[مششكله]تعليق جهازي عند بدأ التشغيل والإطفـآء..

  • بادئ الموضوع بادئ الموضوع Dr.Mo0od
  • تاريخ البدء تاريخ البدء
  • المشاهدات 680
D

Dr.Mo0od

زيزوومي نشيط
إنضم
14 يونيو 2009
المشاركات
191
مستوى التفاعل
0
النقاط
230
غير متصل
سسسلآمـ عليكمـ

مسسسآء الـورد|| صـبآح الـفـل


كيفكـمـ..!؟ إن شاء الله بخير..

يـالزيـزوميين آبـي مسسسآعدتكمـ لآهنتوآ


الحـيـن انا من آول كآن جهـإأزي إذا جيت آطفيه مآيطلع شي


بـس سويت طريقة من زيزومي ونبكنـإأآأإ :hh::hh::hh:

صــآر يـطلع لـي مـربع قـبل مـآيطفي الويـنـدوز

لكـن نبي منكمـ المسسسآعدهـ :-

1) نفس المـكـتوب في الـعـنوآن..:no:

2) يآليت تعطوني حلول.. صــآر الجهـإأز وانا آشتغل عليه

تجي الشآشه زرقـآء .. سودآء .. وردي .. إلخ .. يعني هـو متىآ مآبغىآ يجي علىآ كيفه :no:

ولآزمـ آتركـه والا آصكر بـآب الآب توب علشآن يحط وضع الإستعدآد

ويصصصير الوضع .. تمام:king:

3) اذا سويت فحص كآمل بالكآسبر .. يوقف وجلس 3 سآعآت وهـو يبحث ووصل لـ 73%

4) يعلق الجهاااااااز مـآ يصير آي شي .. بس تتحركـ الفآرهـ آضغط
Shift+Ctrl+Del
ولآ يــطلـع ولآ شــي .. يكوون معلللق :no:

5) نظإأمـ تشغيلي Xp

6) مششششكورين يـالزيزوميين.. :king::king::king::king:
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام

حياااك يا الغلا

حمل هذا البرنامج


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك الثاني
 
التعديل الأخير بواسطة المشرف:
توقيع : أعتز بك
تأييد 0
جزأإكـ الله خـير .. :smile::smile:

بــس هـذآ تــقــريـر الهـآيجـأإكـ ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:10 ص, on 6/19/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 6186 bytes
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
جــزإأكـ الله خــيــر آخــوي MAAX
وهــذآآ تــقــريــر الــكــمــبــو

ComboFix 09-06-19.01 - welcome 06/20/2009 16:33.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.1270.795 [GMT 3:00]
Running from: c:\documents and settings\welcome\سطح المكتب\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Bifrost
c:\windows\system32\Bifrost\logg.dat
c:\windows\system32\kakle.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-20 to 2009-06-20 )))))))))))))))))))))))))))))))
.
2009-06-20 13:01 . 2009-06-20 13:01 -------- d-----w- C:\Temp
2009-06-19 13:59 . 2008-09-26 15:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-06-19 13:59 . 2009-06-19 14:05 -------- d-----w- c:\program files\Mobily Connect Card
2009-06-19 07:13 . 2009-06-19 07:13 -------- d-----w- c:\program files\Trend Micro
2009-06-17 07:10 . 2009-06-20 12:57 -------- d-----w- c:\program files\GTA San Andreas
2009-06-16 07:08 . 2009-06-16 07:08 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys
2009-06-16 07:08 . 2009-06-16 07:08 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys
2009-06-15 19:16 . 2009-06-15 19:16 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-15 14:05 . 2009-06-15 14:19 -------- d-----w- c:\documents and settings\welcome\amsn
2009-06-15 14:05 . 2009-06-15 14:53 -------- d-----w- c:\program files\aMSN
2009-06-13 14:32 . 2009-06-13 14:32 -------- d-----w- c:\program files\MTA San Andreas
2009-06-01 21:57 . 2009-06-01 21:57 -------- d-----w- c:\documents and settings\welcome\Application Data\COWON
2009-06-01 17:52 . 2009-06-01 17:54 -------- d-----w- c:\documents and settings\welcome\Application Data\Motive
2009-06-01 17:51 . 2009-06-01 17:51 -------- d-----w- c:\program files\Fahess_Activation
2009-06-01 17:51 . 2009-06-01 17:51 -------- d-----w- c:\program files\Common Files\Motive
2009-06-01 17:12 . 2009-06-01 17:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2009-06-01 13:42 . 2001-09-18 10:38 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-05-31 22:10 . 2001-08-17 11:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-05-31 15:52 . 2007-03-22 10:46 126976 ----a-w- c:\documents and settings\welcome\Application Data\GRETECH\GomPlayer\GrLauncher.exe
2009-05-31 15:51 . 2009-05-31 15:51 -------- d-----w- c:\documents and settings\welcome\Application Data\GRETECH
2009-05-27 15:42 . 2004-08-03 21:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-05-27 15:42 . 2004-08-03 22:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-05-27 15:42 . 2004-08-03 22:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-05-27 15:42 . 2004-08-03 22:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-05-27 15:42 . 2004-08-03 22:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-05-27 15:42 . 2004-08-03 22:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-05-27 15:42 . 2004-08-03 22:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-05-27 15:42 . 2004-08-03 21:55 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-05-27 15:42 . 2009-05-28 23:02 13824 ----a-w- c:\windows\system32\drivers\splitcam.sys
2009-05-27 15:41 . 2009-05-27 15:41 -------- d-----w- c:\program files\SplitCam
2009-05-27 15:38 . 2002-12-10 08:11 6852 ----a-w- c:\windows\system32\drivers\Vcs.sys
2009-05-27 12:41 . 2009-05-27 12:41 -------- d-----w- c:\program files\iVocalize Web Conference 4
2009-05-27 01:41 . 2004-08-03 23:07 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-05-27 01:41 . 2004-08-03 23:10 78464 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2009-05-26 21:52 . 2009-06-16 17:35 -------- d-----w- c:\program files\LtUcx
2009-05-26 15:20 . 2009-05-26 15:20 62464 ----a-w- c:\documents and settings\welcome\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-19ed9719-n\avutil-49.dll
2009-05-26 15:20 . 2009-05-26 15:20 516096 ----a-w- c:\documents and settings\welcome\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-19ed9719-n\ivjni.dll
2009-05-26 15:20 . 2009-05-26 15:20 288361 ----a-w- c:\documents and settings\welcome\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-19ed9719-n\libmp3lame-0.dll
2009-05-26 15:20 . 2009-05-26 15:20 1941504 ----a-w- c:\documents and settings\welcome\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-19ed9719-n\avcodec-51.dll
2009-05-26 15:20 . 2009-05-26 15:20 107520 ----a-w- c:\documents and settings\welcome\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-19ed9719-n\avformat-52.dll
2009-05-24 18:16 . 2009-05-24 18:16 -------- d-----w- c:\documents and settings\welcome\.webrenderer
2009-05-24 16:23 . 2009-05-24 16:23 -------- d-----w- c:\windows\system32\ar-sa
2009-05-24 16:19 . 2009-05-24 16:19 -------- d--h--w- c:\windows\$hf_mig$
2009-05-24 15:14 . 2009-05-24 15:14 -------- d-----w- c:\windows\Sun
2009-05-24 12:43 . 2009-06-19 07:42 -------- d-----w- c:\documents and settings\welcome\Contacts
2009-05-23 21:11 . 2009-05-23 21:11 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-23 21:08 . 2009-05-23 21:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-23 20:55 . 2009-06-20 13:38 -------- d-----w- c:\windows\system32\Lang
2009-05-23 20:42 . 2007-01-11 10:20 194304 ----a-r- c:\windows\system32\drivers\RTL8187.sys
2009-05-23 20:29 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-05-23 20:27 . 2009-05-24 17:13 -------- d-----w- c:\windows\system32\SupportAppXL
2009-05-23 20:22 . 2009-05-23 20:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-23 20:21 . 2005-06-08 02:58 135168 ----a-r- c:\windows\system32\igfxres.dll
2009-05-23 20:19 . 2009-05-23 20:19 -------- d-----w- c:\documents and settings\welcome\Bluetooth Software
2009-05-23 20:15 . 2009-05-23 20:15 -------- d-----w- c:\program files\WIDCOMM
2009-05-23 20:12 . 2004-11-16 04:06 458752 ----a-r- c:\windows\system32\w29NCPA.dll
2009-05-23 20:12 . 2004-11-16 04:06 3222784 ----a-r- c:\windows\system32\drivers\w29n51.sys
2009-05-23 20:12 . 2009-05-23 20:12 -------- d-----w- c:\program files\Launch Manager
2009-05-23 20:10 . 2004-10-08 06:44 69722 ----a-w- c:\windows\system32\SynTPFcs.dll
2009-05-23 20:10 . 2004-10-08 06:46 81920 ----a-w- c:\windows\system32\SynTPCo2.dll
2009-05-23 20:10 . 2004-10-08 06:36 90202 ----a-w- c:\windows\system32\SynTPAPI.dll
2009-05-23 20:10 . 2004-10-08 06:33 185824 ----a-w- c:\windows\system32\drivers\SynTP.sys
2009-05-23 20:10 . 2004-10-08 06:36 114688 ----a-w- c:\windows\system32\SynCtrl.dll
2009-05-23 20:10 . 2004-10-08 06:35 77917 ----a-w- c:\windows\system32\SynCOM.dll
2009-05-23 20:10 . 2009-05-23 20:10 -------- d-----w- c:\program files\Synaptics
2009-05-23 20:03 . 2005-04-16 14:20 487424 ------r- c:\windows\RtlExUpd.dll
2009-05-23 19:55 . 2009-05-23 19:55 -------- d-----w- c:\documents and settings\welcome\Application Data\ESET
2009-05-23 19:54 . 2009-05-23 19:54 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-05-23 19:53 . 2009-05-27 08:05 -------- d-----w- c:\program files\Circle Developement
2009-05-23 19:53 . 2009-05-23 19:53 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-23 19:53 . 2009-05-23 19:53 -------- dc----w- c:\windows\system32\DRVSTORE
2009-05-23 19:52 . 2009-05-23 19:52 -------- d-----w- c:\program files\Windows Live
2009-05-23 19:51 . 2009-05-23 19:51 -------- d-----w- c:\program files\Webteh
2009-05-23 19:51 . 2007-10-26 07:05 33576 ----a-w- c:\windows\system32\BCGPOleAcc.dll
2009-05-23 19:51 . 2007-10-26 07:05 3036456 ----a-w- c:\windows\system32\BCGCBPRO860u80.dll
2009-05-23 19:51 . 2006-03-17 13:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-05-23 19:51 . 2006-03-17 10:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-05-23 19:51 . 2006-03-17 10:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-05-23 19:51 . 2006-03-17 10:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-05-23 19:51 . 2006-03-17 10:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-05-23 19:50 . 2009-05-23 19:50 -------- d-----w- c:\program files\Common Files\Nero
2009-05-23 19:50 . 2009-05-23 19:50 -------- d-----w- c:\program files\Nero
2009-05-23 19:49 . 2009-05-23 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-05-23 19:48 . 2009-05-23 19:48 -------- d-----w- c:\program files\CyberLink
2009-05-23 19:47 . 2009-05-23 19:47 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-23 19:45 . 2009-05-23 19:45 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-23 19:45 . 2009-05-23 19:45 -------- d-----w- c:\program files\Common Files\Real
2009-05-23 19:45 . 2009-05-23 19:45 -------- d-----w- c:\program files\Real
2009-05-23 19:42 . 2009-05-23 19:42 -------- d-----w- c:\program files\DivX
2009-05-23 19:42 . 2009-05-23 19:42 -------- d-----w- c:\program files\GRETECH
2009-05-23 19:41 . 2009-05-23 19:41 410976 ----a-w- c:\windows\system32\deploytk.dll
2009-05-23 19:41 . 2009-05-23 19:41 -------- d-----w- c:\program files\Java
2009-05-23 19:40 . 2009-05-23 19:40 -------- d-----w- c:\program files\Common Files\COWON
2009-05-23 19:40 . 2009-06-01 21:57 -------- d-----w- c:\program files\JetAudio
2009-05-23 19:39 . 2009-05-23 19:39 -------- d-----w- c:\documents and settings\welcome\Local Settings\Application Data\Real
2009-05-23 19:36 . 2004-08-03 21:55 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-05-23 19:26 . 2009-05-23 19:26 -------- d-sh--w- c:\documents and settings\welcome\UserData
2009-05-23 19:07 . 2009-05-23 19:07 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-23 19:06 . 2009-05-23 19:06 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-05-23 19:06 . 2009-05-23 19:06 -------- d-----w- c:\windows\system32\LogFiles
2009-05-23 19:06 . 2006-09-25 16:58 23856 ----a-w- c:\windows\system32\spupdsvc.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 13:38 . 2009-06-16 06:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-20 13:36 . 2009-06-16 06:19 303136 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-20 13:36 . 2009-06-16 06:19 2116 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-20 13:36 . 2009-06-16 06:19 1533984 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-20 13:36 . 2009-06-16 06:19 14112 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-20 09:40 . 2001-09-19 15:00 40316 ----a-w- c:\windows\system32\perfc001.dat
2009-06-20 09:40 . 2001-09-19 15:00 251946 ----a-w- c:\windows\system32\perfh001.dat
2009-06-16 07:08 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-16 07:08 . 2009-06-16 06:20 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-16 07:08 . 2009-06-16 06:20 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-16 07:08 . 2009-06-16 07:08 21256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-06-16 07:08 . 2009-06-16 07:07 861448 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-06-16 07:07 . 2009-06-16 07:07 83208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-06-16 07:07 . 2009-06-16 07:07 62728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-06-16 07:07 . 2009-06-16 07:07 43784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-06-16 07:07 . 2009-06-16 07:07 365832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-06-16 07:07 . 2009-06-16 07:07 201992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-05-27 15:41 . 2009-05-23 19:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-23 20:11 . 2009-05-23 20:11 -------- d-----w- c:\program files\CONEXANT
2009-05-23 20:09 . 2009-05-23 20:09 294912 ----a-w- c:\windows\HideWin.exe
2009-05-23 20:09 . 2009-05-23 20:09 -------- d-----w- c:\program files\Realtek
2009-05-23 19:59 . 2009-05-23 19:59 -------- d-----w- c:\program files\Intel
2009-05-23 19:53 . 2009-05-23 18:44 94632 ----a-w- c:\documents and settings\welcome\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-23 19:48 . 2009-05-23 19:39 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-23 19:45 . 2009-05-23 19:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-23 19:45 . 2009-05-23 19:39 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-23 19:43 . 2009-05-23 19:43 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-05-23 19:43 . 2009-05-23 19:43 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-05-23 19:43 . 2009-05-23 19:43 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-05-23 19:43 . 2009-05-23 19:43 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-05-23 19:43 . 2009-05-23 19:43 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-05-23 19:43 . 2009-05-23 19:43 1986560 ----a-w- c:\windows\system32\akll.dll
2009-05-23 19:43 . 2009-05-23 19:43 196608 ----a-w- c:\windows\system32\maag.dll
2009-05-23 19:43 . 2009-05-23 19:43 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-05-23 19:43 . 2009-05-23 19:43 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-05-23 19:43 . 2009-05-23 19:42 -------- d-----w- c:\program files\Real_SC
2009-05-23 19:40 . 2009-05-23 19:39 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-23 19:39 . 2009-05-23 19:39 -------- d-----w- c:\program files\mpegable
2009-05-23 19:39 . 2009-05-23 19:39 47104 ------w- c:\windows\AKDeInstall.exe
2009-05-23 19:39 . 2009-05-23 19:39 2232 ----a-w- c:\windows\java\Packages\Data\5RDFJX7B.DAT
2009-05-23 19:39 . 2009-05-23 19:39 155995 ----a-w- c:\windows\java\Packages\B1VTNRTZ.ZIP
2009-05-23 19:39 . 2009-05-23 19:39 2678 ----a-w- c:\windows\java\Packages\Data\6RJZ97N5.DAT
2009-05-23 19:39 . 2009-05-23 19:39 2678 ----a-w- c:\windows\java\Packages\Data\4BB3RJ1J.DAT
2009-05-23 19:39 . 2009-05-23 19:39 2678 ----a-w- c:\windows\java\Packages\Data\UW4WRDBL.DAT
2009-05-23 19:39 . 2009-05-23 19:39 2678 ----a-w- c:\windows\java\Packages\Data\R9ZRFTVZ.DAT
2009-05-23 19:39 . 2009-05-23 19:39 2678 ----a-w- c:\windows\java\Packages\Data\LNT79ZZD.DAT
2009-05-23 19:39 . 2009-05-23 19:39 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-23 19:39 . 2009-05-23 19:39 -------- d-----w- c:\program files\Nokia
2009-05-23 19:24 . 2009-05-23 17:19 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-23 18:50 . 2009-05-23 18:50 -------- d-----w- c:\program files\Microsoft.NET
2009-05-23 18:50 . 2009-05-23 18:50 -------- d-----w- c:\program files\Microsoft Works
2009-05-23 17:20 . 2009-05-23 17:20 -------- d-----w- c:\program files\microsoft frontpage
2009-05-23 17:16 . 2009-05-23 17:16 22144 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-08-16 5728112]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-23 136600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-23 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 688218]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2005-08-18 462848]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-06-16 201992]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2005-08-09 14743552]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-8-16 577597]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-9-8 525664]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\english\\setup.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 م 33808]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [5/27/2009 6:38 م 6852]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [3/25/2008 8:07 م 24592]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [5/23/2009 11:42 م 194304]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://174.36.94.118:1999/ReadUid.CAB
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-20 16:39
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Hints\9@@E@@1 *'D9@J@Q@"A ]
@Allowed: (2) (S-1-5-21-2025429265-1580436667-682003330-1005)
@=""
"PictureSource"="c:\\Documents and Settings\\All Users\\Application Data\\Microsoft\\User Account Pictures\\Default Pictures\\خيول.bmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(960)
c:\windows\system32\klogon.dll
- - - - - - - > 'explorer.exe'(2776)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
.
**************************************************************************
.
Completion time: 2009-06-20 16:40 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-20 13:40
Pre-Run: 17,310,683,136 bytes free
Post-Run: 17,295,327,232 bytes free
263
 
تأييد 0
حمل الاداه التاليه أستخرجها من الأرشيف ثم شغلها
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم
من أبدأ Start


تشغيل Run

أكتب هذا الأمر %temp% ثم موافق Inter

حدد كل مابداخل الصفحة وأحذفه

تعيد الفحص بالبرنامج الخاص بالتقرير الاول الهيجاك
 
توقيع : ®الإعصار®
تأييد 0
مششششكـور آخـوي

وهذآ الهـآي جإأكـ

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:18 م, on 6/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\welcome\سطح المكتب\voicemask\قناع الأصوات العربي.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 6018 bytes




واللي فـي %temp%
بـعـض المـلفـآت لآتـنـحـذف ..

 
تأييد 0
تعيد الفحص بالهيجاك وتحذف هذه القيمه
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : ®الإعصار®
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى