السلام عليكم ورحمة الله وبركاته
عندي مشكله بجهازي ضربت كل البرامج ما عد اشتغل ولا برنامج الا البعض منها
وما ادري ايش الي صار فيه حتى النسخ واللصق مو ماشي وهذا صور من سطح المكتب حق الجهاز
احد يعرف حل المشكله يوافي بالحلول ولكم جزيل الشكل
- بادئ الموضوع Al AsEeR1
- تاريخ البدء
- 985
البارون
زيزوومى فضى
- إنضم
- 1 مارس 2008
- المشاركات
- 13,588
- مستوى التفاعل
- 506
- النقاط
- 920
غير متصل
حمل هذا الآداة
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
توقيع : البارون
تأييد
0
Logfile of HijackThis v1.99.1
Scan saved at 04:23:24 ص, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AutorunRemover\AutorunRemover.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\DOCUME~1\UsEr\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\UsEr\سطح المكتب\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll
O20 - Winlogon Notify: PremierOpinion - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - Unknown owner - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe" -e (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
Scan saved at 04:23:24 ص, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AutorunRemover\AutorunRemover.exe
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\DOCUME~1\UsEr\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\UsEr\سطح المكتب\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll,c:\program,files\premieropinion\pmai.dll
O20 - Winlogon Notify: PremierOpinion - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - Unknown owner - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe" -e (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
تأييد
0
البارون
زيزوومى فضى
- إنضم
- 1 مارس 2008
- المشاركات
- 13,588
- مستوى التفاعل
- 506
- النقاط
- 920
غير متصل
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
توقيع : البارون
تأييد
0
لم يتم اعادة التشغيل وهذا الي بالمفكرة
ComboFix 09-07-14.08 - UsEr 07/17/2009 4:38.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.958.599 [GMT 3:00]
Running from: c:\documents and settings\UsEr\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\2b9433.msi
c:\windows\Installer\318746.msi
c:\windows\Installer\318762.msi
c:\windows\system32\Desktop_.ini
c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
d:\جميع ملفاتي الخاصه\برامج\برامجي\java\لجعل الويندوز أصليا\kf141\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\java\لجعل الويندوز أصليا\kf151\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\Windows Media Player v11 Arabic\طريقة التنصيب\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\Windows Media Player v11 Arabic\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\عبادي\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\الرويشد\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\محمد عبده\Desktop_.ini
.
((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.
2009-07-17 00:49 . 2009-07-17 00:49 -------- d-----w- c:\windows\system32\wbem\Repository
2009-07-16 20:26 . 2009-07-16 20:26 62464 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avutil-49.dll
2009-07-16 20:26 . 2009-07-16 20:26 516096 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\ivjni.dll
2009-07-16 20:26 . 2009-07-16 20:26 288361 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\libmp3lame-0.dll
2009-07-16 20:26 . 2009-07-16 20:26 1941504 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avcodec-51.dll
2009-07-16 20:26 . 2009-07-16 20:26 107520 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avformat-52.dll
2009-07-13 23:14 . 2009-07-13 23:14 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-07-13 23:14 . 2009-07-13 23:14 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-07-13 23:14 . 2009-07-13 23:14 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-07-13 23:14 . 2009-07-13 23:14 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-07-13 22:26 . 2009-07-13 23:14 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-13 22:26 . 2009-07-13 23:14 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-13 22:25 . 2009-07-17 00:49 442400 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-13 22:25 . 2009-07-17 00:49 3802656 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-13 22:25 . 2009-07-17 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-07-13 22:25 . 2009-07-13 22:25 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-12 16:46 . 2009-07-12 16:46 198064 ----a-w- c:\documents and settings\UsEr\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-07-08 15:29 . 2009-07-08 15:29 152576 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-06 17:01 . 2009-07-06 17:03 -------- d-----w- c:\documents and settings\UsEr\Application Data\Blueberry
2009-07-06 17:01 . 2009-07-06 17:01 4608 ----a-w- c:\windows\system32\bbchlp.dll
2009-07-06 17:01 . 2009-07-06 17:01 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2009-07-06 17:01 . 2009-07-06 17:01 30720 ----a-w- c:\windows\system32\bbcap.dll
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\documents and settings\UsEr\Application Data\LogSys
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\LogSys
2009-07-06 17:01 . 2009-06-02 23:05 2692820 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\BB FlashBack Express.exe
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\program files\Common Files\Blueberry Software
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\program files\Blueberry Software
2009-07-06 17:01 . 2009-07-06 17:01 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 01:15 . 2008-12-05 21:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-17 01:10 . 2001-09-19 12:00 71888 ----a-w- c:\windows\system32\perfc001.dat
2009-07-17 01:10 . 2001-09-19 12:00 377962 ----a-w- c:\windows\system32\perfh001.dat
2009-07-17 00:49 . 2009-07-13 22:25 3640 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-17 00:49 . 2009-07-13 22:25 33932 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-16 22:15 . 2008-12-05 21:39 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-07-16 21:34 . 2008-04-21 19:30 -------- d-----w- c:\program files\أدعية
2009-07-16 21:33 . 2009-05-24 13:45 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-16 21:31 . 2009-01-17 13:59 -------- d-----w- c:\program files\VoiceMaskPro
2009-07-16 21:31 . 2008-12-02 15:30 -------- d-----w- c:\program files\VistaCodecPack
2009-07-16 21:29 . 2009-04-28 17:53 -------- d-----w- c:\program files\TeraCopy
2009-07-16 21:29 . 2009-01-02 11:30 -------- d-----w- c:\program files\SplitCam
2009-07-16 21:27 . 2008-12-05 12:13 -------- d-----w- c:\program files\PremierOpinion
2009-07-16 21:27 . 2008-04-21 19:15 -------- d-----w- c:\program files\Orbitdownloader
2009-07-16 21:21 . 2008-04-21 19:28 -------- d-----w- c:\program files\Nero
2009-07-16 21:20 . 2008-04-21 18:45 -------- d-----w- c:\program files\Microsoft Works
2009-07-16 21:12 . 2008-12-04 19:46 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-16 21:11 . 2008-04-21 19:26 -------- d-----w- c:\program files\Media Resizer PRO
2009-07-16 20:35 . 2008-12-03 11:16 -------- d-----w- c:\program files\JetAudio
2009-07-16 20:31 . 2009-06-16 16:44 -------- d-----w- c:\program files\iVocalize Web Conference 4
2009-07-16 20:31 . 2008-12-08 02:21 -------- d-----w- c:\program files\Internet Download Manager
2009-07-16 20:28 . 2008-10-12 06:57 -------- d-----w- c:\program files\Google
2009-07-16 20:26 . 2008-10-11 19:20 -------- d-----w- c:\program files\GoldWave
2009-07-16 20:26 . 2008-04-21 19:28 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-07-16 20:26 . 2008-10-12 06:54 -------- d-----w- c:\program files\Flash Effect Maker
2009-07-16 20:20 . 2009-03-10 20:27 -------- d-----w- c:\program files\Fahess_Activation
2009-07-16 20:20 . 2008-04-21 19:42 -------- d-----w- c:\program files\DivX
2009-07-16 20:13 . 2008-12-05 12:11 -------- d-----w- c:\program files\CEDP Stealer 6.0 for Messenger
2009-07-16 20:13 . 2008-04-21 19:30 -------- d-s---w- c:\program files\Bee Icons
2009-07-16 20:12 . 2008-10-12 06:55 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2009-07-16 20:12 . 2008-12-02 15:27 -------- d-----w- c:\program files\AutorunRemover
2009-07-16 19:47 . 2008-10-11 19:13 -------- d-----w- c:\program files\Atheros
2009-07-16 19:47 . 2009-05-24 13:17 -------- d-----w- c:\program files\Ask Search Assistant
2009-07-16 19:46 . 2008-04-21 19:42 -------- d-----w- c:\program files\Al-Mawrid Al-Quareeb
2009-07-16 12:06 . 2008-12-03 10:11 -------- d-----w- c:\documents and settings\UsEr\Application Data\TeraCopy
2009-07-14 17:41 . 2008-12-08 02:21 -------- d-----w- c:\documents and settings\UsEr\Application Data\DMCache
2009-07-13 23:19 . 2008-12-04 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Long slow road itch
2009-07-13 23:14 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-13 17:01 . 2008-04-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-12 16:46 . 2008-12-08 02:21 -------- d-----w- c:\documents and settings\UsEr\Application Data\IDM
2009-07-08 15:30 . 2008-04-21 19:28 -------- d-----w- c:\program files\Java
2009-06-27 12:14 . 2008-12-02 15:26 551424 ----a-w- c:\windows\system32\agsaame.dll
2009-06-16 16:48 . 2009-06-16 16:48 62464 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avutil-49.dll
2009-06-16 16:48 . 2009-06-16 16:48 516096 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\ivjni.dll
2009-06-16 16:48 . 2009-06-16 16:48 288361 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\libmp3lame-0.dll
2009-06-16 16:48 . 2009-06-16 16:48 1941504 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avcodec-51.dll
2009-06-16 16:48 . 2009-06-16 16:48 107520 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avformat-52.dll
2009-06-10 12:05 . 2009-06-10 12:05 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-10 12:05 . 2008-04-21 19:25 -------- d-----w- c:\program files\Common Files\Real
2009-06-10 11:57 . 2006-07-11 15:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-02 23:05 . 2009-07-06 17:00 3524096 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\5EE7C0A0\D9A41735\FlashBack Recorder.exe
2009-06-02 23:03 . 2009-07-06 17:00 6824960 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\17CD7A6B\D9A41735\FlashBack Player.exe
2009-06-02 22:59 . 2009-07-06 17:00 84992 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\B708923F\3F343B0A\FlashBackInstall.dll
2009-06-02 22:01 . 2009-07-06 17:00 98304 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\7B709A09\AD52EFF7\FtpPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 90112 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\80FD0D87\AD52EFF7\FileCopyPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 200704 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\7AE3FABF\AD52EFF7\PublishConfigurator.dll
2009-06-02 22:01 . 2009-07-06 17:00 106496 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\EE0DA67B\AD52EFF7\YouTubePublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 106496 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\CC622F81\AD52EFF7\RevverPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\E3C06657\AD52EFF7\Blip.tv.Publisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\83CFD3BC\AD52EFF7\ViddlerPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\2BCAD258\AD52EFF7\CoggnoPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 147456 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\2192626E\AD52EFF7\DefConfig.exe
2009-05-30 20:07 . 2009-05-30 20:07 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH
2009-05-30 20:07 . 2009-05-30 20:07 -------- d-----w- c:\documents and settings\UsEr\Application Data\GRETECH
2009-05-30 20:06 . 2008-10-11 19:21 -------- d-----w- c:\program files\GRETECH
2009-05-21 15:44 . 2009-05-21 14:11 523384 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-21 14:42 . 2009-05-21 14:42 -------- d-----w- c:\documents and settings\UsEr\Application Data\Nseries
2009-05-21 14:31 . 2009-05-21 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-21 14:29 . 2009-05-21 14:29 -------- d-----w- c:\documents and settings\UsEr\Application Data\PC Suite
2009-05-21 14:28 . 2008-04-21 18:35 108056 ----a-w- c:\documents and settings\UsEr\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 14:26 . 2009-05-21 14:26 -------- d-----w- c:\documents and settings\UsEr\Application Data\Nokia
2009-05-21 14:25 . 2008-12-07 01:06 -------- d-----w- c:\program files\Nokia
2009-05-21 14:22 . 2009-05-21 14:22 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2009-05-21 14:22 . 2009-05-21 14:21 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-05-21 14:20 . 2008-12-07 01:06 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-21 14:17 . 2008-04-22 06:34 -------- d-----w- c:\program files\DIFX
2009-05-21 14:10 . 2009-05-21 14:10 -------- d-----w- c:\program files\MSBuild
2009-05-21 14:10 . 2009-05-21 14:10 -------- d-----w- c:\program files\Reference Assemblies
2009-05-21 08:33 . 2008-12-03 22:05 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-12 22:01 . 2009-07-06 17:00 655360 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\A7079B64\3F343B0A\Free FlashBack Player.exe
2009-05-11 05:39 . 2009-07-06 17:00 1455104 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\5C2DCAEF\3F343B0A\CheckForUpdate.dll
2009-04-29 22:16 . 2009-07-06 17:00 167936 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\10D184DA\3F343B0A\LogSysInstaller.dll
2009-04-29 22:13 . 2009-07-06 17:00 1077248 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\1C57B9C7\3F343B0A\LogSysServer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8433664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920]
"AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2008-12-02 1257472]
"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-03-19 197936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-10 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-20 16132608]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-07-25 1626112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [12/10/2008 09:59 ص 728920]
R2 BandLuxe_Service;BandLuxe Service;c:\program files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [15/04/2008 12:26 م 85016]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [21/03/2009 12:33 ص 6852]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [06/07/2009 08:01 م 4096]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [19/09/2001 03:00 م 3584]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\drivers\br3gmdm.sys [16/05/2009 01:56 م 100096]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\drivers\hidshim.sys [11/10/2008 10:10 م 5632]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [07/12/2008 04:07 ص 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [07/12/2008 04:07 ص 8320]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [10/05/2009 08:21 م 194304]
S3 winbondhidcir;Winbond HID CIR Receiver;c:\windows\system32\drivers\winbondhidcir.sys [11/10/2008 10:10 م 21504]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-IDMan - c:\program files\Internet Download Manager\IDMan.exe
HKLM-Run-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
HKLM-Run-AzMixerSel - c:\program files\Realtek\InstallShield\AzMixerSel.exe
HKLM-Run-ATICCC - c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
HKLM-Run-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uStart Page = hxxp://www.google.com.sa/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java -
DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://75.126.0.67/imscp/talkc38.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://74.222.158.28/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://76.76.24.74/sultan99/talks3n.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-07-17 04:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{185be91f-e627-4e99-8256-2cd88a0042de}]
@Denied: (Full) (Everyone)
"Model"=dword:00000003
"Therad"=dword:0000001c
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c0,37,e6,51,0e,9d,17,f1,d1,39,b7,c4,a5,c5,d6,30,05,eb,b1,33,83,
b7,8c,0a,bc,b3,85,35,3c,64,eb,2c,2b,2b,01,14,b3,a3,ec,ad,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):4f,30,04,64,1b,2e,56,e9,25,d8,d4,cf,dd,d0,af,56,64,94,95,ac,6e,
92,1d,78,9f,a0,17,df,b0,98,ab,c9,e1,49,a9,56,51,68,6f,82,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f208e3d8-f23f-43e9-9cc3-e7a069ec953b}]
@Denied: (Full) (Everyone)
"Model"=dword:000000c1
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,7a,e1,92,8f,76,59,78,53,1d,73,77,3a,75,23,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(620)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-17 4:46
ComboFix-quarantined-files.txt 2009-07-17 01:45
Pre-Run: 8,614,748,160 bytes free
Post-Run: 8,924,864,512 bytes free
244
ComboFix 09-07-14.08 - UsEr 07/17/2009 4:38.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.958.599 [GMT 3:00]
Running from: c:\documents and settings\UsEr\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\2b9433.msi
c:\windows\Installer\318746.msi
c:\windows\Installer\318762.msi
c:\windows\system32\Desktop_.ini
c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
d:\جميع ملفاتي الخاصه\برامج\برامجي\java\لجعل الويندوز أصليا\kf141\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\java\لجعل الويندوز أصليا\kf151\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\Windows Media Player v11 Arabic\طريقة التنصيب\Desktop_.ini
d:\جميع ملفاتي الخاصه\برامج\برامجي\Windows Media Player v11 Arabic\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\عبادي\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\الرويشد\Desktop_.ini
d:\جميع ملفاتي الخاصه\منوع عيسى\محمد عبده\Desktop_.ini
.
((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.
2009-07-17 00:49 . 2009-07-17 00:49 -------- d-----w- c:\windows\system32\wbem\Repository
2009-07-16 20:26 . 2009-07-16 20:26 62464 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avutil-49.dll
2009-07-16 20:26 . 2009-07-16 20:26 516096 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\ivjni.dll
2009-07-16 20:26 . 2009-07-16 20:26 288361 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\libmp3lame-0.dll
2009-07-16 20:26 . 2009-07-16 20:26 1941504 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avcodec-51.dll
2009-07-16 20:26 . 2009-07-16 20:26 107520 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\39\17c03827-7021198a-n\avformat-52.dll
2009-07-13 23:14 . 2009-07-13 23:14 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-07-13 23:14 . 2009-07-13 23:14 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-07-13 23:14 . 2009-07-13 23:14 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-07-13 23:14 . 2009-07-13 23:14 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-07-13 22:26 . 2009-07-13 23:14 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-13 22:26 . 2009-07-13 23:14 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-13 22:25 . 2009-07-17 00:49 442400 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-13 22:25 . 2009-07-17 00:49 3802656 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-13 22:25 . 2009-07-17 00:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-07-13 22:25 . 2009-07-13 22:25 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-12 16:46 . 2009-07-12 16:46 198064 ----a-w- c:\documents and settings\UsEr\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-07-08 15:29 . 2009-07-08 15:29 152576 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-06 17:01 . 2009-07-06 17:03 -------- d-----w- c:\documents and settings\UsEr\Application Data\Blueberry
2009-07-06 17:01 . 2009-07-06 17:01 4608 ----a-w- c:\windows\system32\bbchlp.dll
2009-07-06 17:01 . 2009-07-06 17:01 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2009-07-06 17:01 . 2009-07-06 17:01 30720 ----a-w- c:\windows\system32\bbcap.dll
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\documents and settings\UsEr\Application Data\LogSys
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\LogSys
2009-07-06 17:01 . 2009-06-02 23:05 2692820 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\BB FlashBack Express.exe
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\program files\Common Files\Blueberry Software
2009-07-06 17:01 . 2009-07-06 17:01 -------- d-----w- c:\program files\Blueberry Software
2009-07-06 17:01 . 2009-07-06 17:01 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 01:15 . 2008-12-05 21:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-17 01:10 . 2001-09-19 12:00 71888 ----a-w- c:\windows\system32\perfc001.dat
2009-07-17 01:10 . 2001-09-19 12:00 377962 ----a-w- c:\windows\system32\perfh001.dat
2009-07-17 00:49 . 2009-07-13 22:25 3640 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-17 00:49 . 2009-07-13 22:25 33932 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-16 22:15 . 2008-12-05 21:39 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-07-16 21:34 . 2008-04-21 19:30 -------- d-----w- c:\program files\أدعية
2009-07-16 21:33 . 2009-05-24 13:45 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-16 21:31 . 2009-01-17 13:59 -------- d-----w- c:\program files\VoiceMaskPro
2009-07-16 21:31 . 2008-12-02 15:30 -------- d-----w- c:\program files\VistaCodecPack
2009-07-16 21:29 . 2009-04-28 17:53 -------- d-----w- c:\program files\TeraCopy
2009-07-16 21:29 . 2009-01-02 11:30 -------- d-----w- c:\program files\SplitCam
2009-07-16 21:27 . 2008-12-05 12:13 -------- d-----w- c:\program files\PremierOpinion
2009-07-16 21:27 . 2008-04-21 19:15 -------- d-----w- c:\program files\Orbitdownloader
2009-07-16 21:21 . 2008-04-21 19:28 -------- d-----w- c:\program files\Nero
2009-07-16 21:20 . 2008-04-21 18:45 -------- d-----w- c:\program files\Microsoft Works
2009-07-16 21:12 . 2008-12-04 19:46 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-16 21:11 . 2008-04-21 19:26 -------- d-----w- c:\program files\Media Resizer PRO
2009-07-16 20:35 . 2008-12-03 11:16 -------- d-----w- c:\program files\JetAudio
2009-07-16 20:31 . 2009-06-16 16:44 -------- d-----w- c:\program files\iVocalize Web Conference 4
2009-07-16 20:31 . 2008-12-08 02:21 -------- d-----w- c:\program files\Internet Download Manager
2009-07-16 20:28 . 2008-10-12 06:57 -------- d-----w- c:\program files\Google
2009-07-16 20:26 . 2008-10-11 19:20 -------- d-----w- c:\program files\GoldWave
2009-07-16 20:26 . 2008-04-21 19:28 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-07-16 20:26 . 2008-10-12 06:54 -------- d-----w- c:\program files\Flash Effect Maker
2009-07-16 20:20 . 2009-03-10 20:27 -------- d-----w- c:\program files\Fahess_Activation
2009-07-16 20:20 . 2008-04-21 19:42 -------- d-----w- c:\program files\DivX
2009-07-16 20:13 . 2008-12-05 12:11 -------- d-----w- c:\program files\CEDP Stealer 6.0 for Messenger
2009-07-16 20:13 . 2008-04-21 19:30 -------- d-s---w- c:\program files\Bee Icons
2009-07-16 20:12 . 2008-10-12 06:55 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2009-07-16 20:12 . 2008-12-02 15:27 -------- d-----w- c:\program files\AutorunRemover
2009-07-16 19:47 . 2008-10-11 19:13 -------- d-----w- c:\program files\Atheros
2009-07-16 19:47 . 2009-05-24 13:17 -------- d-----w- c:\program files\Ask Search Assistant
2009-07-16 19:46 . 2008-04-21 19:42 -------- d-----w- c:\program files\Al-Mawrid Al-Quareeb
2009-07-16 12:06 . 2008-12-03 10:11 -------- d-----w- c:\documents and settings\UsEr\Application Data\TeraCopy
2009-07-14 17:41 . 2008-12-08 02:21 -------- d-----w- c:\documents and settings\UsEr\Application Data\DMCache
2009-07-13 23:19 . 2008-12-04 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Long slow road itch
2009-07-13 23:14 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-13 17:01 . 2008-04-21 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-12 16:46 . 2008-12-08 02:21 -------- d-----w- c:\documents and settings\UsEr\Application Data\IDM
2009-07-08 15:30 . 2008-04-21 19:28 -------- d-----w- c:\program files\Java
2009-06-27 12:14 . 2008-12-02 15:26 551424 ----a-w- c:\windows\system32\agsaame.dll
2009-06-16 16:48 . 2009-06-16 16:48 62464 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avutil-49.dll
2009-06-16 16:48 . 2009-06-16 16:48 516096 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\ivjni.dll
2009-06-16 16:48 . 2009-06-16 16:48 288361 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\libmp3lame-0.dll
2009-06-16 16:48 . 2009-06-16 16:48 1941504 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avcodec-51.dll
2009-06-16 16:48 . 2009-06-16 16:48 107520 ----a-w- c:\documents and settings\UsEr\Application Data\Sun\Java\Deployment\cache\6.0\38\37c7a6a6-5ef041e3-n\avformat-52.dll
2009-06-10 12:05 . 2009-06-10 12:05 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-10 12:05 . 2008-04-21 19:25 -------- d-----w- c:\program files\Common Files\Real
2009-06-10 11:57 . 2006-07-11 15:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-02 23:05 . 2009-07-06 17:00 3524096 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\5EE7C0A0\D9A41735\FlashBack Recorder.exe
2009-06-02 23:03 . 2009-07-06 17:00 6824960 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\17CD7A6B\D9A41735\FlashBack Player.exe
2009-06-02 22:59 . 2009-07-06 17:00 84992 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\B708923F\3F343B0A\FlashBackInstall.dll
2009-06-02 22:01 . 2009-07-06 17:00 98304 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\7B709A09\AD52EFF7\FtpPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 90112 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\80FD0D87\AD52EFF7\FileCopyPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 200704 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\7AE3FABF\AD52EFF7\PublishConfigurator.dll
2009-06-02 22:01 . 2009-07-06 17:00 106496 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\EE0DA67B\AD52EFF7\YouTubePublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 106496 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\CC622F81\AD52EFF7\RevverPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\E3C06657\AD52EFF7\Blip.tv.Publisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\83CFD3BC\AD52EFF7\ViddlerPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 102400 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\2BCAD258\AD52EFF7\CoggnoPublisher.dll
2009-06-02 22:01 . 2009-07-06 17:00 147456 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\2192626E\AD52EFF7\DefConfig.exe
2009-05-30 20:07 . 2009-05-30 20:07 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH
2009-05-30 20:07 . 2009-05-30 20:07 -------- d-----w- c:\documents and settings\UsEr\Application Data\GRETECH
2009-05-30 20:06 . 2008-10-11 19:21 -------- d-----w- c:\program files\GRETECH
2009-05-21 15:44 . 2009-05-21 14:11 523384 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-21 14:42 . 2009-05-21 14:42 -------- d-----w- c:\documents and settings\UsEr\Application Data\Nseries
2009-05-21 14:31 . 2009-05-21 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-21 14:29 . 2009-05-21 14:29 -------- d-----w- c:\documents and settings\UsEr\Application Data\PC Suite
2009-05-21 14:28 . 2008-04-21 18:35 108056 ----a-w- c:\documents and settings\UsEr\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-21 14:26 . 2009-05-21 14:26 -------- d-----w- c:\documents and settings\UsEr\Application Data\Nokia
2009-05-21 14:25 . 2008-12-07 01:06 -------- d-----w- c:\program files\Nokia
2009-05-21 14:22 . 2009-05-21 14:22 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2009-05-21 14:22 . 2009-05-21 14:21 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-05-21 14:20 . 2008-12-07 01:06 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-21 14:17 . 2008-04-22 06:34 -------- d-----w- c:\program files\DIFX
2009-05-21 14:10 . 2009-05-21 14:10 -------- d-----w- c:\program files\MSBuild
2009-05-21 14:10 . 2009-05-21 14:10 -------- d-----w- c:\program files\Reference Assemblies
2009-05-21 08:33 . 2008-12-03 22:05 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-12 22:01 . 2009-07-06 17:00 655360 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\A7079B64\3F343B0A\Free FlashBack Player.exe
2009-05-11 05:39 . 2009-07-06 17:00 1455104 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\5C2DCAEF\3F343B0A\CheckForUpdate.dll
2009-04-29 22:16 . 2009-07-06 17:00 167936 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\10D184DA\3F343B0A\LogSysInstaller.dll
2009-04-29 22:13 . 2009-07-06 17:00 1077248 -c--a-w- c:\documents and settings\All Users\Application Data\{7B16A818-9A1A-40B1-985D-932C53E865B3}\OFFLINE\1C57B9C7\3F343B0A\LogSysServer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-25 8433664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-25 81920]
"AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2008-12-02 1257472]
"Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-03-19 197936]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-10 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-20 16132608]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-07-25 1626112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çںê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [12/10/2008 09:59 ص 728920]
R2 BandLuxe_Service;BandLuxe Service;c:\program files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [15/04/2008 12:26 م 85016]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [21/03/2009 12:33 ص 6852]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [06/07/2009 08:01 م 4096]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [19/09/2001 03:00 م 3584]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\drivers\br3gmdm.sys [16/05/2009 01:56 م 100096]
S3 hidshim;Service for HID-KMDF Shim layer;c:\windows\system32\drivers\hidshim.sys [11/10/2008 10:10 م 5632]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [07/12/2008 04:07 ص 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [07/12/2008 04:07 ص 8320]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [10/05/2009 08:21 م 194304]
S3 winbondhidcir;Winbond HID CIR Receiver;c:\windows\system32\drivers\winbondhidcir.sys [11/10/2008 10:10 م 21504]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-IDMan - c:\program files\Internet Download Manager\IDMan.exe
HKLM-Run-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
HKLM-Run-AzMixerSel - c:\program files\Realtek\InstallShield\AzMixerSel.exe
HKLM-Run-ATICCC - c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
HKLM-Run-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uStart Page = hxxp://www.google.com.sa/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://75.126.0.67/imscp/talkc38.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://74.222.158.28/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://76.76.24.74/sultan99/talks3n.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2009-07-17 04:43
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{185be91f-e627-4e99-8256-2cd88a0042de}]
@Denied: (Full) (Everyone)
"Model"=dword:00000003
"Therad"=dword:0000001c
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c0,37,e6,51,0e,9d,17,f1,d1,39,b7,c4,a5,c5,d6,30,05,eb,b1,33,83,
b7,8c,0a,bc,b3,85,35,3c,64,eb,2c,2b,2b,01,14,b3,a3,ec,ad,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):4f,30,04,64,1b,2e,56,e9,25,d8,d4,cf,dd,d0,af,56,64,94,95,ac,6e,
92,1d,78,9f,a0,17,df,b0,98,ab,c9,e1,49,a9,56,51,68,6f,82,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f208e3d8-f23f-43e9-9cc3-e7a069ec953b}]
@Denied: (Full) (Everyone)
"Model"=dword:000000c1
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,7a,e1,92,8f,76,59,78,53,1d,73,77,3a,75,23,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(620)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-17 4:46
ComboFix-quarantined-files.txt 2009-07-17 01:45
Pre-Run: 8,614,748,160 bytes free
Post-Run: 8,924,864,512 bytes free
244
تأييد
0
البارون
زيزوومى فضى
- إنضم
- 1 مارس 2008
- المشاركات
- 13,588
- مستوى التفاعل
- 506
- النقاط
- 920
غير متصل
حمل هذا الآداة
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
توقيع : البارون
تأييد
0
سوري تعبتك معي
هذا التقرير الجديد
Logfile of HijackThis v1.99.1
Scan saved at 05:19:13 ص, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\UsEr\سطح المكتب\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - Unknown owner - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe" -e (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
هذا التقرير الجديد
Logfile of HijackThis v1.99.1
Scan saved at 05:19:13 ص, on 17/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HiYo\bin\HiYo.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\UsEr\سطح المكتب\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - Unknown owner - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe" -e (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
تأييد
0
البارون
زيزوومى فضى
- إنضم
- 1 مارس 2008
- المشاركات
- 13,588
- مستوى التفاعل
- 506
- النقاط
- 920
غير متصل
احذف هالقيم
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
=====================================
استخدم هذه الاداة للتنظيف
بالاضافة الى حذف جميع التولبيرات من اضافة وازالة البرامج الموجودة في لوحه التحكم
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [Hiyo] C:\Program Files\HiYo\bin\HiYo.exe /RunFromStartup
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
=====================================
استخدم هذه الاداة للتنظيف
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
بالاضافة الى حذف جميع التولبيرات من اضافة وازالة البرامج الموجودة في لوحه التحكم
وبعدين
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
توقيع : البارون
تأييد
0