مشكلة مع برامج الحماية

  • بادئ الموضوع بادئ الموضوع ehah
  • تاريخ البدء تاريخ البدء
  • المشاهدات 592
E

ehah

زيزوومي جديد
إنضم
1 أبريل 2008
المشاركات
32
مستوى التفاعل
0
النقاط
40
غير متصل
السلام عليكم ورحمة الله وبركاته

لدي مشكلة تتمثل في عدم اكانية تثبيت برامج الحماية فكلما ثبت احدها وبعد اكتمال التثبيت لا يعمل وعند الضغط علي ايقونته لايستجيب كما انني اجد مشكلة في صعوبة حذفه بعد ذلك

قمت بتثبيت النود وحصلت نفس المشكلة ثم حذفته

الان مثبت علي الجهاز كاسبر وواقع في نفس المشكلة

وهذا تقرير عن الجهاز

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:33:28 م, on 05/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TV Expert\ADTV.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 82.178.88.118:80
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [PSwitch] C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6384 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات

شغل الهايجاك واضغط على scan

واشر على هذه القيمة >>> واختر fix

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


بعدها

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم



عطل برنامج الحمايه واستخدم اداة SmitfraudFix

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

000.png





001.png





002.png





003.png





004.png


005.png




 
توقيع : king_man
تأييد 0
شكرا لك علي الاهتمام

بالنسبةة لتعطيل برامج الحماية هي مشكلتي لذا لم يكن لدي اجراء لأقوم به

بعد تنزيل الأداة والفحص بها مرتين هذا هو التقرير الذي أعطتني الأداة في المرة الثانية

ComboFix 09-06-04.08 - dehah 06/05/2009 14:58.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2558.2117 [GMT 3:00]
Running from: c:\documents and settings\dehah\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\e100bmsg.dll
c:\windows\system32\Implode.dll
c:\windows\system32\MabryObj.dll
d:\recycler\S-1-5-21-1229272821-1482476501-1417001333-1003\Dd1\update\update.exe
d:\recycler\S-1-5-21-1229272821-1482476501-1417001333-1003\Dd1\update\updspapi.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASC3360PR
-------\Service_asc3360pr

((((((((((((((((((((((((( Files Created from 2009-05-05 to 2009-06-05 )))))))))))))))))))))))))))))))
.
2009-06-05 10:01 . 2009-06-05 10:01 -------- d-----w- c:\program files\Trend Micro
2009-06-04 22:56 . 2009-06-05 07:45 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-06-04 22:56 . 2009-06-05 07:44 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-06-04 22:56 . 2009-06-05 07:44 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-06-04 22:45 . 2009-06-05 07:45 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-04 22:45 . 2009-06-05 07:45 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-04 22:45 . 2009-06-05 12:01 605728 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-04 22:45 . 2009-06-05 12:01 188448 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-04 22:44 . 2009-06-05 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-04 22:44 . 2009-06-04 22:44 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-04 22:42 . 2009-06-04 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-04 19:44 . 2009-06-04 19:44 -------- d-----w- c:\documents and settings\dehah\Local Settings\Application Data\ESET
2009-06-04 19:28 . 2009-06-04 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-04 17:03 . 2009-06-04 17:03 -------- d-----w- c:\documents and settings\dehah\Application Data\GRETECH
2009-06-04 16:57 . 2009-06-04 16:57 -------- d-----w- c:\documents and settings\dehah\Local Settings\Application Data\Innovative Solutions
2009-06-04 12:22 . 2008-06-14 17:31 271616 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-06-04 12:22 . 2008-06-14 17:31 271616 ------w- c:\windows\system32\drivers\bthport.sys
2009-06-04 12:12 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-03 20:56 . 2007-04-29 21:03 114688 ----a-w- c:\windows\V0330Mon.exe
2009-06-03 20:56 . 2007-04-24 21:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe
2009-06-03 20:56 . 2007-04-23 21:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll
2009-06-03 20:56 . 2006-12-13 06:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS
2009-06-03 20:56 . 2006-11-09 21:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll
2009-06-03 20:56 . 2009-06-03 20:56 -------- d-----w- C:\Live! Cam
2009-06-03 20:56 . 2007-08-08 09:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys
2009-06-03 20:56 . 2007-06-14 05:52 90112 ----a-w- c:\windows\CtDrvIns.exe
2009-06-03 20:56 . 2007-04-29 21:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll
2009-06-03 20:56 . 2007-04-25 21:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll
2009-06-03 20:56 . 2007-04-23 21:10 20480 ----a-w- c:\windows\V0330Cfg.exe
2009-06-03 20:56 . 2005-07-06 21:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2009-06-03 19:40 . 2009-02-20 16:50 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-06-03 19:40 . 2009-02-20 16:50 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-06-03 19:40 . 2009-02-20 16:50 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-06-03 19:40 . 2009-02-20 10:20 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-06-03 19:40 . 2009-02-20 16:50 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-06-03 19:40 . 2009-02-20 16:50 383488 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-06-03 19:40 . 2008-07-09 14:25 2455488 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-06-03 19:40 . 2009-02-20 16:50 6066176 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-06-03 08:59 . 2009-06-03 08:59 -------- d-----w- c:\documents and settings\dehah\Application Data\InterVoip
2009-06-03 06:44 . 2009-06-03 06:44 -------- d-----w- c:\program files\Nuclear Coffee
2009-06-03 06:38 . 2009-06-03 06:38 -------- d-----w- c:\program files\MPEG2_Decoders
2009-06-03 06:28 . 2009-06-03 06:28 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-03 06:28 . 2009-06-03 06:28 -------- d-----w- c:\program files\Java
2009-06-03 06:28 . 2009-06-03 06:28 152576 ----a-w- c:\documents and settings\dehah\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-03 06:27 . 2009-06-03 06:27 -------- d-----w- c:\documents and settings\dehah\Application Data\WNR
2009-06-03 06:27 . 2009-06-03 06:28 -------- d-----w- c:\program files\Proxy Switcher Standard
2009-06-03 06:25 . 2009-06-03 06:25 -------- d-----w- c:\documents and settings\dehah\Application Data\PixelMetrics
2009-06-03 06:25 . 2009-06-03 06:25 -------- d-----w- c:\program files\CaptureWiz
2009-06-03 06:24 . 2009-06-03 06:24 -------- d-----w- c:\program files\InterVoip.com
2009-06-03 06:23 . 2009-06-03 06:23 -------- d-----w- c:\program files\uTorrent
2009-06-03 06:23 . 2009-06-03 09:42 -------- d-----w- c:\documents and settings\dehah\Application Data\uTorrent
2009-06-03 06:15 . 2009-06-03 06:15 -------- d-----w- c:\documents and settings\dehah\Local Settings\Application Data\Adobe
2009-06-03 06:03 . 2009-06-03 06:03 198064 ----a-w- c:\documents and settings\dehah\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-03 06:03 . 2009-06-05 12:02 -------- d-----w- c:\documents and settings\dehah\Application Data\DMCache
2009-06-03 06:03 . 2009-06-03 06:03 -------- d-----w- c:\documents and settings\dehah\Application Data\IDM
2009-06-02 20:33 . 2009-06-02 20:33 -------- d-----w- c:\windows\system32\LogFiles
2009-06-02 20:26 . 2009-06-02 20:27 -------- d-----w- c:\program files\Hotspot Shield
2009-06-02 16:57 . 2009-06-02 16:57 -------- d-----w- c:\documents and settings\dehah\Contacts
2009-06-02 11:22 . 2009-06-02 11:22 -------- d-----w- C:\CtDriverInstTemp
2009-06-02 11:22 . 2009-06-02 11:22 -------- d-----w- C:\WebcamProeX
2009-06-02 09:50 . 2003-03-18 19:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-06-02 09:19 . 2009-06-04 13:10 -------- d-----w- c:\program files\Internet Download Manager
2009-06-02 09:19 . 2008-09-28 18:00 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2009-06-02 09:19 . 2009-06-02 09:19 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-02 09:18 . 2007-04-09 10:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-06-02 09:17 . 2009-06-02 09:17 -------- d-----w- c:\windows\SHELLNEW
2009-06-02 09:17 . 2009-06-02 09:17 -------- d-----w- c:\program files\Microsoft.NET
2009-06-02 09:16 . 2009-06-02 09:16 -------- d-----w- c:\program files\GRETECH
2009-06-02 09:12 . 2009-06-02 09:12 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-02 09:12 . 2009-06-02 09:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-02 09:12 . 2009-06-02 09:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-02 09:12 . 2009-06-02 09:12 -------- d-----w- c:\program files\Common Files\Real
2009-06-02 09:12 . 2009-06-02 09:12 -------- d-----w- c:\program files\Real
2009-06-02 09:11 . 2009-06-02 09:11 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-02 09:11 . 2009-06-04 18:00 -------- d-----w- c:\documents and settings\dehah\Application Data\skypePM
2009-06-02 09:10 . 2009-06-04 22:15 -------- d-----w- c:\documents and settings\dehah\Application Data\Skype
2009-06-02 09:10 . 2009-06-02 09:10 -------- d-----w- c:\program files\Skype
2009-06-02 09:10 . 2009-06-02 09:10 -------- d-----w- c:\program files\Common Files\Skype
2009-06-02 09:10 . 2009-06-02 09:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-02 09:04 . 2009-06-04 13:58 -------- d-----w- C:\PrimerDB
2009-06-02 09:04 . 2006-06-13 12:57 1872 ----a-r- C:\ATS.reg
2009-06-02 06:35 . 1999-10-10 17:00 41984 ------w- c:\windows\Ctregrun.exe
2009-06-02 06:33 . 2009-06-02 06:35 -------- d-----w- c:\program files\Creative
2009-06-02 06:33 . 2004-10-19 05:07 9728 ------w- c:\windows\system32\drivers\PFMODNT.SYS
2009-06-02 06:31 . 2009-06-04 17:34 -------- dc----w- c:\windows\system32\DRVSTORE
2009-06-02 06:30 . 2009-06-02 06:30 -------- d-----w- c:\program files\MSN Messenger
2009-06-02 06:27 . 2008-04-13 17:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 12:01 . 2009-06-04 22:45 5812 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-05 12:01 . 2009-06-04 22:45 2772 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-05 10:10 . 2008-04-15 12:00 71050 ----a-w- c:\windows\system32\perfc001.dat
2009-06-05 10:10 . 2008-04-15 12:00 375478 ----a-w- c:\windows\system32\perfh001.dat
2009-06-05 07:45 . 2008-01-29 13:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-04 19:29 . 2009-06-02 02:23 73208 ----a-w- c:\documents and settings\dehah\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-03 07:10 . 2009-06-02 01:21 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-02 09:19 . 2009-06-02 09:19 5979 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-06-02 09:03 . 2009-06-02 09:03 -------- d-----w- c:\program files\NCC Education
2009-06-02 09:03 . 2009-06-02 01:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-02 06:34 . 2009-06-02 06:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative
2009-06-02 02:14 . 2009-06-02 02:14 -------- d-----w- c:\program files\DVBViewerTE
2009-06-02 02:14 . 2009-06-02 02:14 -------- d-----w- c:\program files\TechniSat DVB
2009-06-02 02:14 . 2009-06-02 01:45 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-02 02:11 . 2009-06-02 02:11 -------- d-----w- c:\program files\TV Expert
2009-06-02 01:47 . 2009-06-02 01:34 -------- d-----w- c:\program files\Intel
2009-06-02 01:45 . 2009-06-02 01:45 -------- d-----w- c:\program files\SigmaTel
2009-06-02 01:33 . 2009-06-02 01:33 -------- d-----w- c:\program files\MSXML 4.0
2009-06-02 01:28 . 2009-06-02 01:28 -------- d-----w- c:\program files\microsoft frontpage
2009-06-02 01:24 . 2009-06-02 01:24 83160 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-06-02 01:24 . 2009-06-02 01:24 -------- d-----w- c:\program files\MSBuild
2009-06-02 01:24 . 2009-06-02 01:24 -------- d-----w- c:\program files\Reference Assemblies
2009-06-02 01:18 . 2009-06-02 01:18 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-02 01:18 . 2009-06-02 01:18 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmvdmoe2.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmvdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 1329152 ----a-w- c:\windows\system32\wmspdmoe.dll
2009-05-01 10:20 . 2009-05-01 10:20 603648 ----a-w- c:\windows\system32\wmspdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 99840 ----a-w- c:\windows\system32\wmpshell.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmsdmoe2.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmsdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 8237056 ----a-w- c:\windows\system32\wmploc.dll
2009-05-01 10:19 . 2009-05-01 10:19 314880 ----a-w- c:\windows\system32\wmpdxm.dll
2009-05-01 10:19 . 2009-05-01 10:19 242688 ----a-w- c:\windows\system32\wmpasf.dll
2009-05-01 10:17 . 2009-05-01 10:17 208896 ----a-w- c:\windows\system32\wmerror.dll
2009-05-01 10:17 . 2009-05-01 10:17 157184 ----a-w- c:\windows\system32\wmidx.dll
2009-05-01 10:17 . 2009-05-01 10:17 37376 ----a-w- c:\windows\system32\wmdmps.dll
2009-05-01 10:17 . 2009-05-01 10:17 33792 ----a-w- c:\windows\system32\wmdmlog.dll
2009-05-01 10:17 . 2009-05-01 10:17 222720 ----a-w- c:\windows\system32\wmasf.dll
2009-05-01 10:17 . 2009-05-01 10:17 1117696 ----a-w- c:\windows\system32\wmadmoe.dll
2009-05-01 10:17 . 2009-05-01 10:17 757248 ----a-w- c:\windows\system32\wmadmod.dll
2009-05-01 10:15 . 2009-05-01 10:15 63488 ----a-w- c:\windows\system32\wpdmtpus.dll
2009-05-01 10:14 . 2009-05-01 10:14 1661440 ----a-w- c:\windows\system32\WMPEncEn.dll
2009-05-01 09:53 . 2009-05-01 09:53 1571328 ----a-w- c:\windows\system32\sfcfiles.dll
2009-05-01 09:43 . 2001-09-18 11:06 77891 ----a-w- c:\windows\system32\usrmlnka.exe
2009-05-01 09:15 . 2009-05-01 09:15 124928 ----a-w- c:\windows\system32\drivers\ulsata2.sys
2009-05-01 09:14 . 2009-05-01 09:14 988160 ----a-w- c:\windows\system32\syssetup.dll
2009-05-01 09:10 . 2009-05-01 09:10 17408 ----a-w- c:\windows\system32\corpol.dll
2009-05-01 09:10 . 2009-05-01 09:10 24576 ----a-w- c:\windows\system32\nlsdl.dll
2009-05-01 09:10 . 2009-05-01 09:10 26112 ----a-w- c:\windows\system32\idndl.dll
2009-05-01 09:10 . 2009-05-01 09:10 23552 ----a-w- c:\windows\system32\normaliz.dll
2009-05-01 09:09 . 2009-05-01 09:09 156160 ----a-w- c:\windows\system32\msls31.dll
2009-05-01 09:09 . 2009-05-01 09:09 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-05-01 09:09 . 2009-05-01 09:09 45568 ----a-w- c:\windows\system32\mshta.exe
2009-05-01 09:09 . 2009-05-01 09:09 40960 ----a-w- c:\windows\system32\licmgr10.dll
2009-05-01 09:08 . 2009-05-01 09:08 36352 ----a-w- c:\windows\system32\imgutil.dll
2009-05-01 09:08 . 2009-05-01 09:08 55296 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 09:07 . 2009-05-01 09:07 71680 ----a-w- c:\windows\system32\admparse.dll
2009-05-01 09:06 . 2009-05-01 09:06 1286144 ----a-w- c:\windows\system32\quartz.dll
2009-05-01 09:06 . 2009-05-01 09:06 354304 ----a-w- c:\windows\system32\winhttp.dll
2009-05-01 09:06 . 2009-05-01 09:06 56832 ----a-w- c:\windows\system32\secur32.dll
2009-05-01 09:06 . 2009-06-02 01:17 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2009-05-01 09:06 . 2009-06-02 01:17 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-05-01 09:06 . 2009-05-01 09:06 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-05-01 09:06 . 2009-05-01 09:06 35328 ----a-w- c:\windows\system32\sc.exe
2009-05-01 09:06 . 2009-05-01 09:06 110592 ----a-w- c:\windows\system32\services.exe
2009-05-01 09:06 . 2009-05-01 09:06 283136 ----a-w- c:\windows\system32\pdh.dll
2009-05-01 09:05 . 2009-05-01 09:05 723456 ----a-w- c:\windows\system32\lsasrv.dll
2009-05-01 09:05 . 2009-06-02 01:17 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-05-01 09:05 . 2009-05-01 09:05 681472 ----a-w- c:\windows\system32\advapi32.dll
2009-05-01 09:02 . 2009-06-02 01:17 91648 ----a-w- c:\windows\system32\mtxoci.dll
2009-05-01 09:02 . 2009-06-02 01:17 161792 ----a-w- c:\windows\system32\msdtcuiu.dll
2009-05-01 09:02 . 2009-05-01 09:02 66560 ----a-w- c:\windows\system32\mtxclu.dll
2009-05-01 09:02 . 2009-06-02 01:17 956928 ----a-w- c:\windows\system32\msdtctm.dll
2009-05-01 09:02 . 2009-06-02 01:17 428032 ----a-w- c:\windows\system32\msdtcprx.dll
2009-05-01 09:02 . 2009-06-02 01:17 58880 ----a-w- c:\windows\system32\msdtclog.dll
.
------- Sigcheck -------
[-] 2009-05-01 09:53 1571328 CA1867A515E40A015BA6D9ADD83FB823 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PSwitch"="c:\program files\Proxy Switcher Standard\ProxySwitcher.exe" [2009-06-03 4430848]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-04 2871296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-15 169984]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-21 7561216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
@="Driver Group"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\برامج\\امتحان الرخصة الدولية للكمبيوتر\\ICDL ATS Primer CD\\Launch.exe"=
"d:\\برامج\\امتحان الرخصة الدولية للكمبيوتر\\ICDL ATS Primer CD\\Bin\\demo32.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\InterVoip.com\\InterVoip\\InterVoip.exe"=
"e:\\خاص ب icdl\\it\\سؤال وجواب\\IT_Test.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\WINDOWS\\713xRMT.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Program Files\\DVBViewerTE\\AP Launch.exe"=
"c:\\PROGRA~1\\COMMON~1\\INSTAL~1\\engine\\6\\INTEL3~1\\knlwrap.exe"=
"c:\\PROGRA~1\\GRETECH\\GOMPLA~1\\GOM.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"c:\\Program Files\\TV Expert\\ADTV.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\ComboFix\\NirCmd.cfexe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 04:29 م 33808]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [01/05/2009 12:15 م 124928]
R3 3xHybrid;SAA713x TV Card Service;c:\windows\system32\drivers\3xHybrid.sys [02/06/2009 05:10 ص 907136]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 04:06 م 24592]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [02/06/2009 05:13 ص 343040]
S3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\system32\drivers\V0330Vid.sys [03/06/2009 11:56 م 157696]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ASC3360PR
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-SigmatelSysTrayApp - sttray.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ae/
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-05 15:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3420)
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Hotspot Shield\bin\openvpnas.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-06-05 15:04 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-05 12:04
Pre-Run: 94,554,607,616 bytes free
Post-Run: 94,589,698,048 bytes free
303 --- E O F --- 2009-06-04 22:56
 
تأييد 0
اخى قم بعمل تقرير هايجاك جديد
 
توقيع : king_man
تأييد 0
تفضل هذا التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:19:09 م, on 05/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [PSwitch] C:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5537 bytes
 
تأييد 0
اخى قم بتنصيب احد برامج الحمايه بعد استخدام اداة
SmitfraudFix

بالتوفيق
 
التعديل الأخير بواسطة المشرف:
توقيع : king_man
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى