هذا تقرير الهايجاك اريد التاكد ان كان الجهاز سليم ام لا

  • بادئ الموضوع بادئ الموضوع الرائع
  • تاريخ البدء تاريخ البدء
  • المشاهدات 638
ا

الرائع

زيزوومي جديد
إنضم
18 نوفمبر 2008
المشاركات
70
مستوى التفاعل
0
النقاط
0
غير متصل
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:50:28 PM, on 5/29/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\svchost.exe
H:\Zyzoom_HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E77BB87-4521-4553-8AFC-5B528BE48D56}: NameServer = 163.121.128.134,163.121.128.135
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)

--
End of file - 4380 bytes

انتظركم
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
اضافه الى كلام الاستاذ نواف طبق التالي



عطل برامج الحماية وشغل الأداة



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes




اثناء الفحص ممكن يعاد تشغيل الجهاز




وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى


 
توقيع : صمت السكوت
تأييد 0
تفضلي اختى هذا هو التقرير :

ComboFix 09-05-28.09 - Adadu 05/29/2009 22:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.20.1033.18.510.205 [GMT 3:00]
Running from: E:\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\msconfig.exe

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-29 19:09 . 2009-05-29 19:08 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-29 19:08 . 2009-05-29 19:08 152576 ----a-w c:\documents and settings\Adadu\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-29 18:26 . 2009-05-29 18:26 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-29 17:33 . 2001-08-23 12:00 838144 -c--a-w c:\windows\system32\dllcache\chtbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 838144 ----a-w c:\windows\system32\chtbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 1677824 -c--a-w c:\windows\system32\dllcache\chsbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 1677824 ----a-w c:\windows\system32\chsbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 98304 -c--a-w c:\windows\system32\dllcache\msir3jp.dll
2009-05-29 17:33 . 2001-08-23 12:00 98304 ----a-w c:\windows\system32\msir3jp.dll
2009-05-29 17:33 . 2001-08-23 12:00 70656 -c--a-w c:\windows\system32\dllcache\korwbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 70656 ----a-w c:\windows\system32\korwbrkr.dll
2009-05-29 17:33 . 2001-08-23 12:00 19456 -c--a-w c:\windows\system32\dllcache\agt0404.dll
2009-05-29 17:33 . 2001-08-23 12:00 10096640 -c--a-w c:\windows\system32\dllcache\hwxcht.dll
2009-05-29 17:31 . 2004-08-03 21:32 274489 -c--a-w c:\windows\system32\dllcache\imjputyc.dll
2009-05-29 17:25 . 2009-05-29 17:25 116144 ----a-w c:\documents and settings\Adadu\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2009-05-29 17:25 . 2009-05-29 18:59 -------- d-----w c:\documents and settings\Adadu\Application Data\DMCache
2009-05-29 17:25 . 2009-05-29 18:08 -------- d-----w c:\documents and settings\Adadu\Application Data\IDM
2009-05-29 17:25 . 2009-05-29 18:58 -------- d-----w c:\program files\Internet Download Manager
2009-05-29 16:58 . 2001-08-23 12:00 41600 -c--a-w c:\windows\system32\dllcache\weitekp9.dll
2009-05-29 16:58 . 2001-08-23 12:00 31232 -c--a-w c:\windows\system32\dllcache\weitekp9.sys
2009-05-29 16:58 . 2004-08-03 23:56 53248 -c--a-w c:\windows\system32\dllcache\wamreg51.dll
2009-05-29 16:58 . 2001-08-23 12:00 9216 -c--a-w c:\windows\system32\dllcache\wamps51.dll
2009-05-29 16:58 . 2004-08-03 23:56 76800 -c--a-w c:\windows\system32\dllcache\wam51.dll
2009-05-29 16:58 . 2004-08-03 23:56 363520 -c--a-w c:\windows\system32\dllcache\w3svc.dll
2009-05-29 16:58 . 2001-08-23 12:00 73728 -c--a-w c:\windows\system32\dllcache\w3ext.dll
2009-05-29 16:58 . 2001-08-23 12:00 5632 -c--a-w c:\windows\system32\dllcache\w3svapi.dll
2009-05-29 16:58 . 2001-08-23 12:00 48256 -c--a-w c:\windows\system32\dllcache\w32.dll
2009-05-29 16:58 . 2001-08-23 12:00 4608 -c--a-w c:\windows\system32\dllcache\w3ctrs51.dll
2009-05-29 16:56 . 2004-08-03 23:56 33792 -c--a-w c:\windows\system32\dllcache\lmmib2.dll
2009-05-29 16:55 . 2001-08-23 12:00 54528 -c--a-w c:\windows\system32\dllcache\cap7146.sys
2009-05-29 16:24 . 2001-08-17 09:13 27165 ----a-w c:\windows\system32\drivers\fetnd5.sys
2009-05-29 16:22 . 2001-08-23 12:00 24661 -c--a-w c:\windows\system32\dllcache\spxcoins.dll
2009-05-29 16:22 . 2001-08-23 12:00 24661 ----a-w c:\windows\system32\spxcoins.dll
2009-05-29 16:22 . 2001-08-23 12:00 13312 -c--a-w c:\windows\system32\dllcache\irclass.dll
2009-05-29 16:22 . 2001-08-23 12:00 13312 ----a-w c:\windows\system32\irclass.dll
2009-05-29 16:05 . 2009-05-29 16:05 -------- d-----w c:\windows\Sun
2009-05-29 16:03 . 2009-05-29 16:03 -------- d-----w c:\documents and settings\MAAX.COMPUTADORES\Local Settings\Application Data\Mozilla
2009-05-29 16:02 . 2009-05-29 16:02 -------- d-sh--w c:\documents and settings\MAAX.COMPUTADORES\IECompatCache
2009-05-29 16:01 . 2009-05-29 16:01 -------- d-sh--w c:\documents and settings\MAAX.COMPUTADORES\PrivacIE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-29 19:08 . 2009-05-29 12:33 -------- d-----w c:\program files\Java
2009-05-29 18:29 . 2009-05-29 12:37 34232 ----a-w c:\documents and settings\Adadu\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-29 16:52 . 2009-05-29 12:30 22780 ----a-w c:\windows\system32\emptyregdb.dat
2009-05-29 15:15 . 2009-05-29 15:08 -------- d-----w c:\program files\Your Uninstaller 2008
2009-05-29 15:13 . 2009-05-29 15:08 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-05-29 15:08 . 2009-05-29 15:08 -------- d-----w c:\documents and settings\Adadu\Application Data\URSoft
2009-05-29 14:25 . 2009-05-29 14:25 0 ----a-w c:\windows\nsreg.dat
2009-05-29 13:20 . 2009-05-29 13:08 86327 ----a-w c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-05-29 12:35 . 2009-05-29 12:35 -------- d-----w c:\program files\microsoft frontpage
2009-05-29 12:33 . 2009-05-29 12:33 -------- d-----w c:\program files\K-Lite Codec Pack
2009-05-29 12:33 . 2009-05-29 12:33 -------- d-----w c:\program files\Common Files\Java
2009-05-29 12:32 . 2009-05-29 12:32 -------- d-----w c:\program files\7-Zip
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-29 2573744]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-29 148888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2001-08-23 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-12-05 1626112]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]
"_nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2004-08-03 99840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"DisableStatusMessages"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideRunAsVerb"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMMyPictures"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autoconv \??\Volume{17eeb80d-4c63-11de-b0a9-806d6172696f} /fs:NTFS

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=

R3 slnt;Realtek RTL8139 Family PCI Fast Ethernet NIC;c:\windows\system32\drivers\slnt.sys [5/29/2009 5:24 PM 18004]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
Contents of the 'Scheduled Tasks' folder

2009-05-29 c:\windows\Tasks\User_Feed_Synchronization-{33212441-214B-42D2-B346-F63E9D525E0D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 01:31]
.
- - - - ORPHANS REMOVED - - - -

HKU-Default-Run-LClock - c:\program files\LClock\LClock.exe
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
TCP: {7E77BB87-4521-4553-8AFC-5B528BE48D56} = 163.121.128.134,163.121.128.135
FF - ProfilePath - c:\documents and settings\Adadu\Application Data\Mozilla\Firefox\Profiles\xf7a0em9.default\
FF - component: c:\documents and settings\Adadu\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-29 22:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-602162358-1004336348-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,4c,32,44,ac,f4,bc,43,a3,99,2e,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,4c,32,44,ac,f4,bc,43,a3,99,2e,\
.
Completion time: 2009-05-29 22:51
ComboFix-quarantined-files.txt 2009-05-29 19:51

Pre-Run: 9,724,137,472 bytes free
Post-Run: 9,771,667,456 bytes free

164




مع العلم انه : لم يتم اعادة التشغيل

انتظرك
 
تأييد 0
اعمل تقرير هايجاك جديد بارك الله فيك​
 
توقيع : صمت السكوت
تأييد 0
هههههههههههههههه

اسف اختى الكريمة

هذا تقرير الهايجاك :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:04:59 AM, on 5/30/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
H:\Zyzoom_HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E77BB87-4521-4553-8AFC-5B528BE48D56}: NameServer = 163.121.128.134,163.121.128.135
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)

--
End of file - 4443 bytes

 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى