347,136 -c----w d:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:57:14 214,528 -c----w d:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:57:14 133,120 -c----w d:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:57:14 63,488 -c----w d:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:35:50 70,656 -c----w d:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:57:14 153,088 -c----w d:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:57:14 230,400 -c----w d:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w d:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:57:15 383,488 -c----w d:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:57:15 384,512 -c----w d:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 16:58:14 6,066,176 -c----w d:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:57:16 44,544 -c----w d:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:57:17 267,776 -c----w d:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w d:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w d:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:57:17 27,648 -c----w d:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:57:18 459,264 -c----w d:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:57:18 52,224 -c----w d:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-27 08:57:20 3,593,216 -c----w d:\windows\ie7updates\KB958215-IE7\mshtml.dll
+ 2008-08-26 07:57:19 477,696 -c----w d:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:57:19 193,024 -c----w d:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:57:20 671,232 -c----w d:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:57:20 102,912 -c----w d:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:57:20 44,544 -c----w d:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 00:57:38 213,216 -c----w d:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 00:58:46 369,376 -c----w d:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:57:20 105,984 -c----w d:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:57:21 1,159,680 -c----w d:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:57:21 233,472 -c----w d:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:57:21 826,368 -c----w d:\windows\ie7updates\KB958215-IE7\wininet.dll
- 2008-12-10 00:21:53 1,165,584 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-12-10 14:47:23 1,165,584 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-12-10 00:22:01 20,240 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-12-10 14:47:27 20,240 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-12-10 00:21:55 159,504 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-12-10 14:47:24 159,504 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-12-10 00:21:56 184,080 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-12-10 14:47:25 184,080 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-12-10 00:21:58 217,864 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-12-10 14:47:26 217,864 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-12-10 00:22:03 18,704 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-12-10 14:47:28 18,704 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-12-10 00:22:09 35,088 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-12-10 14:47:32 35,088 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-12-10 00:21:56 845,584 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-12-10 14:47:25 845,584 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-12-10 00:21:57 922,384 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-12-10 14:47:26 922,384 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-12-10 00:21:59 272,648 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-12-10 14:47:27 272,648 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-12-10 00:22:05 888,080 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-12-10 14:47:31 888,080 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-12-10 00:21:54 1,172,240 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-12-10 14:47:24 1,172,240 ----a-r d:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-08-26 07:57:14 124,928 ----a-w d:\windows\system32\advpack.dll
+ 2008-10-16 20:04:07 124,928 ----a-w d:\windows\system32\advpack.dll
- 2008-08-26 07:57:14 124,928 -c--a-w d:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:04:07 124,928 -c--a-w d:\windows\system32\dllcache\advpack.dll
- 2008-08-26 07:57:14 347,136 -c--a-w d:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 -c--a-w d:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 -c--a-w d:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 -c--a-w d:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:57:14 133,120 -c--a-w d:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:04:08 133,120 -c--a-w d:\windows\system32\dllcache\extmgr.dll
- 2008-08-26 07:57:14 63,488 -c----w d:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:04:08 63,488 -c----w d:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:35:50 70,656 -c--a-w d:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:09:53 70,656 -c--a-w d:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 -c--a-w d:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 -c--a-w d:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:57:14 230,400 -c--a-w d:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 -c--a-w d:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 -c--a-w d:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w d:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:57:15 383,488 -c----w d:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:04:08 383,488 -c----w d:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 -c--a-w d:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 -c--a-w d:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 16:58:14 6,066,176 -c----w d:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:04:12 6,066,176 -c----w d:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 07:57:16 44,544 -c--a-w d:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:04:12 44,544 -c--a-w d:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:57:17 267,776 -c----w d:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:04:12 267,776 -c----w d:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 -c----w d:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w d:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 -c--a-w d:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c--a-w d:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 07:57:17 27,648 -c--a-w d:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:04:13 27,648 -c--a-w d:\windows\system32\dllcache\jsproxy.dll
- 2006-10-18 17:03:58 100,864 -c--a-w d:\windows\system32\dllcache\logagent.exe
+ 2008-06-17 22:09:22 100,864 -c--a-w d:\windows\system32\dllcache\logagent.exe
- 2008-08-26 07:57:18 459,264 -c----w d:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:04:13 459,264 -c----w d:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:57:18 52,224 -c----w d:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:04:13 52,224 -c----w d:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-27 08:57:20 3,593,216 -c--a-w d:\windows\system32\dllcache\mshtml.dll
+ 2008-10-16 22:34:18 3,593,216 -c--a-w d:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:57:19 477,696 -c--a-w d:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:04:16 477,696 -c--a-w d:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 07:57:19 193,024 -c--a-w d:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:04:17 193,024 -c--a-w d:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:57:20 671,232 -c--a-w d:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:04:17 671,232 -c--a-w d:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:57:20 102,912 -c--a-w d:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:04:17 102,912 -c--a-w d:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:57:20 44,544 -c--a-w d:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:04:17 44,544 -c--a-w d:\windows\system32\dllcache\pngfilt.dll
- 2008-08-26 07:57:20 105,984 -c--a-w d:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:04:17 105,984 -c--a-w d:\windows\system32\dllcache\url.dll
- 2008-08-26 07:57:21 1,159,680 -c--a-w d:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:04:18 1,160,192 -c--a-w d:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 07:57:21 233,472 -c--a-w d:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:04:18 233,472 -c--a-w d:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:57:21 826,368 -c--a-w d:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:04:19 826,368 -c--a-w d:\windows\system32\dllcache\wininet.dll
- 2006-10-18 18:47:20 937,984 -c--a-w d:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 02:03:08 938,496 -c--a-w d:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 18:47:22 2,450,944 -c--a-w d:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 02:03:14 2,458,112 -c--a-w d:\windows\system32\dllcache\WMVCore.dll
- 2008-08-26 07:57:14 347,136 ----a-w d:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:04:07 347,136 ----a-w d:\windows\system32\dxtmsft.dll
- 2008-08-26 07:57:14 214,528 ----a-w d:\windows\system32\dxtrans.dll
+ 2008-10-16 20:04:07 214,528 ----a-w d:\windows\system32\dxtrans.dll
- 2008-08-26 07:57:14 133,120 ----a-w d:\windows\system32\extmgr.dll
+ 2008-10-16 20:04:08 133,120 ----a-w d:\windows\system32\extmgr.dll
- 2008-08-26 07:57:14 63,488 ----a-w d:\windows\system32\icardie.dll
+ 2008-10-16 20:04:08 63,488 ----a-w d:\windows\system32\icardie.dll
- 2008-08-25 08:35:50 70,656 ----a-w d:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:09:53 70,656 ----a-w d:\windows\system32\ie4uinit.exe
- 2008-08-26 07:57:14 153,088 ----a-w d:\windows\system32\ieakeng.dll
+ 2008-10-16 20:04:08 153,088 ----a-w d:\windows\system32\ieakeng.dll
- 2008-08-26 07:57:14 230,400 ----a-w d:\windows\system32\ieaksie.dll
+ 2008-10-16 20:04:08 230,400 ----a-w d:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w d:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w d:\windows\system32\ieakui.dll
- 2008-08-26 07:57:15 383,488 ----a-w d:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:04:08 383,488 ----a-w d:\windows\system32\ieapfltr.dll
- 2008-08-26 07:57:15 384,512 ----a-w d:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:04:09 384,512 ----a-w d:\windows\system32\iedkcs32.dll
- 2008-10-03 16:58:14 6,066,176 ----a-w d:\windows\system32\ieframe.dll
+ 2008-10-16 20:04:12 6,066,176 ----a-w d:\windows\system32\ieframe.dll
- 2008-08-26 07:57:16 44,544 ----a-w d:\windows\system32\iernonce.dll
+ 2008-10-16 20:04:12 44,544 ----a-w d:\windows\system32\iernonce.dll
- 2008-08-26 07:57:17 267,776 ----a-w d:\windows\system32\iertutil.dll
+ 2008-10-16 20:04:12 267,776 ----a-w d:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w d:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w d:\windows\system32\ieudinit.exe
- 2008-08-26 07:57:17 27,648 ----a-w d:\windows\system32\jsproxy.dll
+ 2008-10-16 20:04:13 27,648 ----a-w d:\windows\system32\jsproxy.dll
- 2006-10-18 17:03:58 100,864 ----a-w d:\windows\system32\logagent.exe
+ 2008-06-17 22:09:22 100,864 ----a-w d:\windows\system32\logagent.exe
- 2008-08-26 07:57:18 459,264 ----a-w d:\windows\system32\msfeeds.dll
+ 2008-10-16 20:04:13 459,264 ----a-w d:\windows\system32\msfeeds.dll
- 2008-08-26 07:57:18 52,224 ----a-w d:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:04:13 52,224 ----a-w d:\windows\system32\msfeedsbs.dll
- 2008-08-27 08:57:20 3,593,216 ----a-w d:\windows\system32\mshtml.dll
+ 2008-10-16 22:34:18 3,593,216 ----a-w d:\windows\system32\mshtml.dll
- 2008-08-26 07:57:19 477,696 ----a-w d:\windows\system32\mshtmled.dll
+ 2008-10-16 20:04:16 477,696 ----a-w d:\windows\system32\mshtmled.dll
- 2008-08-26 07:57:19 193,024 ----a-w d:\windows\system32\msrating.dll
+ 2008-10-16 20:04:17 193,024 ----a-w d:\windows\system32\msrating.dll
- 2008-08-26 07:57:20 671,232 ----a-w d:\windows\system32\mstime.dll
+ 2008-10-16 20:04:17 671,232 ----a-w d:\windows\system32\mstime.dll
- 2008-08-26 07:57:20 102,912 ----a-w d:\windows\system32\occache.dll
+ 2008-10-16 20:04:17 102,912 ----a-w d:\windows\system32\occache.dll
- 2008-12-09 22:30:39 63,230 ----a-w d:\windows\system32\perfc001.dat
+ 2008-12-10 09:08:38 63,760 ----a-w d:\windows\system32\perfc001.dat
- 2008-12-09 22:30:39 63,412 ----a-w d:\windows\system32\perfc009.dat
+ 2008-12-10 09:08:38 63,992 ----a-w d:\windows\system32\perfc009.dat
- 2008-12-09 22:30:39 339,788 ----a-w d:\windows\system32\perfh001.dat
+ 2008-12-10 09:08:38 341,138 ----a-w d:\windows\system32\perfh001.dat
- 2008-12-09 22:30:39 405,316 ----a-w d:\windows\system32\perfh009.dat
+ 2008-12-10 09:08:38 406,856 ----a-w d:\windows\system32\perfh009.dat
- 2008-08-26 07:57:20 44,544 ----a-w d:\windows\system32\pngfilt.dll
+ 2008-10-16 20:04:17 44,544 ----a-w d:\windows\system32\pngfilt.dll
- 2007-11-30 12:39:01 17,784 ------w d:\windows\system32\spmsg.dll
+ 2007-07-27 06:41:40 16,760 ------w d:\windows\system32\spmsg.dll
- 2008-08-26 07:57:20 105,984 ----a-w d:\windows\system32\url.dll
+ 2008-10-16 20:04:17 105,984 ----a-w d:\windows\system32\url.dll
- 2008-08-26 07:57:21 1,159,680 ----a-w d:\windows\system32\urlmon.dll
+ 2008-10-16 20:04:18 1,160,192 ----a-w d:\windows\system32\urlmon.dll
- 2008-08-26 07:57:21 233,472 ----a-w d:\windows\system32\webcheck.dll
+ 2008-10-16 20:04:18 233,472 ----a-w d:\windows\system32\webcheck.dll
- 2006-10-18 18:47:20 937,984 ----a-w d:\windows\system32\WMNetMgr.dll
+ 2008-06-18 02:03:08 938,496 ----a-w d:\windows\system32\WMNetmgr.dll
- 2006-10-18 18:47:22 2,450,944 ----a-w d:\windows\system32\wmvcore.dll
+ 2008-06-18 02:03:14 2,458,112 ----a-w d:\windows\system32\WMVCore.dll
- 2008-12-09 22:27:06 4,212 ---h--w d:\windows\system32\zllictbl.dat
+ 2008-12-11 10:24:08 4,212 ---h--w d:\windows\system32\zllictbl.dat
+ 2008-12-12 02:21:40 1,536 ----a-w d:\windows\system32\ZoneLabs\zlqrtdb.dat
+ 2008-12-15 08:13:50 16,384 ----atw d:\windows\Temp\Perflib_Perfdata_100.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "d:\program files\Hotspot_Shield\tbHot1.dll" [12/15/2008 03:30 AM 1784856]
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
12/15/2008 03:30 AM 1784856 --a------ d:\program files\Hotspot_Shield\tbHot1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "d:\program files\Hotspot_Shield\tbHot1.dll" [12/15/2008 03:30 AM 1784856]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}"= "d:\program files\Hotspot_Shield\tbHot1.dll" [12/15/2008 03:30 AM 1784856]
[HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]
"MsnMsgr"="d:\program files\Windows Live\Messenger\MsnMsgr.Exe" [10/18/2007 11:34 AM 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [08/24/2007 07:00 AM 33648]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [12/01/2008 03:33 PM 185872]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [12/04/2008 10:29 AM 136600]
"ZoneAlarm Client"="d:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/2007 04:05 PM 919016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [04/14/2008 06:59 PM 15360]
d:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.exe.lnk - d:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-02 113664]
REALTEK RTL8187 Wireless LAN Utility.lnk - d:\program files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe [2008-11-11 737280]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Messenger\\msmsgs.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 oxser;OX16C95x Serial port driver;d:\windows\system32\DRIVERS\oxser.sys [2008-08-25 51169]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;d:\windows\system32\DRIVERS\RTL8187.sys [2008-11-11 194304]
R3 SjyPkt;SjyPkt;\??\d:\windows\System32\Drivers\SjyPkt.sys [2008-11-11 13532]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1561552
uSearchURL,(Default) = hxxp://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
IE: &Google Search - d:\program files\Google\googletoolbar.dll/cmsearch.html
IE: &Windows Live Search - d:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: Backward &Links - d:\program files\Google\googletoolbar.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - d:\program files\Google\googletoolbar.dll/cmcache.html
IE: Download ALL with IDA
IE: Download with IDA
IE: Si&milar Pages - d:\program files\Google\googletoolbar.dll/cmsimilar.html
IE: Translate into English - d:\program files\Google\googletoolbar.dll/cmtrans.html
IE: ت&صدير إلى Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

d:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
d:\windows\system32\msvcrt.dll - d:\windows\system32\mfc42.dll
d:\windows\system32\olepro32.dll
d:\windows\Downloaded Program Files\imcv1.dll
O16 -: {6924091F-CD97-41E1-B1D4-D9079409D413}
hxxp://76.76.24.100/IMSCP/talk.cab
d:\windows\Downloaded Program Files\talk.inf
FF - ProfilePath - d:\documents and settings\طاغي\Application Data\Mozilla\Firefox\Profiles\n6esbnl1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-15 11:15:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1620)
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
d:\windows\system32\klogon.dll
- - - - - - - > 'lsass.exe'(1676)
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
- - - - - - - > 'explorer.exe'(2160)
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\scrchpg.dll
d:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
d:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
d:\program files\Hotspot Shield\bin\openvpnas.exe
d:\program files\Java\jre6\bin\jqs.exe
.
**************************************************************************
.
Completion time: 12/15/2008 11:19:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-15 08:19:41
ComboFix2.txt 2008-12-10 02:17:13
Pre-Run: 633,604,608 bytes free
Post-Run: 615,632,384 bytes free
477 --- E O F --- 2008-12-10 14:47:38
 
توقيع : طآغي النظرهـ
تأييد 0
هذ1 تقرير الاداه ولحظات وانزل الهايجاك
 
توقيع : طآغي النظرهـ
تأييد 0
Logfile of HijackThis v1.99.1
Scan saved at 11:36:24 ص, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Documents and Settings\طاغي\سطح المكتب\برامج الحمايه\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Backward &Links - res://D:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://D:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://D:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\googletoolbar.dll/cmtrans.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
توقيع : طآغي النظرهـ
تأييد 0
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


احذف هذه القيمة

طريقة الحذف





mg%20(3).png





mg%20(4).png





وبذلك تكون تمت عملية الحذف



بعدها حمل هذه الأدآة



استخدم هذه الاداة للتنظيف




يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




zyzoom-a44eb4e208.png



بعدين سوي تقرير مرة ثانيه للهاجيك
 
توقيع : format
تأييد 0
بعد حذف القيمه وتحميل الاداه وتشغيلها هذ1 تقرير الهايجاك
 
توقيع : طآغي النظرهـ
تأييد 0
Logfile of HijackThis v1.99.1
Scan saved at 11:48:58 ص, on 15/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
D:\Documents and Settings\طاغي\سطح المكتب\برامج الحمايه\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - D:\Program Files\Hotspot_Shield\tbHot1.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: &Windows Live Search - res://D:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Backward &Links - res://D:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://D:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://D:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\googletoolbar.dll/cmtrans.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - D:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - D:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - D:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
توقيع : طآغي النظرهـ
تأييد 0
بعد حذف القيمه وتحميل الاداه وتشغيلها هذ1 تقرير الهايجاك
؟؟؟؟
 
توقيع : format
تأييد 0
جهازك سليم الان 100 %


تقبل تحياتي ياورد​
 
توقيع : format
تأييد 0
إيه إنت طلبت مني أحذف القيمه ثم أسوي تقرير وهذ1 هو التقرير
 
توقيع : طآغي النظرهـ
تأييد 0
جهازك سليم الان 100 %


تقبل تحياتي ياورد​
 
توقيع : format
تأييد 0
بيض الله وجهك عز الله إنكم ماقصرتوا معاي بنوب بنوب
قول أمين الله يرزقك ويرزق والدينك الجنه كفييتوا ووفيتوا مافيكم حيله


جزاكم الله ألف خير
 
توقيع : طآغي النظرهـ
تأييد 0
امين امين امين امين
 
توقيع : format
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى