جهازي مهكر الحقوني

زهرة النسرين · 8 أكتوبر 2009

مرحبا
الأمس وانا جالسه على الجهاز حصل شي غريب في جهازي ان شخص يتحكم فيه وسرق ايميلي ودخل على جهازي وصار يكلمني ويقولي انا مخترق جهازك عن طريق برنامج :er: ابي حل كيف اتخلص منه
ساعدوني رحم الله والديكم
شو الحل برايكم كان يراقبني وحتى دخل المنتدى الي مشاركه فيه وغير كلمة المرور ونزل موضوع باسمي ناوي يخرب المنتدى :er:

عاشق الدمعة · 10 أكتوبر 2009

زهرة النسرين قال:
طيب راح اجرب الطريقه والله خربطوني :f:

ننتظرك اختي ،،

زهرة النسرين · 10 أكتوبر 2009

مافهمت هنا شو مطلوب ممكن شرح :f:

فارس الملاك · 10 أكتوبر 2009

اختي بارك الله فيك

ملف الهكر تم حذفه بالاداة القديمة

ولكن جهازك فيه فيورساااات كثيرة بعضها تم التخلص منها والبعض الاخر لازال موجود

وياليت تطبيق مشاركتي السابقة

ولا تنسي التقرير

عاشق الدمعة · 10 أكتوبر 2009

زهرة النسرين قال:
مافهمت هنا شو مطلوب ممكن شرح :f:

اختي وش اللي مافهمتيه ،، الطريقة واضحه وهي تكشف الباتش اذا كان محقون بالمتصفح

ياليت تجربين برنامج البتال وتبحثين عن المنافذ التي كتبتها ان وجدتيها قومي باغلاقها

زهرة النسرين · 11 أكتوبر 2009

عملت فحص
:u:
Malwarebytes' Anti-Malware 1.41
نسخة قاعدة البيانات: 2941
Windows 5.1.2600 Service Pack 2
11/10/2009 05:36:10 م
mbam-log-2009-10-11 (17-36-10).txt
نوع البحث: بحث شامل (C:\|D:\|)
تم فحص: 233061
الوقت المنقضى: 1 hour(s), 4 minute(s), 41 second(s)
عمليات الذاكرة المصابة: 0
وحدات الذاكرة المصابة: 0
مفاتيح التسجيل المصابة: 0
قيم التسجيل المصابة: 2
بيانات التسجيل المصابة: 0
مجلدات مصابة: 9
ملفات مصابة: 142
عمليات الذاكرة المصابة:
(لم يتم الكشف عن أية عناصر ضارة)
وحدات الذاكرة المصابة:
(لم يتم الكشف عن أية عناصر ضارة)
مفاتيح التسجيل المصابة:
(لم يتم الكشف عن أية عناصر ضارة)
قيم التسجيل المصابة:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.
بيانات التسجيل المصابة:
(لم يتم الكشف عن أية عناصر ضارة)
مجلدات مصابة:
C:\Program Files\Maximum Software (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Bug Doctor (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools (Hacktool.Passwords) -> Quarantined and deleted successfully.
ملفات مصابة:
C:\Documents and Settings\XPPRESP3\My Documents\Downloads\Compressed\MalwarebytesPortable.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\BugDoctorLiveUpdate.exe (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CFAFA9F8-1C94-49B2-A5CF-C48902881EAF}\RP46\A0047609.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\Bug Doctor Help.chm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\BugDoctor.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\error_list(fixed).log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\error_list.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\License.rtf (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\unins000.dat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\unins000.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\unins000.msg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\CLSID.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\FailUnlockDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\FixDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\FixItem.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\FixStatDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\FONT.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\HELP.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LicenseGraceDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LicenseGraceDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LINK.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LockedDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LockedDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LockedFailDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\LockedFailDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\PROGID.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\scan.swf (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanItem.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrorDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\ScanStatNoErrorDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\SHAREDFILE.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\SHAREDTOOLS.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\skin.ini (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\style.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\style.css (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockedDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockedDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockFailDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockFailDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockingDlg.bak (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\UnlockingDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\bg.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_cancel.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_fixerrors.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_ok.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_order_key.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_stop_scan.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\btn_unlock.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\html\img\progress_wheel.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_checked.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_disable_checked.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\advanced_rollover_checked.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\bug.swf (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\demo_advanced_pressed.GIF (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fixing_error-rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\fix_complete-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\LiveUpdate_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_disable.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_enable.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_pressed.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\main_roll_over.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\mask12.bmp (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\saMasterCertificate.jpg (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan.swf (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scancomplete.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scanning_error-rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\scan_complete-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\schedule_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\skin.ini (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainDisable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainNormal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainPressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\SubMainRollOver.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\UnlockingDlg.htm (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\unlock_key-roll_over.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\orig\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_disable.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_normal.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_pressed.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Maximum Software\Bug Doctor\SKIN\v2\support_rollover.gif (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Bug Doctor\Bug Doctor Help.lnk (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Bug Doctor\Bug Doctor.lnk (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Bug Doctor\Uninstall Bug Doctor.lnk (Rogue.BugDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\ChromePass.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\ChromePass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\CMD.bat (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\Dialupass.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\Dialupass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\FormsLogger.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\IEPass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\iepv.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\mspass.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\mspass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\PasswordFox.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\PasswordFox.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\pspv.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\RDPPass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\rdpv.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\Red Me!.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\VNCPass.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\VNCPassView.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\WirelessKey.txt (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\XPPRESP3\PassTools\WirelessKeyView.exe (Hacktool.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\SYSTEM\Application Data\tazebama\zPharaoh.dat (Worm.Mabezat) -> Quarantined and deleted successfully.
C:\Documents and Settings\tazebama.dll (Worm.Mabezat) -> Quarantined and deleted successfully.

فارس الملاك · 11 أكتوبر 2009

الحمد لله تخلصنا من ملفات ضارة كثيرة

الان لا هنتي فحصي جهازك بالبرنامج هذا

أختي حملي هذا البرنامج ودبل كليك بتطلع لك شاشة سوداء للفحص اتركيها الى ان تنغلق من تلقاء نفسها

وبعدين دخلي على السي وبتشوفين ملف اسمه noor_mcafee

رفعيه لنا

تحميل برنامج المكافي
فحص جميع ملفات الجهاز عن الفيروسات بجميع أنواعها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

زهرة النسرين · 11 نوفمبر 2009

مرحبا سوري على التاخير وعدم الرد لان الفتره الي راحت ماكان عندي نت
لسه الجهاز في مشاكل وبعض البرامج ماتفتح عندي
تطلع معي هذي الرساله

زهرة النسرين · 11 نوفمبر 2009

حملت اداه وعملت له فحص وهذا الي طلع عندي:?:
Download Link #1:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

فارس الملاك · 11 نوفمبر 2009

اختي الصورة مو ظاهره

أختي حملي هذا البرنامج ودبل كليك بتطلع لك شاشة سوداء للفحص اتركيها الى ان تنغلق من تلقاء نفسها

وبعدين دخلي على السي وبتشوفين ملف اسمه noor_mcafee

رفعيه لنا

تحميل برنامج المكافي
فحص جميع ملفات الجهاز عن الفيروسات بجميع أنواعها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

زهرة النسرين · 11 نوفمبر 2009

نتيجة الفحص

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

زهرة النسرين · 11 نوفمبر 2009

وانا اعمل فحص طلع لي مسج ادخل pack2 لحماية الملفات شو يعني :f:

زهرة النسرين · 11 نوفمبر 2009

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

زهرة النسرين · 12 نوفمبر 2009

وينكم
؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

فارس الملاك · 12 نوفمبر 2009

اختي جهازك كان مصاب بدودة
W32/Mabezat

والمكافي حذفها

الان ركبي الكاسبر وافحصي جهازك كامل

هل يوجد لديك اسطوانة وندوز ؟

ولا تنسى تسوين تقرير هايجاك

زهرة النسرين · 12 نوفمبر 2009

ماعندي اسطوانة ويندز:no:

فارس الملاك · 12 نوفمبر 2009

طيب حاليا ركبي الكاسبر واعملي فحص شامل للجهاز

زهرة النسرين · 13 نوفمبر 2009

حاولت اثيت الكاسبر ماثبت عندي عملت تقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:21:43 م, on 13/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Documents and Settings\tazebama.dl_
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WebUpdateSvc4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\XoftSpySE6\XoftSpySE.exe
C:\WINDOWS\sbnet\ShowBehind.exe
C:\Program Files\Registry Fast\RegFast.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\XPPRESP3\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [XoftSpySE] "C:\Program Files\XoftSpySE6\XoftSpySE.exe" -NM -hidesplash
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ShowBehind] C:\WINDOWS\sbnet\ShowBehind.exe
O4 - HKLM\..\Run: [RegFast.exe] C:\Program Files\Registry Fast\RegFast.exe
O4 - HKLM\..\Run: [Grey pop cake audio] C:\Documents and Settings\All Users\Application Data\Part Hide Grey Pop\More Frag.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\XPPRESP3\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Dumb Meet] C:\DOCUME~1\XPPRESP3\APPLIC~1\FIRSTD~1\cdrom bold option.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\XPPRESP3\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (Confirmation) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E24062F1-87BC-4EE5-9450-FCE06620F92B}: NameServer = 4.2.2.3,208.67.222.222
O23 - Service: cisvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: خدمة تحديث Google (gupdate1c9bc22c4939acc) (gupdate1c9bc22c4939acc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\system32\WebUpdateSvc4.exe
O23 - Service: XoftSpyService - ParetoLogic Inc. - C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe
--
End of file - 10252 bytes

زهرة النسرين · 13 نوفمبر 2009

حاولت اثيت الكاسبر ماثبت عندي عملت تقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:21:43 م, on 13/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16915)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Documents and Settings\tazebama.dl_
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WebUpdateSvc4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\XoftSpySE6\XoftSpySE.exe
C:\WINDOWS\sbnet\ShowBehind.exe
C:\Program Files\Registry Fast\RegFast.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\XPPRESP3\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CAPRPCSK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:9666
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [XoftSpySE] "C:\Program Files\XoftSpySE6\XoftSpySE.exe" -NM -hidesplash
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ShowBehind] C:\WINDOWS\sbnet\ShowBehind.exe
O4 - HKLM\..\Run: [RegFast.exe] C:\Program Files\Registry Fast\RegFast.exe
O4 - HKLM\..\Run: [Grey pop cake audio] C:\Documents and Settings\All Users\Application Data\Part Hide Grey Pop\More Frag.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\XPPRESP3\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Dumb Meet] C:\DOCUME~1\XPPRESP3\APPLIC~1\FIRSTD~1\cdrom bold option.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\XPPRESP3\Application Data\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (Confirmation) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{E24062F1-87BC-4EE5-9450-FCE06620F92B}: NameServer = 4.2.2.3,208.67.222.222
O23 - Service: cisvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: خدمة تحديث Google (gupdate1c9bc22c4939acc) (gupdate1c9bc22c4939acc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Web Update Wizard Service V4 (WebUpdate4) - Data Perceptions / PowerProgrammer - C:\WINDOWS\system32\WebUpdateSvc4.exe
O23 - Service: XoftSpyService - ParetoLogic Inc. - C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe
--
End of file - 10252 bytes

زهرة النسرين · 13 نوفمبر 2009

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

زهرة النسرين · 13 نوفمبر 2009

:?: وينكم

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومى محترف

توقيع : فارس الملاك

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد