تقرير

ط

طلال الساهر

زيزوومي جديد
إنضم
17 أبريل 2009
المشاركات
71
مستوى التفاعل
0
النقاط
80
الإقامة
المدينة
غير متصل
امس فرمت الجهاز عشان الفايروسات :mad: ونزلت التقرير وياليت مايكون فيه فايروسات


ComboFix 09-04-17.05 - xp 04/19/2009 19:28.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.446.219 [GMT 3:00]
Running from: c:\documents and settings\xp\سطح المكتب\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated)
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-03-19 to 2009-04-19 )))))))))))))))))))))))))))))))
.
2009-04-19 15:56 . 2005-02-25 03:34 22752 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-19 15:56 . 2009-04-19 16:06 -------- d--h--w c:\windows\$hf_mig$
2009-04-19 15:51 . 2008-10-16 11:08 23576 ----a-w c:\windows\system32\wuapi.dll.mui
2009-04-19 15:13 . 2009-04-19 15:13 -------- d-----w c:\documents and settings\xp\Application Data\Media Player Classic
2009-04-19 14:26 . 2001-08-17 19:36 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll
2009-04-19 14:26 . 2001-08-17 19:36 8704 ----a-w c:\windows\system32\kbdjpn.dll
2009-04-19 14:26 . 2001-08-17 19:36 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll
2009-04-19 14:26 . 2001-08-17 19:36 8192 ----a-w c:\windows\system32\kbdkor.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd106.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd101c.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd101b.dll
2009-04-19 14:26 . 2001-08-17 11:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll
2009-04-19 14:26 . 2001-08-17 11:55 5632 ----a-w c:\windows\system32\kbd103.dll
2009-04-19 13:30 . 2009-04-19 13:30 -------- d-----w c:\documents and settings\xp\Local Settings\Application Data\Google
2009-04-19 10:26 . 2009-04-19 10:26 -------- d--h--w c:\windows\system32\GroupPolicy
2009-04-19 10:13 . 2009-04-19 10:13 -------- d-s---w c:\documents and settings\xp\UserData
2009-04-19 03:23 . 2009-04-19 03:23 -------- d-----w c:\windows\Sun
2009-04-18 22:45 . 2009-04-19 09:49 -------- d-----w c:\documents and settings\xp\Application Data\WIPE
2009-04-18 22:45 . 2007-06-22 00:08 139776 ----a-w c:\windows\system32\dhSQLite.dll
2009-04-18 22:45 . 2007-06-18 15:57 219136 ----a-w c:\windows\sqlite3_engine.dll
2009-04-18 22:45 . 2004-03-08 21:00 609824 ----a-w c:\windows\system32\Comctl32.ocx
2009-04-18 22:22 . 2009-04-18 22:22 -------- d-----w c:\windows\system32\AppData
2009-04-18 22:21 . 2006-03-14 11:00 544833 ----a-w c:\windows\system32\wbocx.ocx
2009-04-18 22:21 . 2004-12-07 07:11 258352 ----a-w c:\windows\system32\unicows.dll
2009-04-18 22:21 . 2002-03-01 14:58 50688 ----a-w c:\windows\system32\wbhelp2.dll
2009-04-18 22:21 . 2002-03-01 14:58 28160 ----a-w c:\windows\system32\anim.dll
2009-04-18 21:14 . 2009-04-18 21:15 -------- d-----w c:\documents and settings\xp\Contacts
2009-04-18 21:12 . 2009-04-18 21:12 -------- dc----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-18 21:04 . 2004-08-03 21:55 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll
2009-04-18 21:04 . 2004-08-03 21:55 21504 ----a-w c:\windows\system32\hidserv.dll
2009-04-18 21:04 . 2004-08-03 21:45 14720 -c--a-w c:\windows\system32\dllcache\kbdhid.sys
2009-04-18 21:04 . 2004-08-03 21:45 14720 ----a-w c:\windows\system32\drivers\kbdhid.sys
2009-04-18 21:03 . 2004-08-03 20:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys
2009-04-18 21:03 . 2004-08-03 20:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-19 16:15 . 2001-09-19 11:00 40118 ----a-w c:\windows\system32\perfc001.dat
2009-04-19 16:15 . 2001-09-19 11:00 251674 ----a-w c:\windows\system32\perfh001.dat
2009-04-19 15:45 . 2009-04-18 17:17 -------- d-----w c:\program files\mpegable
2009-04-19 12:00 . 2009-04-19 12:00 -------- d-----w c:\program files\Common Files\xing shared
2009-04-19 12:00 . 2009-04-18 17:20 -------- d-----w c:\program files\Common Files\Real
2009-04-19 11:59 . 2009-04-18 17:18 -------- d-----w c:\program files\Google
2009-04-19 11:45 . 2009-04-18 16:40 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-18 22:45 . 2009-04-18 22:45 -------- d-----w c:\program files\Wipe
2009-04-18 22:05 . 2009-04-18 17:00 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-18 22:01 . 2009-04-18 17:03 -------- d-----w c:\program files\Common Files\ACD Systems
2009-04-18 17:24 . 2009-04-18 17:17 -------- d-----w c:\documents and settings\xp\Application Data\uTorrent
2009-04-18 17:20 . 2009-04-18 17:20 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-18 17:20 . 2009-04-18 17:19 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-18 17:20 . 2009-04-18 17:20 -------- d-----w c:\program files\Real
2009-04-18 17:19 . 2009-04-18 17:19 -------- d-----w c:\program files\Crystal Player
2009-04-18 17:19 . 2009-04-18 17:19 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-18 17:18 . 2009-04-18 17:18 -------- d-----w c:\program files\VideoLAN
2009-04-18 17:17 . 2009-04-18 17:17 47104 ------w c:\windows\AKDeInstall.exe
2009-04-18 17:17 . 2009-04-18 17:17 -------- d-----w c:\program files\uTorrent
2009-04-18 17:16 . 2009-04-18 17:16 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-18 17:15 . 2009-04-18 16:48 73208 ----a-w c:\documents and settings\xp\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-18 17:14 . 2009-04-18 17:14 -------- d-----w c:\program files\Windows Live
2009-04-18 17:14 . 2009-04-18 17:09 -------- d-----w c:\program files\Ares
2009-04-18 17:10 . 2009-04-18 17:09 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Java
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Common Files\Java
2009-04-18 17:09 . 2009-04-18 17:09 172032 ------w c:\windows\Setup1.exe
2009-04-18 17:09 . 2009-04-18 17:09 73216 ----a-w c:\windows\ST6UNST.EXE
2009-04-18 17:09 . 2009-04-18 17:09 -------- dc----w c:\documents and settings\All Users\Application Data\Avira
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Avira
2009-04-18 17:07 . 2009-04-18 17:05 -------- d-----w c:\program files\Common Files\Adobe
2009-04-18 16:59 . 2009-04-18 16:59 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-18 16:51 . 2009-04-18 16:51 -------- d-----w c:\program files\Microsoft.NET
2009-04-18 16:41 . 2009-04-18 16:41 -------- d-----w c:\program files\microsoft frontpage
2009-04-18 16:37 . 2009-04-18 16:37 22144 ----a-w c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-19 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 262401]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-19 198160]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\xp\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Wipe tray agent.lnk - c:\program files\Wipe\wipetray.exe [2009-4-19 191888]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VModes]
VModes AttachToDesktop [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2008-11-26 07:23 881664 ----a-w c:\program files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-03 20:56 15360 ----a-w c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-04-18 17:09 155648 ----a-w c:\program files\Java\jre1.6.0_01\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-04-19 12:00 198160 ----a-w c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
2005-03-07 03:33 53248 ----a-r c:\windows\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
2005-10-31 04:15 163840 ----a-r c:\windows\system32\VTTrayp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\FTP\\LeapFTP1.exe"=
"f:\\All in one Cleaner\\SysCleaners4in1.exe"=
"f:\\All in one Cleaner\\ToolRegistryCleaner.exe"=
"c:\\Program Files\\Adobe\\Photoshop CS\\Photoshop.exe"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
"c:\\Documents and Settings\\xp\\سطح المكتب\\ComboFix.exe"=
"c:\\Program Files\\Wipe\\wipetray.exe"=
S3 abp470n5;abp470n5; [x]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-19 19:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-04-19 19:30
ComboFix-quarantined-files.txt 2009-04-19 16:30
ComboFix2.txt 2009-04-19 16:17
Pre-Run: 15,000,166,400 bytes free
Post-Run: 15,060,123,648 bytes free
177 --- E O F --- 2009-04-19 16:06
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
يااخوووووووووووووووووووووووووووووواني وينكم؟؟
 

تأييد 0
تماام

حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
تأييد 0
تفضل


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:56:36 م, on 21/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\DOCUME~1\xp\LOCALS~1\Temp\hbnrxp.exe
C:\DOCUME~1\xp\LOCALS~1\Temp\wingjjak.exe
C:\Documents and Settings\xp\سطح المكتب\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: is-BR24F.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 4670 bytes
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
اخوي بخصوص برامج الحمايه اقولك ماقدر افتح اي برنامج
 
تأييد 0
تفضل


ComboFix 09-04-19.05 - xp 04/21/2009 16:48.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.446.239 [GMT 3:00]
Running from: c:\documents and settings\xp\سطح المكتب\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated)
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-03-21 to 2009-04-21 )))))))))))))))))))))))))))))))
.
2009-04-21 13:42 . 2009-04-21 13:47 -------- dc--a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-21 13:42 . 2009-04-21 13:42 -------- dc----w c:\documents and settings\All Users\Application Data\SpeedBit
2009-04-21 13:42 . 2009-04-21 13:42 172032 ----a-w c:\windows\system32\AniGIF.ocx
2009-04-20 15:22 . 2009-04-21 13:50 5842976 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-20 15:22 . 2009-04-21 13:03 57380 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-20 15:22 . 2008-07-08 10:54 148496 ----a-w c:\windows\system32\drivers\27236439.sys
2009-04-20 13:20 . 2009-02-09 11:48 2182016 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-20 13:20 . 2009-02-09 11:48 2017280 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-20 13:20 . 2009-02-09 11:48 2059264 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-04-20 13:20 . 2009-02-09 11:48 2137600 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-20 12:54 . 2008-06-14 17:59 271616 -c----w c:\windows\system32\dllcache\bthport.sys
2009-04-20 12:54 . 2008-06-14 17:59 271616 ------w c:\windows\system32\drivers\bthport.sys
2009-04-20 12:38 . 2008-10-24 11:10 453632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-20 11:23 . 2009-04-20 11:23 -------- d-----w c:\documents and settings\xp\Local Settings\Application Data\Identities
2009-04-19 18:38 . 2009-04-19 18:38 74703 ----a-w c:\windows\system32\mfc45.dll
2009-04-19 18:14 . 2004-08-03 20:55 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-19 18:06 . 2009-04-19 18:06 -------- d-----w c:\documents and settings\xp\Application Data\vlc
2009-04-19 18:03 . 2009-04-19 18:39 -------- dc----w c:\documents and settings\All Users\Application Data\iolo
2009-04-19 18:03 . 2009-04-19 18:38 -------- d-----w c:\documents and settings\xp\Application Data\iolo
2009-04-19 17:50 . 2009-04-19 17:50 26 ----a-w C:\BIOSLOCK.INI
2009-04-19 15:56 . 2008-07-09 07:34 26488 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-19 15:56 . 2009-04-21 12:28 -------- d--h--w c:\windows\$hf_mig$
2009-04-19 15:51 . 2008-10-16 11:08 23576 ----a-w c:\windows\system32\wuapi.dll.mui
2009-04-19 15:13 . 2009-04-19 15:13 -------- d-----w c:\documents and settings\xp\Application Data\Media Player Classic
2009-04-19 14:26 . 2001-08-17 19:36 8704 -c--a-w c:\windows\system32\dllcache\kbdjpn.dll
2009-04-19 14:26 . 2001-08-17 19:36 8704 ----a-w c:\windows\system32\kbdjpn.dll
2009-04-19 14:26 . 2001-08-17 19:36 8192 -c--a-w c:\windows\system32\dllcache\kbdkor.dll
2009-04-19 14:26 . 2001-08-17 19:36 8192 ----a-w c:\windows\system32\kbdkor.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd106.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101c.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 -c--a-w c:\windows\system32\dllcache\kbd101b.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd106.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd101c.dll
2009-04-19 14:26 . 2001-08-17 11:55 6144 ----a-w c:\windows\system32\kbd101b.dll
2009-04-19 14:26 . 2001-08-17 11:55 5632 -c--a-w c:\windows\system32\dllcache\kbd103.dll
2009-04-19 14:26 . 2001-08-17 11:55 5632 ----a-w c:\windows\system32\kbd103.dll
2009-04-19 13:30 . 2009-04-19 13:30 -------- d-----w c:\documents and settings\xp\Local Settings\Application Data\Google
2009-04-19 10:26 . 2009-04-19 10:26 -------- d--h--w c:\windows\system32\GroupPolicy
2009-04-19 10:13 . 2009-04-19 10:13 -------- d-s---w c:\documents and settings\xp\UserData
2009-04-19 03:23 . 2009-04-19 03:23 -------- d-----w c:\windows\Sun
2009-04-18 22:45 . 2009-04-19 19:10 -------- d-----w c:\documents and settings\xp\Application Data\WIPE
2009-04-18 22:45 . 2007-06-22 00:08 139776 ----a-w c:\windows\system32\dhSQLite.dll
2009-04-18 22:45 . 2007-06-18 15:57 219136 ----a-w c:\windows\sqlite3_engine.dll
2009-04-18 22:45 . 2004-03-08 21:00 609824 ----a-w c:\windows\system32\Comctl32.ocx
2009-04-18 22:22 . 2009-04-18 22:22 -------- d-----w c:\windows\system32\AppData
2009-04-18 22:21 . 2006-03-14 11:00 544833 ----a-w c:\windows\system32\wbocx.ocx
2009-04-18 22:21 . 2004-12-07 07:11 258352 ----a-w c:\windows\system32\unicows.dll
2009-04-18 22:21 . 2002-03-01 14:58 50688 ----a-w c:\windows\system32\wbhelp2.dll
2009-04-18 22:21 . 2002-03-01 14:58 28160 ----a-w c:\windows\system32\anim.dll
2009-04-18 21:14 . 2009-04-20 14:40 -------- d-----w c:\documents and settings\xp\Contacts
2009-04-18 21:12 . 2009-04-18 21:12 -------- dc----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-18 21:04 . 2004-08-03 21:55 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll
2009-04-18 21:04 . 2004-08-03 21:55 21504 ----a-w c:\windows\system32\hidserv.dll
2009-04-18 21:04 . 2004-08-03 21:45 14720 -c--a-w c:\windows\system32\dllcache\kbdhid.sys
2009-04-18 21:04 . 2004-08-03 21:45 14720 ----a-w c:\windows\system32\drivers\kbdhid.sys
2009-04-18 21:03 . 2004-08-03 20:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys
2009-04-18 21:03 . 2004-08-03 20:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-21 13:08 . 2001-09-19 11:00 40118 ----a-w c:\windows\system32\perfc001.dat
2009-04-21 13:08 . 2001-09-19 11:00 251674 ----a-w c:\windows\system32\perfh001.dat
2009-04-21 12:11 . 2009-04-18 16:48 74432 ----a-w c:\documents and settings\xp\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-19 18:07 . 2009-04-18 17:18 -------- d-----w c:\program files\VideoLAN
2009-04-19 15:45 . 2009-04-18 17:17 -------- d-----w c:\program files\mpegable
2009-04-19 12:00 . 2009-04-19 12:00 -------- d-----w c:\program files\Common Files\xing shared
2009-04-19 12:00 . 2009-04-18 17:20 -------- d-----w c:\program files\Common Files\Real
2009-04-19 11:59 . 2009-04-18 17:18 -------- d-----w c:\program files\Google
2009-04-19 11:45 . 2009-04-18 16:40 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-18 22:05 . 2009-04-18 17:00 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-18 22:01 . 2009-04-18 17:03 -------- d-----w c:\program files\Common Files\ACD Systems
2009-04-18 17:24 . 2009-04-18 17:17 -------- d-----w c:\documents and settings\xp\Application Data\uTorrent
2009-04-18 17:20 . 2009-04-18 17:20 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-18 17:20 . 2009-04-18 17:19 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-18 17:20 . 2009-04-18 17:20 -------- d-----w c:\program files\Real
2009-04-18 17:19 . 2009-04-18 17:19 -------- d-----w c:\program files\Crystal Player
2009-04-18 17:19 . 2009-04-18 17:19 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-18 17:17 . 2009-04-18 17:17 47104 ------w c:\windows\AKDeInstall.exe
2009-04-18 17:17 . 2009-04-18 17:17 -------- d-----w c:\program files\uTorrent
2009-04-18 17:16 . 2009-04-18 17:16 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-18 17:14 . 2009-04-18 17:14 -------- d-----w c:\program files\Windows Live
2009-04-18 17:14 . 2009-04-18 17:09 -------- d-----w c:\program files\Ares
2009-04-18 17:10 . 2009-04-18 17:09 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Java
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Common Files\Java
2009-04-18 17:09 . 2009-04-18 17:09 172032 ------w c:\windows\Setup1.exe
2009-04-18 17:09 . 2009-04-18 17:09 73216 ----a-w c:\windows\ST6UNST.EXE
2009-04-18 17:09 . 2009-04-18 17:09 -------- dc----w c:\documents and settings\All Users\Application Data\Avira
2009-04-18 17:09 . 2009-04-18 17:09 -------- d-----w c:\program files\Avira
2009-04-18 17:07 . 2009-04-18 17:05 -------- d-----w c:\program files\Common Files\Adobe
2009-04-18 16:59 . 2009-04-18 16:59 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-18 16:51 . 2009-04-18 16:51 -------- d-----w c:\program files\Microsoft.NET
2009-04-18 16:41 . 2009-04-18 16:41 -------- d-----w c:\program files\microsoft frontpage
2009-04-18 16:37 . 2009-04-18 16:37 22144 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-06 14:44 . 2004-08-03 20:55 282624 ----a-w c:\windows\system32\pdh.dll
2009-02-20 08:29 . 2004-08-03 20:55 657920 ----a-w c:\windows\system32\wininet.dll
2009-02-20 08:29 . 2004-08-03 20:55 81920 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:15 . 2004-08-03 20:46 1846144 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:48 . 2004-08-04 00:48 2017280 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:48 . 2004-08-03 20:48 2137600 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 10:19 . 2004-08-03 20:55 399360 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:19 . 2004-08-03 20:55 717824 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:19 . 2004-08-03 20:55 680960 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:19 . 2004-08-03 20:55 693760 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:05 . 2004-08-03 20:56 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 16:54 . 2001-09-19 11:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 20:08 . 2004-08-03 20:55 55808 ----a-w c:\windows\system32\secur32.dll
.
------- Sigcheck -------
[-] 2008-01-09 12:42 1547776 D74083DCEC51D5291EF24D8D055D133A c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"f:\\FTP\\LeapFTP1.exe"=
"f:\\All in one Cleaner\\SysCleaners4in1.exe"=
"f:\\All in one Cleaner\\ToolRegistryCleaner.exe"=
"c:\\Program Files\\Adobe\\Photoshop CS\\Photoshop.exe"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\msohtmed.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\AcroRd32.exe"=
"c:\\WINDOWS\\system32\\CF14476.exe"=
"c:\\DOCUME~1\\xp\\LOCALS~1\\Temp\\tcap.exe"=
"c:\\DOCUME~1\\xp\\LOCALS~1\\Temp\\gpiy.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3449:TCP"= 3449:TCP:rwogn
R2 owbdrf;Microsoft Helper;c:\windows\system32\svchost.exe [2004-08-03 14336]
S1 is-BR24Fdrv;is-BR24Fdrv;c:\windows\system32\DRIVERS\27236439.sys [2008-07-08 148496]
S3 abp470n5;abp470n5; [x]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
owbdrf
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.speedbit.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - d:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - d:\program files\DAP\dapextie.htm
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Download &all with DAP - d:\program files\DAP\dapextie2.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-21 16:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\owbdrf]
"ServiceDll"="c:\windows\system32\jvgqee.dll"
.
Completion time: 2009-04-21 16:52
ComboFix-quarantined-files.txt 2009-04-21 13:51
ComboFix2.txt 2009-04-19 16:30
ComboFix3.txt 2009-04-19 16:17
Pre-Run: 15,296,679,936 bytes free
Post-Run: 15,522,979,840 bytes free
209 --- E O F --- 2009-04-21 12:28
 
تأييد 0
اخوي حملت كل شي وسويت كل شي بس مانفع
 
تأييد 0
اخوي تفضل المشكله هاي يمكن تساعدك اذا بضغط ع اي برنامج قويه يطلع لي رساله

صادف Download Accelerator Plus (DAP) مشكلة ويجب إغلاقه. المعذرة على الإزعاج.
 
تأييد 0
يااااااااااااااااااااااااااااارب ؟
 
تأييد 0
ارفع تقرير هايجاك جديد الان
 
تأييد 0
تفضل


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:53:53 ص, on 22/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\DOCUME~1\xp\LOCALS~1\Temp\winfmdh.exe
C:\DOCUME~1\xp\LOCALS~1\Temp\ttiail.exe
C:\Documents and Settings\xp\سطح المكتب\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - D:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - D:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "D:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: is-BR24F.lnk = ?
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Clean Traces - D:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - D:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Download &all with DAP - D:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 5005 bytes
 
تأييد 0
حمل اداة الافيرا من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وطبق هذا الشرح


i6005_1.png


i6006_2.png


i6007_3.png


i6008_4.png


i6004_5.png


والصق التقرير بمشاركتك القادمة
 
تأييد 0
اخوي بعض الناس يقولوا النسخه عندك مو اصليه
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى