الى خبراء برنامج الavira

  • بادئ الموضوع بادئ الموضوع angil1
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,427
A

angil1

زيزوومي جديد
إنضم
26 مارس 2009
المشاركات
48
مستوى التفاعل
0
النقاط
40
غير متصل
معليش يا شباب
انا سمعت وقريت عن البرنامج والسمعة كانت جبارة:ok::y:
فحبيت انصبه :cool:
تم التنصيب من احلا ما يكون :u:
ساوى الجهاز ريستارت واشتغل وانا متحمس اجرب البرنامج:y:
لما ضغط دبل كليك على البرنامج كانت المفاجئة:eek::er:
تطلع رسالة فيها انو ويندز لم يتمكن من العثور على الملف المطلوب:mad:
مع انو الملف موجود غي السي:mad: :mad: :mad: :mad:
فشو الحل ارجو الافادة
 

ترتيب حسب التاريخ ترتيب حسب الأصوات

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​


 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
ابشر اخوي
 
تأييد 0
اتفضل اخوي
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:45:26 م, on 18/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\user\سطح المكتب\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = .-~= wellcome =~-.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.qu.edu.sa:8080
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: أعرض كل الصور في نوعية أصلية. - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: صورة المعرض في نوعية أصلية. - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: AVGIDSWatcher - Unknown owner - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 10291 bytes
 
تأييد 0
بارك الله فيك اخوي

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم


 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
بالنسبة لبرامج الحماية ما في اي برنامج
كان عندي avg
وسارت فيه مشاكل وانحذف من بعدها ما رضي اي برنامج يثبت
ابشر اخوي
 
تأييد 0
ما سوى اعادة تشغيل اخوي واعطاني هذا التقرير اتفضل
ComboFix 09-04-19.01 - user 04/18/2009 22:31.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.502.243 [GMT 3:00]
Running from: c:\documents and settings\user\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\user\Application Data\FunWebProducts
c:\documents and settings\user\Application Data\FunWebProducts\Data\user\avatar.dat
c:\documents and settings\user\Application Data\FunWebProducts\Data\user\outfit.dat
c:\documents and settings\user\Application Data\FunWebProducts\Data\user\register.dat
c:\documents and settings\user\Application Data\FunWebProducts\Data\user\zbucks.dat
c:\windows\IE4 Error Log.txt
c:\windows\system32\win.exe
.
((((((((((((((((((((((((( Files Created from 2009-03-19 to 2009-04-19 )))))))))))))))))))))))))))))))
.
2009-04-18 18:33 . 2009-04-18 18:33 -------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2009-04-18 18:10 . 2009-02-13 08:31 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-04-17 21:22 . 2009-04-17 21:21 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-13 13:46 . 2009-04-13 13:46 -------- d-----w c:\documents and settings\user\Application Data\AVGTOOLBAR
2009-04-13 13:45 . 2009-04-13 13:45 50968 ----a-w c:\windows\system32\avgfwdx.dll
2009-04-13 13:45 . 2009-04-13 13:45 29208 ----a-w c:\windows\system32\drivers\avgfwdx.sys
2009-04-13 13:45 . 2009-04-17 21:50 -------- d-----w c:\documents and settings\All Users\Application Data\avg8
2009-04-12 20:48 . 2009-04-12 20:48 -------- d-----w c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-04-10 16:50 . 2009-04-18 18:22 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-04-08 11:52 . 2009-04-10 13:52 -------- d-----w c:\documents and settings\user\DoctorWeb
2009-03-29 07:41 . 2009-03-29 07:41 -------- d-----w C:\Intel
2009-03-26 06:27 . 2009-03-26 06:27 -------- d--h--w c:\documents and settings\LocalService\Application Data\java
2009-03-26 04:49 . 2009-03-26 04:49 -------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-03-24 11:59 . 2009-04-18 18:42 -------- d--h--w c:\documents and settings\user\Application Data\java
2009-03-22 21:22 . 2009-04-18 19:29 -------- d--h--w c:\windows\system32\java
2009-03-22 21:21 . 2009-03-22 21:21 -------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-17 21:21 . 2007-03-24 13:11 -------- d-----w c:\program files\Java
2009-04-14 16:19 . 2007-09-17 13:02 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-08 12:17 . 2009-02-09 20:13 -------- d-----w c:\documents and settings\user\Application Data\OpenTrust
2009-03-26 04:21 . 2008-09-11 23:47 81984 ----a-w c:\windows\system32\bdod.bin
2009-03-26 03:23 . 2007-07-29 11:51 -------- d-----w c:\program files\Internet Download Manager
2009-03-25 19:26 . 2007-07-29 11:51 -------- d-----w c:\documents and settings\user\Application Data\DMCache
2009-03-25 13:54 . 2007-11-13 22:01 -------- d-----w c:\program files\CEDP Stealer 6.0 for Messenger
2009-03-24 22:30 . 2007-09-25 12:49 -------- d-----w c:\program files\LimeWire
2009-03-24 19:33 . 2007-11-10 18:27 -------- d-----w c:\program files\QuickTime
2009-02-26 09:46 . 2009-02-26 09:46 74760 ----a-w c:\windows\system32\drivers\UniversalDD.sys
2009-02-26 09:46 . 2009-02-26 09:46 25608 ----a-w c:\windows\system32\drivers\AVGIDSErHr.sys
2009-02-09 14:15 . 2004-08-03 21:46 1846144 ----a-w c:\windows\system32\win32k.sys
2008-09-11 00:48 . 2007-03-24 12:56 107632 ----a-w c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2007-03-27 03:56 . 2007-03-27 03:56 903568 ------w c:\program files\cproxysetup_cz.zip
2003-09-04 11:20 . 2007-11-17 21:23 811008 ----a-w c:\program files\NPSWF32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 09:22 1172792 ----a-w c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-07-14 1961984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-06-22 1384448]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-08-03 1032192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-17 136600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-02 267048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-02 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2008-12-02 111928]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2006-03-24 282624]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-3-24 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\00hoeav.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\0w.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6fnlpetp.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6x8be16.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2cmd.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2free.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2service.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2upd.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\abk.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Adobe Gamma Loader.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\algsrvs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\algssl.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Angry.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antihost.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ANTS.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apu-0607g.xml]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apu.stt]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashDisp.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashEnhcd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashLogV.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashMaiSv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashPopWz.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashQuick.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashServ.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSkPcc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashUpd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashWebSv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswBoot.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswRegSvr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswUpdSv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.bin]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Autorun.ini]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.reg]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.txt]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.wsh]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorunsc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AvastSS.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Avciman.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgamsvr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcc32.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgemc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrsx.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgscan.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgupsvc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avltd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avmailc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avzkrnl.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad1.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad2.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad3.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdsubwiz.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BDSurvey.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BIOSREAD.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caiss.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caissdt.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\catcache.dat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cauninst.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavApp.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cavasm.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavAUD.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVCmd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVCtx.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavEmSrv.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavmr.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavMUD.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavoar.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavQ.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVRep.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVRid.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVSCons.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cavse.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavSn.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavSub.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVSubmit.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavUMAS.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavUserUpd.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavvl.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CEmRep.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahcomm.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahrule.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahum.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\clldr.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CMain.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\copy.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\curidsbase.kdz]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\destrukto.vbs]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DF5Serv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\diffs.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drvins32.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drweb32w.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drweb386.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwebwcl.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwreg.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe]
"Debugger"=c:\windows\system32\wscript.exe /E:vbs c:\windows\system32\winjpg.jpg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dwwin.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\e.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\e9ehn1m8.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\edb.chk]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EMDISK.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f0.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FileKan.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\flashy.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPAVServer.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FProtTray.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fpscan.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fptrayproc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPWin.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Frameworkservice.EXE ]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FrzState2k.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fs6519.dll.vbs]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fssf.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fssync.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fun.xls.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\g2pfnid.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GetSI.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxkickoff.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxkickoff_x64.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxservice.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxup.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\h3.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hookinst.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\host.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\i.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Identity.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iefqwp.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEShow.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ij.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\InstallCAVS.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\InstLsp.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iSafe.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iSafInst.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kav.bav]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavbase.kdl]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ker.vbs]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KeyMgr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\killVBS.vbs]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kl1.sys]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klavemu.kdl]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klbg.cat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klbg.sys]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klif.cat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klif.sys]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klim5.sys]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\licmgr.ex]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\licreg.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lky.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\m2nl.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcappins.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcaupdate.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcinfo.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmnhdlr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcregwiz.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcupdui.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsftsn.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsmap.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdos.pif]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msfir80.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSGrc32.vbs]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msime80.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msizap.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmsgs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcm80.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcp80.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcr71.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcr80.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mzvkbd.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mzvkbd3.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\naiavfin.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netcfg.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\new folder.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\njibyekk.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\olb1iimw.bat]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OnAccessInstaller.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Pagent.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Pagentwd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavFnSvr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavprsrv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavReport.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsAuxs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsSvc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsTray.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\preupd.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prloader.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSHost.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pskmssvc.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QtnMaint.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rcukd.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\reload.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue32.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescuecd.zip]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rose.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sal.xls.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVHOST.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scvhosts.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVHSOT.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVVHOST.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scvvhosts.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVVHSOT.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SendLogs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\session.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SocksA.ex]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOCFG.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOLITE.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOSCAN.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOSENT.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spidercpl.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ssvichosst.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sxs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\system.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\temp.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\temp2.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\toy.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TPSrv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\uiscan.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\unp_test.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\update.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\updater.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UPSDbMaker.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\userdump.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UUpd.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\v.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32Act.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32arkit.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32ECM.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32ifs.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vba32ldr.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32PP3.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32Qtn.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcmserv.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcons.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbglobal.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbimport.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbinst.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbscan.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbsystry.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VetMsg.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\virusutilities.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VisthAux.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsmon.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WEBPROXY.EXE]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\whi.com]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WinGrc32.dll]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WrAdmin.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WrCtrl.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wsctool.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\yannh.cmd]
"Debugger"=c:\windows\system32\win.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ybj8df.exe]
"Debugger"=c:\windows\system32\win.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 AVGIDSAgent;AVGIDSAgent; [x]
R2 AVGIDSWatcher;AVGIDSWatcher; [x]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2009-04-13 29208]
R3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2009-04-13 29208]
R3 AVGIDSDriver;AVGIDSDriver; [x]
R3 AVGIDSFilter;AVGIDSFilter; [x]
R3 AVGIDSShim;AVGIDSShim; [x]
S0 AVGIDSErHr;AVGIDSErHr;c:\windows\System32\Drivers\AVGIDSErHr.sys [2009-02-26 25608]
S1 HFSYS;HFSYS;c:\windows\system32\drivers\HFSYS.SYS [2002-10-27 19732]
S2 lf;lf;c:\program files\Lock Folder XP 3.2\UniShieldXP.sys [2003-07-03 45952]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{43dfb2aa-de8f-11dd-baa3-0019b956a3a8}]
\Shell\AutoRun\command - F:\e.cmd
\Shell\explore\Command - F:\e.cmd
\Shell\open\Command - F:\e.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{628f7a6c-6ebb-11dc-809c-0016cfd09c67}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{628f7a6e-6ebb-11dc-809c-0016cfd09c67}]
\Shell\AutoRun\command - I:\USBNB.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83a38d07-f939-11dd-a09d-0019b956a3a8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{917b57fb-6c6b-11dd-ba39-0019b956a3a8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99b7313d-95df-11dc-8eb1-0016cfd09c67}]
\Shell\Auto\command - setup.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bfa55429-daca-11db-a0fd-0019b956a3a8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Wscript.exe /e:vbs winfile.jpg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd6dc26a-f779-11db-a178-0019b956a3a8}]
\Shell\AutoRun\command - F:\cb.exe
\Shell\open\Command - F:\cb.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8e9675e-2eca-11dc-9516-0019b956a3a8}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL rose.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-17 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-21 19:35]
2009-04-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 11:57]
2009-04-17 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-04-18 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
Notify-WgaLogon - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = proxy.qu.edu.sa:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: أعرض كل الصور في نوعية أصلية. - c:\program files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: صورة المعرض في نوعية أصلية. - c:\program files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-18 22:34
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = ~"c:\program files\Windows Live\Messenger\msnmsgr.exe" /background?
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*t*t* \OpenWithList]
@Class="Shell"
"a"="msnmsgr.exe"
"MRUList"="ba"
"b"="NOTEPAD.EXE"
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*t*t* \OpenWithProgids]
"ctt‎_auto_file"=hex(0):
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*]
@Class="Shell"
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*\OpenWithList]
@Class="Shell"
"a"="mplayerc.exe"
"MRUList"="a"
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*\OpenWithProgids]
"؟_auto_file"=hex(0):
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*]
"0"=hex:43,06,22,06,33,06,20,00,48,06,20,00,43,06,33,06,4a,06,33,06,20,00,2e,
00,2e,00,2e,00,1f,06,00,00,6c,00,36,00,00,00,00,00,00,00,00,00,00,00,43,06,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:75,9a,bd,cf,de,a1,62,73,51,7c,ea,84,99,d6,76,db,42,f7,e3,cc,ec,34,5b,
74,a6,d8,90,2a,28,de,3e,13,a5,0c,0f,5d,7a,8f,5b,5f,e3,af,11,a7,a1,9f,c3,0d,\
"??"=hex:a0,83,26,49,eb,53,e5,be,b5,be,87,6b,32,fa,fe,cd
[HKEY_USERS\S-1-5-21-1409082233-261903793-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:eb,b9,7f,6a,47,26,c2,e2,3a,15,f1,f4,d4,49,71,c2,1a,f2,d5,d2,51,
e4,38,f6,84,42,86,2a,8e,30,05,32,aa,e1,96,cd,4d,a1,5e,68,5c,be,45,33,ce,4f,\
"rkeysecu"=hex:a5,6c,85,db,29,c0,2a,4e,e8,7b,4c,2c,c2,cf,e8,ce
[HKEY_LOCAL_MACHINE\software\Classes\.*]
@="؟_auto_file"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):75,2d,08,e3,d7,21,89,45,ee,a1,85,56,f8,3f,15,53,30,91,ca,b5,db,
7b,bd,1e,af,db,b0,d2,bf,d6,44,ee,22,46,f1,28,2b,12,ca,7c,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b0c6738a-04d9-4308-b616-7b2553880ae5}]
@Denied: (Full) (Everyone)
"Model"=dword:00000117
"Therad"=dword:0000000f
.
Completion time: 2009-04-18 22:36
ComboFix-quarantined-files.txt 2009-04-18 19:36
Pre-Run: 22,772,379,648 bytes free
Post-Run: 23,576,662,016 bytes free
730 --- E O F --- 2009-04-17 21:30
 
تأييد 0
مو مشكله .. والان هاتلي هاي جاك

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​


 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
اتفضل يا غالي

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:30 م, on 18/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\program files\avira\antivir desktop\avcenter.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\user\سطح المكتب\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.qu.edu.sa:8080
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: أعرض كل الصور في نوعية أصلية. - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: صورة المعرض في نوعية أصلية. - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: AVGIDSWatcher - Unknown owner - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 10254 bytes
 
تأييد 0
مرحبا .. وراك استعجلت وثبتت البرنامج :hh:

لسا باقي تقريرك فيه مشاكل ..

احذف هالتولبار من اضافة وازله البرامج

SweetIM Toolbar
و
Google Toolbar

ويفضل لو تعطل او تحذف هالبرنامج Cproxy

^^
لأنه هو (( بأعتقد ,, الله واعلم )) الي مغير مجرى خط الأبديت حق الافيرا

ويبدولي من التقرير ان النت تابع لجامعه او شي كذا صح ؟

على العموم اذا كان كذالك فيبغالك انك تضبط اعدادات تحديث البرنامج بالبروكسي تبعك ..

مابعرف لها الطريقه والله ... ومابعرف اذا كنت موجودة اصلا .. انا بعرف للنود فقط


على العموم من التقرير احذف

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)


 O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)


 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)


طريقة الحذف

mg%20%283%29.png


mg%20%284%29.png


حمل هالبرنامج (( المحمول )) لتنظيف جهازك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


فك الضغط وشغل البرنامج

ثم

zyzoom-d762122afb.jpg


zyzoom-8dbf27d5b7.jpg




zyzoom-c43ce2675a.jpg




ثم

zyzoom-13a981099e.jpg



zyzoom-749b8be64f.jpg



zyzoom-233e42ae23.jpg



zyzoom-2835265acc.jpg



zyzoom-0f820fb2e3.jpg




 
التعديل الأخير بواسطة المشرف:
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
لا والله اخوي النت تبعي و باسمي بالبيت
اما بالنسبة للبرنامج ففي الجهاز من 3 سنين وكان عادي يسير اب ديت
 
تأييد 0
طيب اخوي .. طبق الي قلت لك عليه وقولي وش نوع اشتراكك بالنت

هل هو دي سي ال شامل ام ماذا ..

واعمل اعادة تشغيل للجهاز .. ويفضل لو ترفق لنا صورة من واجهه البرنامج
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
ابشر اخوي
 
تأييد 0
هو دي سي ال
طبقت الي قلتلي عليه وبرفع الصورة
 
تأييد 0
images-2009-4-18-02-nntsq3x0d.bmp-bmp
 
تأييد 0
bmp
 
تأييد 0
^^
قصدي من واجهه الأفيرا حبيب قلبي

مخلفات الجهاز تبعك كثيرة جداا وتم تنظيفها ولله الحمد
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
هههههههههههههه ابشر يا غالي
 
تأييد 0
bmp
 
تأييد 0
شو المطلوب بعد يا غالي
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى