خطآ في النظآم و المسن و الجهآز يعلق ..؟!

  • بادئ الموضوع بادئ الموضوع Abu Faisal
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,058
A

Abu Faisal

زيزوومى فعال
إنضم
30 يونيو 2008
المشاركات
214
مستوى التفاعل
0
النقاط
280
الإقامة
In .. zyzoom
غير متصل
بسسم الله الرحمن الرحيم ..​

الدخول في الموضووع ..!​

المشكله /​


1/ آول مآ آشغل الجهآز يطلع كـ التآلي ..​

:er:


wvn04oq3j4qk.bmp

2/ المآسنجر وآحد آرسسلي رابط فآيس بووك .. دخلت عليه مآ فيه شي عآآدي .. بعد شووي هالرآبط يررسل آي وآآحد عندي .. يعني وآآحد آتكلم معه يرسله هالرآآبط .. و يعلق آيضـآآ ..! :er:​



3/ الجهآز آتصفح يعلق .. :er: ..!​


::​

::​
 

توقيع : Abu Faisal
ترتيب حسب التاريخ ترتيب حسب الأصوات
وينكـــــــــــــــــــــــم ..؟
 
توقيع : Abu Faisal
تأييد 0
وعليكم السلام

يا ليت ترفع الصوره مره أخرى بموقع الرقع حق المنتدى

قم بعمل التالي

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

OR
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة ==> انسخه والصقه بردك القادم

وتفضل هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بالتوفيق​
 
توقيع : أعتز بك
تأييد 0
تفضل /





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:16 م, on 16/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\msnmsgrss.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real Alternative\Media Player Classic\mplayerc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = speed2.info:95
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: TargetWebADS module - {8152A0B9-DEB6-476e-BC67-175B19080A8A} - C:\Program Files\Target Web ADS\TargetWebADS.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [Windows UDP Control Center] msnmsgrss.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)" -"
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O20 - Winlogon Notify: fsp_lmwl - C:\WINDOWS\SYSTEM32\fsp_lmwl.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7689 bytes
 
توقيع : Abu Faisal
تأييد 0
ثم نزل هذه الاداة واتبع الشرح التالي
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبي فقط

شرح الاستخدام ,,,,,,

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

i9141_11.png

i9142_22.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

i9143_33.png




عطل جميع برامج الحمايه >>> تأكد من وقت وتاريخ الجهاز
>>> لاتغير اسم الاداة واحفظها على سطح المكتب
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

وبعدها تقرير هايجاك جديد
 
توقيع : format
تأييد 0
تقرير ComboFix //


ComboFix 09-05-16.01 - عبدالرحمن 05/16/2009 22:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.223.68 [GMT 3:00]
Running from: c:\documents and settings\عبدالرحمن\سطح المكتب\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\msnmsgrss.exe
c:\windows\opuc.dll
c:\windows\system32\x64
c:\windows\system32\x64\csnp2uvc.dll
c:\windows\system32\x64\rsnpvc64.dll
c:\windows\system32\x64\sncduvc.sys
c:\windows\system32\x64\snp2uvc.sys
c:\windows\system32\x64\vsnpvc64.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-16 to 2009-05-16 )))))))))))))))))))))))))))))))
.
2009-05-16 19:32 . 2009-05-16 19:40 -------- d-sh--w c:\documents and settings\عبدالرحمن\Recent
2009-05-16 19:32 . 2009-05-16 19:40 -------- d-sh--w c:\documents and settings\عبدالرحمن\Recent
2009-05-16 19:25 . 2009-05-16 19:25 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\CyberScrub
2009-05-16 19:24 . 2009-05-16 19:24 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\cleaner
2009-05-16 19:03 . 2009-05-16 19:03 -------- d-----w c:\program files\Trend Micro
2009-05-15 16:32 . 2009-05-15 16:32 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\4shared Desktop
2009-05-15 16:32 . 2009-05-15 16:32 -------- d-----w c:\program files\4shared Desktop
2009-05-15 13:16 . 2009-05-15 13:20 -------- d-----w c:\program files\Windows Live Safety Center
2009-05-15 11:47 . 2009-05-15 11:47 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\GRETECH
2009-05-15 11:13 . 2009-05-15 11:14 592 ----a-w c:\windows\chgkey.vbs
2009-05-14 23:28 . 2009-05-14 23:28 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\Malwarebytes
2009-05-14 23:28 . 2009-04-06 12:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-14 23:28 . 2009-04-06 12:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-14 23:28 . 2009-05-14 23:28 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-14 23:27 . 2009-05-14 23:28 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-14 14:53 . 2009-05-14 14:53 -------- d-----w c:\program files\Target Web ADS
2009-05-12 21:25 . 2009-05-12 21:25 37888 ----a-w c:\windows\system32\setupnt.dll
2009-05-12 21:25 . 2009-05-12 21:25 65856 ----a-w c:\windows\system32\drivers\snapman.sys
2009-05-11 21:56 . 2009-05-12 20:54 -------- d-----w c:\program files\edBlockDetector 2.0
2009-05-10 12:46 . 2009-05-16 10:38 65536 ----a-w c:\windows\NCLAUNCH.EXe
2009-05-10 12:46 . 2009-05-16 10:38 45056 ----a-w c:\windows\NCUNINST.EXe
2009-05-10 12:46 . 2009-05-16 10:38 9931703 ----a-w c:\windows\LOST_screensaver.scr
2009-05-10 10:05 . 2009-05-10 10:05 65385 ----a-w c:\windows\BricoPackUninst.cmd
2009-05-10 10:00 . 2009-05-10 10:05 6108 ----a-w c:\windows\BricoPackFoldersDelete.cmd
2009-05-10 09:59 . 2009-05-10 09:59 -------- d-----w c:\windows\BricoPacks
2009-05-09 13:11 . 2006-10-26 16:56 32592 ----a-w c:\windows\system32\msonpmon.dll
2009-05-09 13:05 . 2009-05-09 13:05 -------- d-----w c:\program files\Microsoft Works
2009-05-09 13:00 . 2009-05-09 13:00 -------- d-----w c:\program files\Microsoft.NET
2009-05-09 12:56 . 2009-05-09 12:56 -------- d-----w c:\program files\Microsoft Visual Studio 8
2009-05-09 12:53 . 2009-05-09 13:03 -------- d-----w c:\windows\SHELLNEW
2009-05-09 12:52 . 2009-05-09 12:52 -------- d-----w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\Microsoft Help
2009-05-09 12:50 . 2009-05-09 13:47 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-09 12:48 . 2009-05-09 12:48 -------- d--h--r C:\MSOCache
2009-05-09 11:48 . 2009-05-14 23:06 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\OfficeUpdate12
2009-05-08 18:36 . 2009-05-14 23:06 -------- d-----w c:\program files\Hotspot Shield
2009-05-06 10:24 . 2009-05-06 10:24 4 ----a-w c:\windows\RegDefrag.dat
2009-05-06 10:16 . 2009-05-12 09:59 -------- d-----w c:\program files\Registry Compressor
2009-05-06 10:09 . 2009-05-12 20:56 -------- d-----w c:\program files\Registry Fast
2009-05-06 03:30 . 2009-05-06 03:30 -------- d-----w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\bluesoleil
2009-05-06 03:25 . 2009-05-06 03:25 -------- d-----w c:\program files\IVT Corporation
2009-05-05 15:23 . 2002-11-05 11:07 126976 ----a-w c:\windows\UNINST32.EXE
2009-05-05 12:54 . 2009-05-05 12:54 0 ----a-w c:\windows\system32\cd.dat
2009-05-04 02:29 . 2009-05-04 02:29 37 ----a-w C:\ru.bat
2009-05-04 02:29 . 2009-05-04 02:29 42496 ----a-w C:\iepv.exe
2009-05-03 22:28 . 2009-05-03 22:28 -------- d-----w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\Real
2009-05-03 22:28 . 2009-05-03 22:28 -------- d-----w c:\program files\Real Alternative
2009-05-02 05:53 . 2009-05-02 05:53 -------- d-----w c:\program files\RaeY
2009-05-02 05:53 . 2009-05-16 19:43 24717 ----a-w c:\documents and settings\عبدالرحمن\Application Data\YV.dat
2009-05-02 01:24 . 2009-05-02 01:24 -------- d-----w C:\BackUpMSNCleaner
2009-05-02 00:24 . 2009-05-02 00:24 -------- d-----w c:\program files\Common Files\DivX Shared
2009-05-02 00:24 . 2009-05-02 00:24 -------- d-----w c:\program files\DivX
2009-05-01 15:39 . 2009-05-01 15:39 -------- d-----w c:\program files\Microsoft
2009-05-01 05:37 . 2007-02-21 18:21 43376 ----a-w c:\windows\system32\fsp_lmwl.dll
2009-05-01 05:37 . 2007-02-21 18:21 10096 ----a-w c:\windows\system32\drivers\lmpc4.sys
2009-05-01 05:36 . 2009-05-14 23:06 -------- d-----w c:\program files\Lock My PC 4
2009-05-01 05:14 . 2006-11-29 10:06 3426072 ----a-w c:\windows\system32\d3dx9_32.dll
2009-05-01 05:12 . 2009-05-01 05:12 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-05-01 05:12 . 2009-05-01 05:15 -------- d-----w c:\documents and settings\عبدالرحمن\Contacts
2009-05-01 05:12 . 2009-05-01 05:15 -------- d-----w c:\documents and settings\عبدالرحمن\Contacts
2009-05-01 04:12 . 2009-05-01 04:12 -------- d-----w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\PCHealth
2009-05-01 04:11 . 2009-05-01 05:08 -------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2009-05-01 04:11 . 2009-05-01 05:05 -------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-04-30 04:52 . 2009-04-30 04:52 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-30 04:48 . 2009-04-30 04:50 -------- d-----w c:\windows\system32\drivers\UMDF
2009-04-30 04:48 . 2009-04-30 04:48 -------- d-----w c:\windows\system32\LogFiles
2009-04-30 04:47 . 2009-04-30 04:48 -------- d-----w C:\3f8737f534c5b0236955d099da361093
2009-04-30 02:36 . 2007-02-07 04:50 77824 ----a-w c:\windows\system32\FLKill.exe
2009-04-30 02:36 . 2004-05-09 21:42 110592 ----a-w c:\windows\system32\suppdll.dll
2009-04-30 02:36 . 2009-04-30 02:36 35363 ----a-w c:\windows\system32\windrvNT.sys
2009-04-30 02:34 . 2009-05-16 11:38 -------- d-----w c:\program files\Folder Lock
2009-04-29 12:20 . 2009-03-26 15:35 210352 ----a-w c:\windows\system32\idmmbc.dll
2009-04-22 00:00 . 2009-04-22 00:00 -------- d-----w c:\program files\MSXML 4.0
2009-04-21 22:39 . 2009-04-21 22:39 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\Real
2009-04-21 22:30 . 2008-04-14 15:59 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-21 15:50 . 2009-05-11 22:04 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\FileZilla
2009-04-21 15:47 . 2009-05-12 20:55 -------- d-----w c:\program files\FileZilla FTP Client
2009-04-21 01:17 . 2009-04-21 01:26 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-21 01:17 . 2009-03-23 22:57 82432 ----a-w c:\windows\system32\msxml4r.dll
2009-04-21 01:17 . 2009-03-23 22:57 44544 ----a-w c:\windows\system32\msxml4a.dll
2009-04-21 01:17 . 2009-04-21 01:27 -------- d-----w c:\program files\File Recover
2009-04-20 20:41 . 2009-04-20 20:41 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-04-20 01:03 . 2009-04-20 01:24 -------- d-----w c:\program files\Sonic.net Accelerator
2009-04-20 00:51 . 2009-04-20 01:42 -------- d-----w c:\program files\Propel Accelerator
2009-04-20 00:51 . 2009-04-20 00:54 2765952 ----a-w C:\PROPELSETUP.EXE
2009-04-19 21:11 . 2009-05-14 23:06 -------- d-----w c:\program files\XviD
2009-04-19 19:46 . 2009-04-19 19:46 -------- d-----w c:\windows\Sun
2009-04-19 19:43 . 2009-05-08 03:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-04-19 19:41 . 2009-04-19 19:41 -------- d-----w c:\program files\Java
2009-04-19 19:38 . 2009-04-19 19:38 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\Sun
2009-04-19 19:24 . 2009-04-19 19:24 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-19 18:21 . 2006-05-13 18:29 843 ----a-w C:\ChangeWinXPKey.vbs
2009-04-19 11:05 . 2006-06-29 10:07 14048 ------w c:\windows\system32\spmsg2.dll
2009-04-19 11:01 . 2009-04-19 11:01 -------- d-----w c:\windows\system32\XPSViewer
2009-04-19 11:01 . 2009-05-09 13:05 -------- d-----w c:\program files\MSBuild
2009-04-19 11:00 . 2009-04-19 11:00 -------- d-----w c:\program files\Reference Assemblies
2009-04-19 10:59 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll
2009-04-19 10:59 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll
2009-04-19 10:59 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll
2009-04-19 10:59 . 2009-04-19 11:00 -------- d-----w C:\e67435bc7ce98c10606cae095a618b
2009-04-19 10:19 . 2009-05-14 23:06 -------- d-----w c:\program files\Windows Installer Clean Up
2009-04-19 10:19 . 2009-05-09 11:43 -------- d-----w c:\program files\MSECACHE
2009-04-19 09:40 . 2009-04-19 09:40 -------- d-sh--w c:\documents and settings\NetworkService\IETldCache
2009-04-19 09:06 . 2005-10-27 05:55 49152 ----a-w c:\windows\system32\JJAKEn.dll
2009-04-19 09:06 . 2005-11-23 07:10 163840 ----a-w c:\windows\system32\WlanApp.dll
2009-04-19 09:06 . 2005-10-19 15:19 1327189 ----a-w c:\windows\system32\odSupp_M.dll
2009-04-19 09:06 . 2005-10-19 15:19 49152 ----a-w c:\windows\system32\AQCKGen.dll
2009-04-19 09:06 . 2005-11-22 17:56 630784 ----a-w c:\windows\system32\ANIWZCS2.dll
2009-04-19 09:06 . 2005-10-19 15:19 204800 ----a-w c:\windows\system32\aIPH.dll
2009-04-19 09:06 . 2005-10-19 15:19 57407 ----a-w c:\windows\system32\ANICtl.dll
2009-04-19 09:06 . 2005-10-21 12:56 36864 ----a-w c:\windows\system32\ANIOApi.dll
2009-04-19 09:06 . 2005-11-09 12:44 24288 ----a-w c:\windows\system32\ANIO.sys
2009-04-19 09:06 . 2005-11-10 04:13 50176 ----a-w c:\windows\system32\ANIO64.sys
2009-04-19 09:06 . 2004-10-14 07:29 11904 ----a-w c:\windows\system32\anio4.sys
2009-04-19 09:06 . 2009-04-19 09:06 -------- d-----w c:\program files\ANI
2009-04-19 08:57 . 2009-04-21 11:01 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-18 21:49 . 2009-04-19 10:48 -------- d-----w c:\documents and settings\عبدالرحمن\Application Data\COWON
2009-04-18 21:44 . 2009-04-18 21:45 -------- d-----w c:\program files\Circe Developement
2009-04-18 21:44 . 2009-04-18 21:44 -------- d-----w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\ESET
2009-04-18 21:44 . 2009-04-18 21:44 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-18 21:39 . 2009-05-16 18:04 -------- d-----w c:\documents and settings\عبدالرحمن\Tracing
2009-04-18 21:39 . 2009-05-16 18:04 -------- d-----w c:\documents and settings\عبدالرحمن\Tracing
2009-04-18 21:37 . 2009-05-01 15:39 -------- d-----w c:\program files\Windows Live
2009-04-18 21:34 . 2009-04-18 21:34 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-18 21:33 . 2009-04-18 21:33 -------- d-sh--w c:\documents and settings\عبدالرحمن\PrivacIE
2009-04-18 21:33 . 2009-04-18 21:33 -------- d-sh--w c:\documents and settings\عبدالرحمن\PrivacIE
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-14 23:06 . 2009-04-18 08:06 -------- d-----w c:\program files\Internet Download Manager
2009-05-14 22:07 . 2006-03-02 12:00 68260 ----a-w c:\windows\system32\perfc001.dat
2009-05-14 22:07 . 2006-03-02 12:00 369326 ----a-w c:\windows\system32\perfh001.dat
2009-05-13 05:18 . 2009-04-18 06:45 99496 ----a-w c:\documents and settings\عبدالرحمن\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-10 10:05 . 2006-03-02 12:00 218624 ----a-w c:\windows\system32\uxtheme.dll
2009-04-19 09:06 . 2009-04-18 06:50 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-19 09:06 . 2009-04-18 06:50 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-18 07:45 . 2009-04-18 07:45 32574 ----a-w c:\windows\CRACK_safe_mod.exe
2009-04-18 06:50 . 2009-04-18 06:50 -------- d-----w c:\program files\D-Link
2009-04-18 06:38 . 2009-04-18 06:38 -------- d-----w c:\program files\microsoft frontpage
2009-04-18 06:33 . 2009-04-18 06:33 22144 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-03-19 15:08 . 2009-03-19 15:08 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-08 01:34 . 2006-03-02 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2006-03-02 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2006-03-02 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2006-03-02 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 01:32 . 2006-03-02 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 01:32 . 2006-03-02 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 01:31 . 2006-03-02 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 01:31 . 2006-03-02 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 01:31 . 2006-03-02 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 01:22 . 2006-03-02 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2006-03-02 12:00 283136 ----a-w c:\windows\system32\pdh.dll
.
------- Sigcheck -------
[-] 2008-04-14 15:59 1692672 6EBE193A4B84FDA080E38B4EB688774E c:\windows\explorer.exe
[-] 2008-04-14 15:59 974848 85B77F183A219BB313E1E4DD27566453 c:\windows\ServicePackFiles\i386\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-02 2799024]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"NCLaunch"="c:\windows\NCLAUNCH.EXe" [2009-05-16 65536]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Privacy Suite"="c:\documents and settings\عبدالرحمن\Application Data\cleaner\CSPSeraser.exe" [2007-11-20 872080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 1544192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fsp_lmwl]
2007-02-21 18:21 43376 ----a-w c:\windows\system32\fsp_lmwl.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [07/01/2009 11:39 م 20744]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [01/07/2008 09:02 ص 468224]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [07/12/2008 12:44 م 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02/07/2008 02:58 م 26248]
R3 LMPC4;LMPC4;c:\windows\system32\drivers\lmpc4.sys [01/05/2009 08:37 ص 10096]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.EXE --> c:\program files\Hotspot Shield\bin\HssTrayService.EXE [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10ADE2D9-8C45-A99F-7FF3-8EE34737E328}]
c:\program files\RaeY\playeUr.exe s
.
Contents of the 'Scheduled Tasks' folder
2009-05-15 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-05-16 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
.
- - - - ORPHANS REMOVED - - - -
HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe -Update -1150595 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET
Notify-WgaLogon - (no file)

.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyServer = speed2.info:95
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-16 22:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
c:\program files\Internet Explorer\iexplore.exe [2492] 0xFF516710
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1496)
c:\windows\system32\fsp_lmwl.dll
.
Completion time: 2009-05-16 22:48
ComboFix-quarantined-files.txt 2009-05-16 19:47
Pre-Run: 4,070,912,000 bytes free
Post-Run: 4,062,662,656 bytes free
259 --- E O F --- 2009-05-13 13:34
 
توقيع : Abu Faisal
تأييد 0
تقرير الهايجآك //




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:33 م, on 16/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = speed2.info:95
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O20 - Winlogon Notify: fsp_lmwl - C:\WINDOWS\SYSTEM32\fsp_lmwl.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 6672 bytes
 
توقيع : Abu Faisal
تأييد 0
طيب يا الغلا

عطل برنامج الحمايه

حمل الاداة من هنا​


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بعد التحميل ،، دبل كلك وسيتم استخراج ملف الاداة الى مجلد بسطح المكتب لحظات وتبدأ الاداة بالعمل​


تابع الشرح لفحص الجهاز وتنظيفه وارفاق التقرير​



zyzoom-7ce8879e89.png



zyzoom-cdd75c8aa3.png



zyzoom-89156f000e.png



zyzoom-6d533c4f2e.png



zyzoom-f20f3644d0.png
 
توقيع : أعتز بك
تأييد 0
ويــنــكـــم ...؟
 
توقيع : Abu Faisal
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى