|
Hijack & combofix أتمنا فحصهم لي السلام عليكم ورحمة الله وبركاته أنا فرمة الجهاز أمس بسبب كثرة مشاكلة وبعد مانصبة الكثير من البرامج أتمنا أن تقرؤوا هذان التقريران وتخبروني بالأخطاء عشان أسويلها fix وأكون شاكرا لكم التقريران الهاجيك أولا ومن بعده الكمبو فيكسالكمبو فيكس أولا ومن بعده الهاجيك للعلم سويت الكبو فيكس ومن بعده الهاجيك على ماأظن كذا أحسن *************************الكمبو فيكس************************** ComboFix 10-02-24.03 - (تم حذف اسم المستخدم) 02/25/2010 18:15:19.1.2) - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.332 [GMT 3:00] Running from: c:\documents and settings\(تم حذف اسم المستخدم)\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))) ))))))))) . c:\program files\Error Repair Professional D:\Uninstall.exe D:\WinRAR.exe F:\Uninstall.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))) ))))))))) . -------\Legacy_ASC3360PR -------\Service_asc3360pr ((((((((((((((((((((((((( Files Created from 2010-01-25 to 2010-02-25 ))))))))))))))))))))))))))))))) . 2010-02-25 14:21 . 2009-12-21 19:14 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2010-02-25 14:21 . 2009-12-21 19:14 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2010-02-25 14:21 . 2009-12-21 19:14 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.d ll 2010-02-25 14:21 . 2009-12-21 19:14 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2010-02-25 14:21 . 2009-12-21 19:14 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dl l 2010-02-25 14:21 . 2009-12-21 19:14 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll 2010-02-25 14:00 . 2010-02-25 15:00 -------- d-----w- c:\windows\ie8updates 2010-02-25 13:17 . 2009-08-06 16:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-02-25 10:35 . 2010-02-25 10:35 -------- d-----w- c:\program files\Trend Micro 2010-02-25 08:51 . 2010-02-25 08:51 -------- d-sh--w- c:\documents and settings\asama5\IECompatCache 2010-02-25 08:19 . 2010-02-25 08:19 -------- d-sh--w- c:\documents and settings\asama5\PrivacIE 2010-02-25 08:17 . 2004-08-03 22:56 221184 ----a-w- c:\windows\system32\wmpns.dll 2010-02-25 08:15 . 2010-02-25 08:15 -------- d-sh--w- c:\documents and settings\asama5\IETldCache 2010-02-25 08:09 . 2010-02-25 08:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus! 2010-02-25 04:44 . 2010-02-25 04:46 -------- dc-h--w- c:\windows\ie8 2010-02-25 03:56 . 2010-02-25 03:56 403456 ----a-w- c:\documents and settings\asama5\Application Data\2rulesoftware\bib itch gram.exe 2010-02-25 03:56 . 2010-02-25 03:56 356352 ----a-w- c:\documents and settings\asama5\Application Data\2rulesoftware\boobdentsupportdvd.ex e 2010-02-25 03:55 . 2010-02-25 03:55 878592 ----a-w- c:\documents and settings\All Users\Application Data\Memo save stupid creative\pop byte.exe 2010-02-25 03:55 . 2010-02-25 03:55 873984 ----a-w- c:\documents and settings\asama5\Application Data\2rulesoftware\aikfkskr.exe 2010-02-25 03:55 . 2010-02-25 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Memo save stupid creative 2010-02-25 03:53 . 2010-02-25 03:56 -------- d-----w- c:\documents and settings\asama5\Application Data\2rulesoftware 2010-02-25 03:53 . 2010-02-25 03:53 -------- d-----w- c:\program files\2rulesoftware 2010-02-25 03:53 . 2010-02-25 03:53 528384 ----a-w- c:\documents and settings\asama5\Application Data\2rulesoftware\Meow Bags.exe 2010-02-25 03:53 . 2010-02-25 03:53 -------- d-----w- c:\program files\Crcle Developement 2010-02-25 03:53 . 2010-02-25 04:35 -------- d-----w- c:\program files\Messenger Plus! Live 2010-02-24 23:51 . 2010-02-24 23:51 -------- d-----w- c:\windows\ServicePackFiles 2010-02-24 23:49 . 2010-02-25 15:20 -------- d-----w- c:\documents and settings\asama5\Tracing 2010-02-24 22:49 . 2010-02-24 22:49 -------- d-----w- c:\program files\Microsoft 2010-02-24 22:48 . 2010-02-24 22:48 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-02-24 22:48 . 2010-02-24 22:49 -------- d-----w- c:\program files\Windows Live 2010-02-24 22:05 . 2010-02-24 22:05 -------- d-----w- c:\program files\Common Files\Windows Live 2010-02-24 20:17 . 2009-08-04 13:58 2136064 -c----w- c:\windows\system32\dllcache\ntkrnlmp.ex e 2010-02-24 20:17 . 2009-08-04 14:00 2180352 -c----w- c:\windows\system32\dllcache\ntoskrnl.ex e 2010-02-24 20:17 . 2009-08-04 13:13 2015744 -c----w- c:\windows\system32\dllcache\ntkrpamp.ex e 2010-02-24 20:17 . 2009-08-04 13:13 2057728 -c----w- c:\windows\system32\dllcache\ntkrnlpa.ex e 2010-02-24 20:00 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-02-24 20:00 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys 2010-02-24 19:12 . 2009-12-04 14:41 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-02-24 18:31 . 2010-02-24 18:31 -------- d-sh--w- c:\documents and settings\asama5\UserData 2010-02-24 17:00 . 2009-01-07 15:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2010-02-24 16:15 . 2001-08-23 15:00 57398 -c--a-w- c:\windows\system32\dllcache\imjpdadm.ex e 2010-02-24 16:15 . 2001-08-23 15:00 45109 -c--a-w- c:\windows\system32\dllcache\imjpuex.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))) )))))))))))) . 2010-02-25 15:20 . 2010-02-24 15:07 -------- d-----w- c:\documents and settings\asama5\Application Data\DMCache 2010-02-25 14:55 . 2010-02-24 13:26 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache \index.dat 2010-02-24 23:49 . 2010-02-24 15:12 34032 ----a-w- c:\documents and settings\asama5\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-02-24 19:23 . 2010-02-24 15:08 -------- d-----w- c:\documents and settings\asama5\Application Data\IDM 2010-02-24 15:33 . 2010-02-24 15:34 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-02-24 15:33 . 2010-02-24 15:33 -------- d-----w- c:\program files\Java 2010-02-24 15:33 . 2010-02-24 15:33 152576 ----a-w- c:\documents and settings\asama5\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-02-24 15:21 . 2010-02-24 15:21 198064 ----a-w- c:\documents and settings\asama5\Application Data\IDM\idmmzcc3\components\idmmzcc.dll 2010-02-24 15:21 . 2010-02-24 15:14 3223968 ----a-w- c:\documents and settings\asama5\Application Data\IDM\idmupdt.exe 2010-02-24 15:16 . 2010-02-24 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit 2010-02-24 15:15 . 2010-02-24 15:15 -------- d-----w- c:\documents and settings\asama5\Application Data\IObit 2010-02-24 15:09 . 2010-02-24 15:09 79488 ----a-w- c:\documents and settings\asama5\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-02-24 15:07 . 2010-02-24 15:07 -------- d-----w- c:\program files\Common Files\xing shared 2010-02-24 15:07 . 2010-02-24 15:07 -------- d-----w- c:\program files\Common Files\Real 2010-02-24 15:07 . 2010-02-24 15:07 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-02-24 15:07 . 2010-02-24 15:07 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-02-24 15:07 . 2010-02-24 15:07 -------- d-----w- c:\program files\Real 2010-02-24 15:01 . 2010-02-24 15:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-24 15:01 . 2010-02-24 15:01 -------- d-----w- c:\program files\Analog Devices 2010-02-24 15:00 . 2010-02-24 15:00 -------- d-----w- c:\program files\Common Files\InstallShield 2010-02-24 15:00 . 2010-02-24 15:00 -------- d-----w- c:\program files\Intel Desktop Board Audio Driver 2010-02-24 13:27 . 2010-02-24 13:27 -------- d-----w- c:\program files\microsoft frontpage 2010-02-24 13:24 . 2010-02-24 13:24 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-21 19:14 . 2004-08-03 22:56 916480 ----a-w- c:\windows\system32\wininet.dll 2009-12-16 12:58 . 2010-02-24 13:23 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 07:35 . 2004-08-03 22:56 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-04 14:41 . 2004-08-03 21:15 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2009-11-27 17:33 . 2004-08-04 00:56 17920 ----a-w- c:\windows\system32\msyuv.dll 2009-11-27 17:33 . 2004-08-03 22:56 1291264 ----a-w- c:\windows\system32\quartz.dll 2009-11-27 16:37 . 2004-08-04 00:56 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2009-11-27 16:37 . 2004-08-03 22:56 11264 ----a-w- c:\windows\system32\msrle32.dll 2009-11-27 16:37 . 2004-08-03 22:56 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-11-27 16:37 . 2001-08-23 15:00 28672 ----a-w- c:\windows\system32\msvidc32.dll 2009-11-27 16:37 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))) )))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Win dows\CurrentVersion\Run] "IDMan"="F:\IDMan.exe" [2010-01-25 3253680] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3957584] "filmbook"="c:\docume~1\asama5\APPLIC~1\ 2RULES~1\Meow Bags.exe" [2010-02-25 528384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi ndows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJ PMIG.EXE" [2004-08-03 208952] "PHIME2002ASync"="c:\windows\system32\IM E\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168] "PHIME2002A"="c:\windows\system32\IME\TI NTLGNT\TINTSETP.EXE" [2004-08-03 455168] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-24 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-02-24 149280] "stupid creative poll axis"="c:\documents and settings\All Users\Application Data\Memo save stupid creative\pop byte.exe" [2010-02-25 878592] [HKEY_USERS\.DEFAULT\Software\Microsoft\W indows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON .EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\software\microsoft\wi ndows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile\Authorize dApplications\List] "%windir%\\system32\\sessmgr.exe"= "d:\\wrar390.exe"= "c:\\WINDOWS\\system32\\wscntfy.exe" = "f:\\IE8-WindowsXP-x86-ENU.exe"= "f:\\IDMan.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe"= "c:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Memo save stupid creative\\pop byte.exe"= "c:\\WINDOWS\\system32\\wuauclt.exe" = --- Other Services/Drivers In Memory --- *NewlyCreated* - ASC3360PR . Contents of the 'Scheduled Tasks' folder 2010-02-25 c:\windows\Tasks\ACD82B56918BDE02.job - c:\docume~1\asama5\applic~1\2rules~1\bib itch gram.exe [2010-02-25 03:56] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: Download all links with IDM - F:\IEGetAll.htm IE: Download FLV video content with IDM - F:\IEGetVL.htm IE: Download with IDM - F:\IEExt.htm . - - - - ORPHANS REMOVED - - - - AddRemove-Internet Download Manager - F:\Uninstall.exe **************************************** ********************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-25 18:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 **************************************** ********************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3524) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\wscntfy.exe F:\IEMonitor.exe . **************************************** ********************************** . Completion time: 2010-02-25 18:22:37 - machine was rebooted ComboFix-quarantined-files.txt 2010-02-25 15:22 Pre-Run: 15,095,021,568 bytes free Post-Run: 15,412,072,448 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe - - End Of File - - AA05871254BBF5DEDEA921BA9D6F25F4 **************************************** ******************* *************************الهاجيك******** ********************* Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:27:15 PM, on 2/25/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe F:\IDMan.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wscntfy.exe F:\IEMonitor.exe C:\WINDOWS\explorer.exe C:\DOCUME~1\asama5\LOCALS~1\Temp\winrmrh bw.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\IDMIECC.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplu gin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_pl ugin.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSET P.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSET P.EXE /IMEName O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\pop byte.exe O4 - HKCU\..\Run: [IDMan] F:\IDMan.exe /onboot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [filmbook] C:\DOCUME~1\asama5\APPLIC~1\2RULES~1\Meo w Bags.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Download all links with IDM - F:\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - F:\IEGetVL.htm O8 - Extra context menu item: Download with IDM - F:\IEExt.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1267036693968 O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 4498 bytes **************************************** ************************ **************************************** ************************ **************************************** ************************ آسف لو تعبتكم معي أنا سويت scan للجهاز من برنامج اسمه advance system care وطلعلي تقرير يمكن تشوفوه يمكن يطلع فيه أخطاء بعد تفضلوا تقرير برنامج care ولاحظة إنه نسخة طبق الأصل من الهاجيك بس يمكن يفيدنا التقرير **************************************** Logfile of Advanced SystemCare 3 Security Analyzer Scan saved at 7:36:25 PM, on 2/25/2010 Platform: Windows XP (WinNT 5.1) MSIE: Internet Explorer v8.0 (8.0.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe F:\IEMonitor.exe D:\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\IDMIECC.dll O2 - BHO: IDM Helper - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplu gin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_pl ugin.dll O4 - HKCU\..\Run: [IDMan] F:\IDMan.exe /onboot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [filmbook] C:\DOCUME~1\asama5\APPLIC~1\2RULES~1\Meo w Bags.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSET P.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSET P.EXE /IMEName O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [stupid creative poll axis] C:\Documents and Settings\All Users\Application Data\Memo save stupid creative\pop byte.exe O8 - Extra context menu item: Download all links with IDM - F:\IEGetAll.htm O8 - Extra context menu item: Download FLV video content with IDM - F:\IEGetVL.htm O8 - Extra context menu item: Download with IDM - F:\IEExt.htm O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1267036693968 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe **************************************** **************************************** ******** آسف غلبتكم وطولة عليكم لكم تحياتي أتمنا لكم التوفيق |
| الساعة الآن 03:14 AM |
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.5.2 TranZ By
Almuhajir