mostafa nabil
زيزوومي نشيط
غير متصل
الفيروس ده وانا متاكد انه فيروس مجننى بيخللى الجهاز يفصل بعد 13 دقيقه ولما يجى يشتغل ياخد مده طويله وبعد كده تعريف الصوت يوقع جربت جميع انواع المكافحات برضه مافيش فايده مش عارف اعمل ايه يا ريت حد ينصحنى؟
تثبيت التطبيق
كيفية تثبيت التطبيق على iOS
قم بمتابعة الفيديو أدناه لمعرفة كيفية تثبيت موقعنا كتطبيق ويب على الشاشة الرئيسية.
ملاحظة: قد لا تكون هذه الميزة متاحة في بعض المتصفحات.
-
تصميم Ramy Badraan
برنامج الحماية الشاملة AVG Internet Security أحدث اصدار نسخة مفعلة مسبقا لغاية سنة 2031 وتنصيب صامت تصميم Ramy Badraan
WinRAR - أداة متكاملة لتحميل وتثبيت وتفعيل WinRAR7.11 اخر اصدار تلقائيًا وبثلاث لغات) تصميم Ramy Badraan
متصفح القوة والسرعة Google Chrome 116.0.5845.97 Stable تصميم Ramy Badraan
الأسطوانة العربية** Ar Windows 10-11 (2019-2021-2024) IoT Enterprise LTSC (x64) Update April 2025 تصميم Ramy Badraan
Windows Video Converter 2025 v9.9.9.17 برنامج تحويل وتحرير الفيديو الكل في واحد تصميم Ramy Badraan
27.00.0300 XYplorer Pro لإدارة الملفات والمجلدات والبحث عنها بسرعة تصميم Ramy Badraan
ويندوز 11 اندكس برو -عربي إنكليزي فرنسي من غير متطلبات ومفعلWindows11PRO_24H2(Ar-En-Fr)26100.3909-Activ_NO TPM تصميم Ramy Badraan
Foxit PDF Editor 2025 .1.0.27937 تصميم Ramy Badraan
CoolUtils Total Doc Converter 5.1.0.364 Repack & Portable لتحويل الملفات الكتابية إلى عدة صيغ تصميم Ramy Badraan
Cisdem Video Compressor 2.2.0 برنامج لضغط الفيديوهات مع المحافظة على الجودة قدر الإمكان - مع التفعيل تصميم Ramy Badraan
تعال سجل Internet Download Manager باسمك -تفعيل تحديث مع IDM Activation Assistant v1.0 تصميم Ramy Badraan
PDF-XChange Editor Plus+PRO v10.6.0.396 تصميم Ramy Badraan
Office 2013-2024 C2R Install + Lite v7.7.7.7 r26 | Install Office and Activate لتحميل وتفعيل الأوفيس تصميم Ramy Badraan
برنامج الحماية الرهيب Webroot Secure Anywhere CE 25.2 والتفعيل بسيريال لمدة 700 يوم تصميم Ramy Badraan
العملاق الأندونيسي Smadav Pro 2025 v15.4 كامل ومحدث مع التفعيل الحصري تصميم Ramy Badraan
Zyzoom Driver Booster Tool - عملاق جلب التعريفات Iobit Driver Booster فى اصداره النهائى مفعل - تنصيب صامت) تصميم Ramy Badraan
Zyzoom Process Lasso Tool - Wise Care 365 Pro 7.2.4.697 RePack & Portable البرنامج الشامل للصيانة وإصلاح النظام) تصميم Ramy Badraan
TechsmithSnagit 25.1.0.6239 x64 Silent Install عملاق تصوير الشاشة وعمل الشروحات تصميم Ramy Badraan
Glary Utilities Pro 6.24.0.28 RePack & Portable لصيانة النظام وتنظيفه من الملفات التالفة تصميم Ramy Badraan
Zyzoom Process Lasso Tool - عملاق تسريع المعالج وتنظيم العمليات فى اصداره الاخير - تنصيب صامت) 
أنت تستخدم أحد المتصفحات القديمة. قد لا يتم عرض هذا الموقع أو المواقع الأخرى بشكل صحيح.
يجب عليك ترقية متصفحك أو استخدام أحد المتصفحات البديلة.- بادئ الموضوع mostafa nabil
- تاريخ البدء
من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيحيااك يا غاالي
أعمل التالي
حمل هذا البرنامج
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك الثانيالتعديل الأخير بواسطة المشرف:توقيع : أعتز بك
تأييد 0mostafa nabil
زيزوومي نشيط
غير متصلمن فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:22:18 م, on 20/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21045)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\vortex tools\Classes\Vortex\vista\LClock\LClock.exe
C:\Program Files\NoCUT\NCTCtl.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Topos\cFosSpeed\spd.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\netcut\netcut.exe
C:\WINDOWS\system32\ping.exe
C:\Documents and Settings\Vortex\My Documents\Downloads\Programs\هايجاك\Zyzoom.org_Tool_V_1.0.exe
C:\DOCUME~1\Vortex\LOCALS~1\Temp\zyaoom Tool\Hijack.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\vortex tools\Classes\Vortex\vista\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\vortex tools\Classes\Vortex\vista\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LClock] C:\Program Files\vortex tools\Classes\Vortex\vista\LClock\LClock.exe
O4 - HKCU\..\Run: [NoCUT Control] C:\Program Files\NoCUT\NCTCtl.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'Default user')
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NoCUT - CyberEDGE® Egypt - C:\WINDOWS\system32\NoCUT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 7582 bytesتوقيع : mostafa nabil
تأييد 0من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيقوم بعمل التالي الآن
عطل برامج الحماية لديك
نزل هذه الاداة
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بردك الاول
ثانيا
حمل هذا البرنامج
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك الثاني
بالآآنتظآآر ,,التعديل الأخير بواسطة المشرف:توقيع : أعتز بك
تأييد 0mostafa nabil
زيزوومي نشيط
غير متصلمن فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيده تقرير الاداه الاولى
ComboFix 09-06-19.01 - Vortex 06/20/2009 15:33.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.767.305 [GMT 3:00]
Running from: c:\documents and settings\Vortex\My Documents\Downloads\Programs\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Files Created from 2009-05-20 to 2009-06-20 )))))))))))))))))))))))))))))))
.
2009-06-20 10:52 . 2009-06-20 10:52 -------- d-sh--w- C:\FOUND.017
2009-06-20 10:44 . 2009-06-20 10:44 -------- d-sh--w- C:\FOUND.016
2009-06-19 21:42 . 2009-06-19 21:43 1094856 ----a-w- c:\documents and settings\Vortex\Application Data\IDM\DwnlData\Vortex\AppRemover_95\AppRemover.exe
2009-06-19 17:29 . 2009-06-19 17:29 2328832 ----a-w- c:\windows\system32\TUKernel.exe
2009-06-19 17:24 . 2009-06-19 17:24 -------- d-sh--w- C:\FOUND.015
2009-06-19 14:51 . 2009-06-19 14:51 -------- d-sh--w- C:\FOUND.014
2009-06-19 13:08 . 2009-06-19 13:08 -------- d-----w- c:\windows\system32\XPSViewer
2009-06-19 13:08 . 2009-06-19 13:08 -------- d-----w- c:\program files\MSBuild
2009-06-19 13:08 . 2009-06-19 13:08 -------- d-----w- c:\program files\Reference Assemblies
2009-06-19 13:08 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-06-19 13:08 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-06-19 13:08 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-06-19 13:08 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-06-19 13:08 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-06-19 12:27 . 2009-06-19 12:27 -------- d-sh--w- C:\FOUND.013
2009-06-19 12:17 . 2009-06-19 12:17 -------- d-sh--w- C:\FOUND.012
2009-06-18 15:53 . 2009-06-18 15:53 -------- d-sh--w- C:\FOUND.011
2009-06-18 10:39 . 2009-06-18 10:40 -------- d-----w- c:\documents and settings\Vortex\Application Data\translateclient
2009-06-18 10:39 . 2009-06-18 10:39 -------- d-----w- c:\program files\Translate Client
2009-06-18 10:23 . 2009-06-18 10:23 -------- d-----w- c:\documents and settings\Vortex\DoctorWeb
2009-06-18 10:15 . 2009-06-18 10:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-06-18 07:35 . 2009-06-18 07:35 -------- d-sh--w- C:\FOUND.010
2009-06-18 00:43 . 2009-06-18 00:43 -------- d-sh--w- C:\FOUND.009
2009-06-17 18:52 . 2009-06-17 18:52 -------- d-----w- c:\program files\netcut
2009-06-17 18:34 . 2009-06-17 18:34 -------- d-----w- c:\documents and settings\Vortex\Application Data\Avira
2009-06-17 17:50 . 2009-06-17 17:50 -------- d-sh--w- C:\FOUND.008
2009-06-17 17:44 . 2009-06-17 18:11 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-06-17 17:44 . 2009-03-30 07:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-06-17 17:44 . 2009-02-24 10:06 69632 ----a-w- c:\windows\system32\drivers\avfwim.sys
2009-06-17 17:44 . 2009-02-13 09:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-06-17 17:44 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-06-17 17:44 . 2009-06-17 17:44 -------- d-----w- c:\program files\Avira
2009-06-17 17:42 . 2009-06-19 23:45 145440 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-17 16:27 . 2009-06-17 16:27 -------- d-sh--w- C:\FOUND.007
2009-06-17 11:43 . 2009-06-17 11:43 -------- d-sh--w- C:\FOUND.006
2009-06-16 23:30 . 2009-06-16 23:30 -------- d-----w- c:\windows\Sun
2009-06-16 20:44 . 2009-06-16 20:44 -------- d-sh--w- C:\FOUND.005
2009-06-16 20:10 . 2009-06-16 20:10 -------- d-sh--w- C:\FOUND.004
2009-06-16 20:04 . 2009-03-24 13:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-06-16 20:04 . 2009-06-16 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-16 19:11 . 2009-06-16 19:11 7168 ----a-w- c:\windows\system32\drivers\ute4njq4.sys
2009-06-16 16:02 . 2009-06-16 16:02 -------- d-----w- C:\Games
2009-06-16 15:59 . 2009-06-16 15:59 -------- d-sh--w- C:\FOUND.003
2009-06-16 15:01 . 2009-06-16 15:01 -------- d-sh--w- C:\FOUND.002
2009-06-16 13:31 . 2009-06-16 13:31 -------- d-----w- c:\documents and settings\Vortex\Local Settings\Application Data\WMTools Downloaded Files
2009-06-16 11:57 . 2009-06-16 11:57 -------- d-----w- c:\documents and settings\Vortex\Tracing
2009-06-16 11:30 . 2009-06-16 11:30 -------- d-sh--w- C:\FOUND.001
2009-06-16 00:08 . 2009-02-20 12:30 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-16 00:07 . 2009-06-16 00:07 -------- d--h--w- c:\windows\$hf_mig$
2009-06-15 23:14 . 2008-07-08 11:54 148496 ----a-w- c:\windows\system32\drivers\66655786.sys
2009-06-15 20:30 . 2009-06-15 20:30 -------- d-sh--w- C:\FOUND.000
2009-06-15 17:54 . 2009-06-15 17:54 -------- d-----w- c:\windows\system32\LogFiles
2009-06-15 17:54 . 2009-02-15 04:42 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-06-15 17:54 . 2009-02-15 04:42 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2009-06-15 17:53 . 2008-03-21 10:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-06-15 17:45 . 2009-06-15 17:45 -------- d-----w- c:\documents and settings\Vortex\Application Data\PC Suite
2009-06-15 17:45 . 2009-06-15 17:45 -------- d-----w- c:\documents and settings\Vortex\Application Data\Nokia
2009-06-15 17:45 . 2009-06-15 17:45 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-15 17:43 . 2009-06-15 17:43 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-15 17:43 . 2009-06-15 17:43 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-15 17:43 . 2009-06-15 17:43 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-15 17:43 . 2009-06-15 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-15 17:20 . 2008-12-20 22:14 1288192 ------w- c:\windows\system32\dllcache\quartz.dll
2009-06-15 17:17 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-06-15 17:17 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-06-15 17:15 . 2009-02-15 04:42 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2009-06-15 17:14 . 2009-02-06 11:03 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-06-15 17:14 . 2009-02-06 10:30 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-06-15 17:14 . 2009-02-06 10:30 2066176 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-06-15 16:50 . 2009-06-15 16:50 4096 ----a-w- c:\windows\d3dx.dat
2009-06-15 13:23 . 2009-06-15 13:23 -------- d-----w- c:\program files\NoCUT
2009-06-15 13:17 . 2009-06-15 13:17 -------- d-----w- c:\program files\WinPcap
2009-06-15 13:10 . 2009-06-15 13:10 -------- d-----w- c:\documents and settings\Vortex\Application Data\ESET
2009-06-15 13:09 . 2009-06-15 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-15 13:01 . 2009-06-15 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-15 11:57 . 2009-06-15 11:57 -------- d-----w- c:\program files\Topos
2009-06-15 11:57 . 2009-02-11 09:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-06-15 11:57 . 2009-02-11 09:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-06-15 11:13 . 2009-06-15 11:13 0 ----a-w- c:\windows\nsreg.dat
2009-06-15 11:13 . 2009-06-15 11:13 -------- d-----w- c:\documents and settings\Vortex\Local Settings\Application Data\Mozilla
2009-06-15 11:12 . 2009-06-15 11:12 -------- d-----w- c:\documents and settings\Vortex\Application Data\COWON
2009-06-15 11:12 . 2009-06-15 11:12 -------- d-----w- c:\program files\Common Files\COWON
2009-06-15 11:12 . 2009-06-15 11:12 -------- d-----w- c:\program files\JetAudio
2009-06-15 11:00 . 2009-06-15 11:00 355584 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-15 11:00 . 2008-05-29 06:28 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-15 10:54 . 2009-06-15 10:54 -------- d-----w- c:\documents and settings\Vortex\Application Data\TuneUp Software
2009-06-15 10:54 . 2009-06-15 10:54 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-06-15 10:53 . 2009-06-15 10:53 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-06-15 10:39 . 2009-06-15 10:39 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-15 10:37 . 2009-06-15 10:37 -------- d-----w- c:\program files\AAQ
2009-06-15 10:35 . 2009-06-15 10:35 -------- d-----w- c:\documents and settings\Vortex\Application Data\Apple Computer
2009-06-15 10:34 . 2009-06-15 10:34 29736 ----a-w- c:\documents and settings\Vortex\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-15 10:33 . 2009-06-15 10:33 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-15 10:31 . 2009-06-15 10:31 -------- d-----w- c:\program files\Common Files\Real
2009-06-15 10:31 . 2009-06-15 10:31 -------- d-----w- c:\program files\Real
2009-06-15 10:31 . 2009-06-15 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-15 10:30 . 2009-06-15 10:30 -------- d-----w- c:\documents and settings\Vortex\Local Settings\Application Data\Apple
2009-06-15 10:30 . 2009-06-15 10:30 -------- d-----w- c:\documents and settings\Vortex\Local Settings\Application Data\Apple Computer
2009-06-15 10:27 . 2009-06-15 10:27 198064 ----a-w- c:\documents and settings\Vortex\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-15 10:27 . 2009-06-15 10:27 -------- d-----w- c:\documents and settings\Vortex\Application Data\IDM
2009-06-15 10:27 . 2009-06-15 10:27 -------- d-----w- c:\documents and settings\Vortex\Application Data\DMCache
2009-06-15 10:27 . 2009-06-15 10:27 -------- d-----w- c:\program files\Internet Download Manager
2009-06-15 10:26 . 2009-06-15 10:26 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-15 10:26 . 2009-06-15 10:26 -------- d-----w- c:\program files\Java
2009-06-15 10:25 . 2009-06-15 10:25 -------- d-----w- c:\documents and settings\Vortex\Application Data\Media Player Classic
2009-06-15 10:22 . 2009-06-15 10:22 -------- d-----w- c:\documents and settings\Vortex\Local Settings\Application Data\Yahoo
2009-06-15 10:21 . 2009-06-15 10:22 82898 ----a-w- c:\windows\uninstall.exe
2009-06-15 10:18 . 2009-06-15 10:18 -------- d-----w- c:\documents and settings\Vortex\Application Data\IObit
2009-06-15 10:18 . 2009-06-15 10:18 -------- d-----w- c:\documents and settings\Vortex\Application Data\AVG8
2009-06-15 10:09 . 2009-06-15 10:09 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-15 10:08 . 2009-06-15 10:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-06-15 10:07 . 2009-06-15 10:07 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-15 10:04 . 2009-06-15 10:04 -------- d-----w- c:\windows\nview
2009-06-15 10:04 . 2007-10-04 08:14 356352 ----a-w- c:\windows\system32\nvudisp.exe
2009-06-15 10:01 . 2009-02-15 04:42 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2009-06-15 10:01 . 2009-02-15 04:42 6272 ----a-w- c:\windows\system32\dllcache\splitter.sys
2009-06-15 10:01 . 2009-02-15 04:42 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys
2009-06-15 10:01 . 2009-02-15 04:42 83072 ----a-w- c:\windows\system32\dllcache\wdmaud.sys
2009-06-15 10:01 . 2009-02-15 04:42 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys
2009-06-15 10:01 . 2009-02-15 04:42 52864 ----a-w- c:\windows\system32\dllcache\dmusic.sys
2009-06-15 10:01 . 2009-02-15 04:42 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys
2009-06-15 10:01 . 2009-02-15 04:42 56576 ----a-w- c:\windows\system32\dllcache\swmidi.sys
2009-06-15 10:01 . 2009-02-15 04:42 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2009-06-15 10:01 . 2009-02-15 04:42 142592 ----a-w- c:\windows\system32\dllcache\aec.sys
2009-06-15 10:01 . 2009-06-15 10:01 -------- d--h--w- c:\program files\InstallShield Installation Information
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-20 10:57 . 2009-06-20 10:57 4526 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-06-19 23:45 . 2009-06-17 17:42 2756 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-15 17:53 . 2009-06-15 17:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-15 17:53 . 2009-06-15 17:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-15 17:44 . 2009-06-15 17:44 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-15 17:44 . 2009-06-15 17:44 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-15 17:44 . 2009-06-15 17:44 -------- d-----w- c:\program files\DIFX
2009-06-15 17:44 . 2009-06-15 17:44 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-15 17:44 . 2009-06-15 17:44 -------- d-----w- c:\program files\Nokia
2009-06-15 10:36 . 2009-06-15 10:36 31815 ----a-w- c:\windows\system32\unins000.dat
2009-06-15 10:36 . 2009-06-15 10:36 684636 ----a-w- c:\windows\system32\unins000.exe
2009-06-15 10:36 . 2009-06-15 10:36 -------- d-----w- c:\program files\XP Codec Pack
2009-06-15 10:03 . 2009-06-15 10:03 -------- d-----w- c:\documents and settings\Vortex\Application Data\InstallShield
2009-06-15 10:00 . 2009-06-15 10:00 -------- d-----w- c:\program files\VIA
2009-06-15 09:59 . 2009-06-15 09:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-15 09:55 . 2009-06-15 09:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Vortex Tools
2009-06-15 09:55 . 2009-06-15 09:55 -------- d-----w- c:\program files\vortex tools
2009-06-15 09:55 . 2009-06-15 09:55 -------- d-----w- c:\program files\Windows Live
2009-06-15 09:55 . 2009-06-15 09:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-06-15 09:55 . 2009-06-15 09:55 -------- d-----w- c:\program files\Yahoo!
2009-06-15 09:54 . 2009-06-15 09:54 -------- d-----w- c:\documents and settings\Default User\Application Data\winamp
2009-06-15 09:54 . 2009-06-15 09:54 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-15 09:47 . 2009-06-15 09:47 -------- d-----w- c:\program files\microsoft frontpage
2009-06-15 09:46 . 2009-06-15 09:46 -------- d-----w- c:\program files\Alky for Applications
2009-06-15 09:45 . 2009-06-15 09:45 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-15 09:44 . 2009-06-15 09:44 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-15 09:43 . 2009-06-15 09:43 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-15 09:40 . 2009-06-15 09:40 -------- d-----w- c:\program files\VistaExperience.org
2009-06-15 09:38 . 2009-06-15 09:38 -------- d-----w- c:\program files\Foxit Software
2009-06-15 09:37 . 2009-06-15 09:37 -------- d-----w- c:\program files\ISO Recorder
2009-06-15 09:37 . 2009-06-15 09:37 -------- d-----w- c:\program files\System
2009-06-15 09:37 . 2009-06-15 09:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-15 09:37 . 2009-06-15 09:37 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-07 15:14 . 2009-02-20 09:30 346112 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:49 . 2009-02-20 12:30 828928 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:49 . 2009-02-20 09:30 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-20 14:08 . 2009-06-15 17:44 34396584 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_eng_web.exe
2009-04-17 13:20 . 2009-02-20 09:30 1847808 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2009-02-20 09:30 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-03-26 15:35 . 2009-05-07 07:42 210352 ----a-w- c:\windows\system32\idmmbc.dll
.
------- Sigcheck -------
[-] 2009-02-20 09:30 578048 894B313C52589628BB996E175B581E3A c:\windows\system32\user32.dll
[-] 2009-02-20 09:30 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\system32\drivers\tcpip.sys
[-] 2009-02-20 09:30 557056 D2B41B86A5F59DE5E636F4954F6EF8F2 c:\windows\system32\winlogon.exe
[-] 2009-02-20 09:30 1589248 CDF7DDCA2A8C0E5E14C26736D6E54E24 c:\windows\explorer.exe
[-] 2009-02-20 09:30 40448 C1D50243355A290CB3AA684FD8B38170 c:\windows\system32\ctfmon.exe
[-] 2009-02-20 12:30 296448 37981A741AD7B04258E87129FFE79AB9 c:\windows\system32\termsrv.dll
[-] 2009-02-20 09:30 1614848 5504EFF23CE88A875C98B4C55487FF1D c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2009-02-20 40448]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-06-16 1277440]
"LClock"="c:\program files\vortex tools\Classes\Vortex\vista\LClock\LClock.exe" [2004-09-19 65536]
"NoCUT Control"="c:\program files\NoCUT\NCTCtl.exe" [2006-03-29 78848]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-15 2807216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Vistadrv"="c:\program files\vortex tools\Classes\Vortex\vista\VIPhd\vsdrv.exe" [2006-07-30 121089]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-15 185872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-02-20 40448]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"vortex_AA0"="advpack.dll" - c:\windows\system32\advpack.dll [2009-04-29 124928]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe [2009-6-9 225280]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [x]
R3 ute4njq4;AVZ Kernel Driver;c:\windows\system32\Drivers\ute4njq4.sys [2009-06-16 7168]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2009-06-17 97608]
S1 is-RL0UAdrv;is-RL0UAdrv;c:\windows\system32\DRIVERS\66655786.sys [2008-07-08 148496]
S1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\System\CPL Bonus\Vcdrom.sys [2001-12-19 8576]
S2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [2009-06-17 388865]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-06-17 194817]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-17 108289]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-06-17 434945]
S2 NoCUT;NoCUT;c:\windows\system32\NoCUT.exe [2006-03-29 18432]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-01-25 42000]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2007-12-12 212992]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - VCDROM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register
.
Contents of the 'Scheduled Tasks' folder
2009-06-20 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-04-16 06:59]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-Wdf01000.sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Rootkit scan 2009-06-20 15:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1600)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1656)
c:\windows\system32\SETUPAPI.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-06-20 16:00
ComboFix-quarantined-files.txt 2009-06-20 12:59
Pre-Run: 1,033,093,120 bytes free
Post-Run: 1,343,856,640 bytes free
297 --- E O F --- 2009-06-20 10:43توقيع : mostafa nabil
تأييد 0mostafa nabil
زيزوومي نشيط
غير متصلمن فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيالاداه التانيه
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:11:54 م, on 20/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21045)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Topos\cFosSpeed\spd.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\vortex tools\Classes\Vortex\vista\LClock\LClock.exe
C:\Program Files\NoCUT\NCTCtl.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\vortex tools\Classes\Vortex\vista\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\vortex tools\Classes\Vortex\vista\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LClock] C:\Program Files\vortex tools\Classes\Vortex\vista\LClock\LClock.exe
O4 - HKCU\..\Run: [NoCUT Control] C:\Program Files\NoCUT\NCTCtl.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [vortex_AA0] rundll32 advpack.dll,LaunchINFSectionEx voraddon.inf,vortwek,,4,N (User 'Default user')
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NoCUT - CyberEDGE® Egypt - C:\WINDOWS\system32\NoCUT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 6686 bytesتوقيع : mostafa nabil
تأييد 0mostafa nabil
زيزوومي نشيط
غير متصلمن فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفيالاداه دى انا استخدمتها بدون جدوى الظاهر ملهوش حلتوقيع : mostafa nabil
تأييد 0
