أكبر مشكله فيروسات لا يوجد من وجد لها حل ممكن نحاول يمكن نكتشف تعريف كامل بالمشكله !!!

oMaR4eVeR · 27 يوليو 2008

السلام عليكم

فى البدايه ارجو من الأخ
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عدم اغلاق الموضوع

لان هذة المواضيع لا علاقه لها بحل المشكله ولكنها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

أنقر للتوسيع...

لكاسبرسكاي الأنذار الكاذب ومنتدايا لا يوجد به انذار كاذب

وايضا جيران والأكواد ولا حل لها ولكن رد من شركه

فأرجو اتاحته الفرصة للأعضاء الأخرين الذين لديهم خبرة فى حل الموضوع

اولا انا اعانى من الفيروسات منذ فترة تتعدى سنتين

بس الحمد لله بلاقى حلول لهم وبحاول

لكن الفيرس دة اللى حيرنى مش عارف له حل

اولا الفيرس عبارة عن كود يضاف فى الأندكس الرئيسيه للمنتدى

السؤال :
تروجان غريب عجيب . . يغزو المواقع وصفحات الHTML وماشابهها تحديدا ً
ويدس كود إعلاني لفتح نوافذ في آخر كود الصفحة . . وايضا كود لوقوف الموقع
ويوجد منه أشكال كثييييييرة لا تحصى ولا تعد

مما أعطاه تصنيف : TrojanClicker
في موقع viruslist

حاولت أن أعرف أسبابه ، وطريقة العلاج منه بطريقة عملية صحيحة

لكني كنت ببساطة
أقول باستبدال الصفحات المصابة بصفحات أخرى
ويعمل الموقع بسلام . .

وعلى هذا الحال مرتين باليوم يعنى مووووووت

باستثناء موقعي !!
فكل ما أقوم باستبدال الصفحة الرئيسية تظهر ما تلبث إلا أن تعود
قمت بتحميل صفحات الموقع كاملة على جهازي لأفحص الخلل
فلم أجد مشكلة .

وايضا المنتدى يضاف فيه كود وصفحة 404.shtml

وحتى الأن مش عارف اعمل ايه

ومشكله اخرى ايضا

وايضا احيانا يظهر لي فيرس يتنهى ب day.js

الأنتي فيرس المستخدم

Kasperssky Internet Security 8

2009
With Key & Latest Update

وصورة من موصفات جهازى

وتم التعامل مع
Opera & internet Explorer & Fire fox

نفس المشكله

وفى جهازى غالق ال System Restore

احد الحلول ....

إستعمال متصفح الأنترنت فايرفوكس مع الملحق (NoScript) وإسمح لما تثق فيه من المواقع مؤقتاً بتنفيذ نصوصه البرمجية.

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ولكنوا حل مؤقت ومزعق للغايه ...
ولا يفلح مع مشكله منتدايا ....

ودة التقرير الخاص ب
hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:48:08 PM, on 7/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
E:\Games\HolY Games\Hoyle Board Games 2001\Hoyle Board Games.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mohsen sharaf\Desktop\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Omar4eVeR Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.Masrawy.com
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA ~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER ~1\KASPER~1\adialhk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5469 bytes

AbOdy · 27 يوليو 2008

لا حول ولا قوة الا بالله

اخوي اعمل التالي لاهنت خلينا نشوف حل مشكلتك

وقف استعادة النظام ثم شغلها

ثم

حمل هذه الاداة ,,
واتبع الشرح التالي ,, لتنظيف جهازك من الفيروسات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,

رابط الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شرح الاستخدام ,,,,,,

ولحفظ التقرير اعمل التالي ,,

ثم

==============

(1)

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم

وان شاء الله ما يصير خاطرك الا طيب

oMaR4eVeR · 28 يوليو 2008

اخى ممكن ترى هذا المقال

ممكن يفيدنا بس مش فاهم الحل اوى ياريت تحاول تفهموا ولو فعلا صحيح يبقى

المشكله اتحلت للجميع

تم التحرير :: AbOdy

وجارى العمل بالخطوات اللى قوتلى عليها ..........

AbOdy · 28 يوليو 2008

اخوي لاهنت اطلع على قوانين المنتدى

الروابط للمواقع اخرى او منتديات اخرى ممنوع بارك الله فيك

-----------------------------------------------------------

بالأنتظار لما طلبت لك !!

oMaR4eVeR · 31 يوليو 2008

السلام عليكم تم عمل الأسكان والتقارير حسب ما طلبت منى

اولا حسب الترتيب تقرير OnDemandScanLog

29/07/2008 12:33:10 ص Engine version =5200.2160
29/07/2008 12:33:10 ص AntiVirus DAT version =5242.0000
29/07/2008 12:33:10 ص Number of detection signatures in EXTRA.DAT =None
29/07/2008 12:33:10 ص Names of detection signatures in EXTRA.DAT =None
29/07/2008 12:32:59 ص Scan Started ITALIANO\mohsen sharaf On-Demand Scan
29/07/2008 12:36:00 ص Not scanned (The file is encrypted) mohsen sharaf c:\Documents and Settings\mohsen sharaf\Application Data\IDM\DwnlData\mohsen sharaf\wanted.r5.part1_28\wanted.r5.part1.rar\WANTED.R5.RMVB
29/07/2008 12:59:13 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\ChaosLegionmazika2day.rar\CHAOS LEGION.MAZIKA2DAY.COM BY.MIDOSTAR.ZIP\6.BMP
29/07/2008 12:59:13 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part1.rar\BATTLEFIELD 2 ARMORED FURY [PCCD][MULTILANGUAGE][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

29/07/2008 12:59:13 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part2.rar\G.BMP
30/07/2008 03:48:32 ص Engine version =5200.2160
30/07/2008 03:48:32 ص AntiVirus DAT version =5242.0000
30/07/2008 03:48:32 ص Number of detection signatures in EXTRA.DAT =None
30/07/2008 03:48:32 ص Names of detection signatures in EXTRA.DAT =None
30/07/2008 03:48:20 ص Scan Started ITALIANO\mohsen sharaf On-Demand Scan
30/07/2008 03:48:55 ص Deleted mohsen sharaf c:\documents and settings\mohsen sharaf\s\mohsen_sharaf@real[1].txt\00000000.ie -Real(Potentially Unwanted Program)
30/07/2008 03:48:57 ص Deleted mohsen sharaf c:\documents and settings\mohsen sharaf\s\mohsen_sharaf@real[1].txt\00000000.ie -Real(Potentially Unwanted Program)
30/07/2008 03:48:57 ص Deleted mohsen sharaf c:\documents and settings\mohsen sharaf\s\mohsen_sharaf@real[1].txt\00000000.ie -Real(Potentially Unwanted Program)
30/07/2008 03:48:57 ص Deleted mohsen sharaf c:\documents and settings\mohsen sharaf\s\mohsen_sharaf@real[1].txt\00000000.ie -Real(Potentially Unwanted Program)
30/07/2008 03:48:57 ص Deleted mohsen sharaf c:\documents and settings\mohsen sharaf\s\mohsen_sharaf@uk.real[1].txt\00000000.ie -Real(Potentially Unwanted Program)
30/07/2008 03:51:19 ص Not scanned (The file is encrypted) mohsen sharaf c:\Documents and Settings\mohsen sharaf\Application Data\IDM\DwnlData\mohsen sharaf\wanted.r5.part1_28\wanted.r5.part1.rar\WANTED.R5.RMVB
30/07/2008 04:10:55 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\ChaosLegionmazika2day.rar\CHAOS LEGION.MAZIKA2DAY.COM BY.MIDOSTAR.ZIP\6.BMP
30/07/2008 04:10:56 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part1.rar\BATTLEFIELD 2 ARMORED FURY [PCCD][MULTILANGUAGE][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

30/07/2008 04:10:56 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part2.rar\G.BMP
30/07/2008 04:14:31 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part1.rar\KPS.FACES.OF.WAR.MULTI5.EXE
30/07/2008 04:14:31 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part4.rar\RWA2AN FORUMS.URL
30/07/2008 04:14:42 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\midnight\ArablionZ.com-Midnight.II.Ripped.part3.rar\MC2.C54\DATA2.UHA
30/07/2008 04:14:52 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part1.rar\WOV.C02\BLH.TXT
30/07/2008 04:14:53 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part2.rar\WOV.C20\DATA2.UHA
30/07/2008 04:29:07 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C23\DVNPAK4.DVN
30/07/2008 04:29:07 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C40\DVNPAK2.DVN
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C53\DVNPAK3.DVN
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C54\DTRSETUP.EXE
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C55\SC01_06C.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C56\SC02_17.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C57\SC02_21.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C58\SC03_02.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C59\SC05_03.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C60\SC07_13.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C61\SC09_10.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C62\SC11_14.OGG
30/07/2008 04:29:08 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C63\SC13_11.OGG
30/07/2008 04:32:28 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Driv3r\Driv3r-The Game.rar\FOVDRV3R.C26\MAIN.EXE
30/07/2008 04:32:33 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\IronMan\IronMan.zip\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IRON.MAN.ZIP\DESKTOP.INI
30/07/2008 04:34:33 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part1.rar\TTHIF3.C03\TECMORE.UHA
30/07/2008 04:34:33 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part2.rar\TTHIF3.C21\TECMAIN.UHA
30/07/2008 04:34:34 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part3.rar\TTHIF3.C48\TECWAV.UHA
30/07/2008 04:34:45 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part2.rar\RITUEL.C22\RITDATA1.UHA
30/07/2008 04:34:46 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part3.rar\RITUEL.C41\RITDATA2.UHA
30/07/2008 04:40:50 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c00\TECDATA.UHA
30/07/2008 04:40:50 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c13\TECGMS.UHA
30/07/2008 04:40:50 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c14\TECMISC0.UHA
30/07/2008 04:40:51 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c15\TECMAIN.UHA
30/07/2008 04:40:51 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c16\TECMISC1.UHA
30/07/2008 04:40:51 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c20\TECSND2.UHA
30/07/2008 04:40:52 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c35\TECSND0.UHA
30/07/2008 04:40:52 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c48\TECSND1.UHA
30/07/2008 04:51:04 ص Not scanned (The file is encrypted) mohsen sharaf g:\Setup\4Passwords\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

30/07/2008 04:51:31 ص Not scanned (The file is encrypted) mohsen sharaf g:\Setup\ALL RECOVER\Data_Recovery_Program.rar\RECOVERY.EXE\AUTORUN.CDD\_DETECT.DAT
30/07/2008 04:51:45 ص Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\avg75free_484a1100.exe\SETUP.DAT
30/07/2008 04:51:48 ص Deleted mohsen sharaf G:\SETUP\ANTI\ANTI VIRUS PROGRAMS\RG_SECURITY.ZIP W32/Generic.e(Virus)
30/07/2008 11:10:23 ص Engine version =5200.2160
30/07/2008 11:10:23 ص AntiVirus DAT version =5242.0000
30/07/2008 11:10:23 ص Number of detection signatures in EXTRA.DAT =None
30/07/2008 11:10:23 ص Names of detection signatures in EXTRA.DAT =None
30/07/2008 11:10:12 ص Scan Started ITALIANO\mohsen sharaf On-Demand Scan
30/07/2008 11:14:01 ص Not scanned (The file is encrypted) mohsen sharaf c:\Documents and Settings\mohsen sharaf\Application Data\IDM\DwnlData\mohsen sharaf\hossam-habeb_gowa_ela_lb_www_38\hossam-habeb_gowa_ela_lb_www.m\DESKTOP.INI
30/07/2008 11:14:40 ص Deleted mohsen sharaf C:\DOCUMENTS AND SETTINGS\MOHSEN SHARAF\MY DOCUMENTS\DOWNLOADS\PROGRAMS\COMBOFIX_3.EXE RemAdm-ProcLaunch!171(Remote Admin Tool)
30/07/2008 12:25:40 م No Action Taken (Clean failed) mohsen sharaf c:\Documents and Settings\mohsen sharaf\My Documents\Downloads\Programs\ComboFix_3.exe\PSEXEC.CFEXE RemAdm-ProcLaunch!171(Remote Admin Tool)
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Scan Summary
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Processes scanned : 29
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Processes detected : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Processes cleaned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Boot sectors scanned : 5
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Boot sectors detected: 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Boot sectors cleaned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Files scanned : 2832
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Files with detections: 1
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf File detections : 2
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Files cleaned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Files deleted : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Files not scanned : 14
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Scan Summary (Registry Scanning)
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Keys scanned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Keys detected : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Keys cleaned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Keys deleted : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Scan Summary ( Scanning)
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf s scanned : 21
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf s detected : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf s cleaned : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf s deleted : 0
30/07/2008 12:25:41 م Scan Summary ITALIANO\mohsen sharaf Run time : 1:15:29
30/07/2008 12:25:41 م Scan Terminated ITALIANO\mohsen sharaf On-Demand Scan

30/07/2008 12:27:31 م Engine version =5200.2160
30/07/2008 12:27:31 م AntiVirus DAT version =5242.0000
30/07/2008 12:27:31 م Number of detection signatures in EXTRA.DAT =None
30/07/2008 12:27:31 م Names of detection signatures in EXTRA.DAT =None
30/07/2008 12:27:16 م Scan Started ITALIANO\mohsen sharaf On-Demand Scan
30/07/2008 12:53:42 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\ChaosLegionmazika2day.rar\CHAOS LEGION.MAZIKA2DAY.COM BY.MIDOSTAR.ZIP\6.BMP
30/07/2008 12:53:46 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part1.rar\BATTLEFIELD 2 ARMORED FURY [PCCD][MULTILANGUAGE][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

30/07/2008 12:53:46 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part2.rar\G.BMP
30/07/2008 12:58:22 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part1.rar\KPS.FACES.OF.WAR.MULTI5.EXE
30/07/2008 12:58:24 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part4.rar\RWA2AN FORUMS.URL
30/07/2008 12:58:48 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\midnight\ArablionZ.com-Midnight.II.Ripped.part3.rar\MC2.C54\DATA2.UHA
30/07/2008 12:59:07 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part1.rar\WOV.C02\BLH.TXT
30/07/2008 12:59:08 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part2.rar\WOV.C20\DATA2.UHA
30/07/2008 01:57:09 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C23\DVNPAK4.DVN
30/07/2008 01:57:14 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C40\DVNPAK2.DVN
30/07/2008 01:57:17 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C53\DVNPAK3.DVN
30/07/2008 01:57:21 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C54\DTRSETUP.EXE
30/07/2008 01:57:25 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C55\SC01_06C.OGG
30/07/2008 01:57:28 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C56\SC02_17.OGG
30/07/2008 01:57:30 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C57\SC02_21.OGG
30/07/2008 01:57:32 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C58\SC03_02.OGG
30/07/2008 01:57:36 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C59\SC05_03.OGG
30/07/2008 01:57:39 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C60\SC07_13.OGG
30/07/2008 01:57:39 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C61\SC09_10.OGG
30/07/2008 01:57:39 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C62\SC11_14.OGG
30/07/2008 01:57:39 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C63\SC13_11.OGG
30/07/2008 02:03:44 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Driv3r\Driv3r-The Game.rar\FOVDRV3R.C26\MAIN.EXE
30/07/2008 02:03:49 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\IronMan\IronMan.zip\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IRON.MAN.ZIP\DESKTOP.INI
30/07/2008 02:06:16 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part1.rar\TTHIF3.C03\TECMORE.UHA
30/07/2008 02:06:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part2.rar\TTHIF3.C21\TECMAIN.UHA
30/07/2008 02:06:28 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part3.rar\TTHIF3.C48\TECWAV.UHA
30/07/2008 02:06:44 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part2.rar\RITUEL.C22\RITDATA1.UHA
30/07/2008 02:06:44 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part3.rar\RITUEL.C41\RITDATA2.UHA
30/07/2008 02:10:05 م Deleted mohsen sharaf G:\COMBOFIX_3.ZIP RemAdm-ProcLaunch!171(Remote Admin Tool)
30/07/2008 02:17:44 م No Action Taken (Clean failed) mohsen sharaf g:\ComboFix_3.zip\COMBOFIX_3.EXE\PSEXEC.CFEXE RemAdm-ProcLaunch!171(Remote Admin Tool)
30/07/2008 02:20:58 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c00\TECDATA.UHA
30/07/2008 02:20:58 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c13\TECGMS.UHA
30/07/2008 02:20:58 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c14\TECMISC0.UHA
30/07/2008 02:20:59 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c15\TECMAIN.UHA
30/07/2008 02:20:59 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c16\TECMISC1.UHA
30/07/2008 02:20:59 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c20\TECSND2.UHA
30/07/2008 02:20:59 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c35\TECSND0.UHA
30/07/2008 02:21:00 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c48\TECSND1.UHA
30/07/2008 02:34:20 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\4Passwords\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

30/07/2008 02:34:50 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\ALL RECOVER\Data_Recovery_Program.rar\RECOVERY.EXE\AUTORUN.CDD\_DETECT.DAT
30/07/2008 02:35:05 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\avg75free_484a1100.exe\SETUP.DAT
30/07/2008 02:35:08 م Deleted mohsen sharaf G:\SETUP\ANTI\ANTI VIRUS PROGRAMS\RG_SECURITY.ZIP W32/Generic.e(Virus)
30/07/2008 02:42:01 م No Action Taken (Clean failed) mohsen sharaf g:\Setup\anti\Anti Virus Programs\Rg_Security.zip\RG SECURITY.EXE W32/Generic.e(Virus)
30/07/2008 02:43:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\kasbriskey\kav7.zip\ZYZOOM_KASPERSKY2007_CD.EXE\AUTORUN.CDD\_DETECT.DAT
30/07/2008 02:44:18 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Fast Anti\ArabLion_Tools_For_Virus.exe\CLICK1.OGG
30/07/2008 02:44:36 م Deleted mohsen sharaf G:\SETUP\ANTI\FAST ANTI\TROJAN_REMOVER_6.6.5__ZYZOOM.ZIP BackDoor-BAC(Trojan)
29/07/2008 05:59:08 م No Action Taken (Clean failed) mohsen sharaf g:\Setup\anti\Fast Anti\Trojan_Remover_6.6.5__Zyzoom.zip\RMT.DTA BackDoor-BAC(Trojan)
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Scan Summary
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Processes scanned : 28
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Processes detected : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Processes cleaned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Boot sectors scanned : 5
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Boot sectors detected: 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Boot sectors cleaned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Files scanned : 120130
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Files with detections: 3
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf File detections : 6
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Files cleaned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Files deleted : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Files not scanned : 63
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Scan Summary (Registry Scanning)
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Keys scanned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Keys detected : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Keys cleaned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Keys deleted : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Scan Summary ( Scanning)
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf s scanned : 85
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf s detected : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf s cleaned : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf s deleted : 0
29/07/2008 05:59:08 م Scan Summary ITALIANO\mohsen sharaf Run time : 2:40:18
29/07/2008 05:59:08 م Scan Terminated ITALIANO\mohsen sharaf On-Demand Scan

29/07/2008 09:36:12 م Engine version =5200.2160
29/07/2008 09:36:12 م AntiVirus DAT version =5242.0000
29/07/2008 09:36:12 م Number of detection signatures in EXTRA.DAT =None
29/07/2008 09:36:12 م Names of detection signatures in EXTRA.DAT =None
29/07/2008 09:35:58 م Scan Started ITALIANO\mohsen sharaf On-Demand Scan
29/07/2008 09:53:42 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\ChaosLegionmazika2day.rar\CHAOS LEGION.MAZIKA2DAY.COM BY.MIDOSTAR.ZIP\6.BMP
29/07/2008 09:53:46 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part1.rar\BATTLEFIELD 2 ARMORED FURY [PCCD][MULTILANGUAGE][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

29/07/2008 09:53:46 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part2.rar\G.BMP
29/07/2008 09:58:02 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part1.rar\KPS.FACES.OF.WAR.MULTI5.EXE
29/07/2008 09:58:02 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part4.rar\RWA2AN FORUMS.URL
29/07/2008 09:58:17 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\midnight\ArablionZ.com-Midnight.II.Ripped.part3.rar\MC2.C54\DATA2.UHA
29/07/2008 09:58:32 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part1.rar\WOV.C02\BLH.TXT
29/07/2008 09:58:33 م Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part2.rar\WOV.C20\DATA2.UHA
29/07/2008 10:13:24 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C23\DVNPAK4.DVN
29/07/2008 10:13:25 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C40\DVNPAK2.DVN
29/07/2008 10:13:25 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C53\DVNPAK3.DVN
29/07/2008 10:13:25 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C54\DTRSETUP.EXE
29/07/2008 10:13:25 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C55\SC01_06C.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C56\SC02_17.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C57\SC02_21.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C58\SC03_02.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C59\SC05_03.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C60\SC07_13.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C61\SC09_10.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C62\SC11_14.OGG
29/07/2008 10:13:26 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C63\SC13_11.OGG
29/07/2008 10:16:57 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Driv3r\Driv3r-The Game.rar\FOVDRV3R.C26\MAIN.EXE
29/07/2008 10:17:02 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\IronMan\IronMan.zip\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IRON.MAN.ZIP\DESKTOP.INI
29/07/2008 10:19:16 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part1.rar\TTHIF3.C03\TECMORE.UHA
29/07/2008 10:19:21 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part2.rar\TTHIF3.C21\TECMAIN.UHA
29/07/2008 10:19:29 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part3.rar\TTHIF3.C48\TECWAV.UHA
29/07/2008 10:19:50 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part2.rar\RITUEL.C22\RITDATA1.UHA
29/07/2008 10:19:51 م Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part3.rar\RITUEL.C41\RITDATA2.UHA
29/07/2008 10:23:33 م Deleted mohsen sharaf G:\COMBOFIX_3.ZIP RemAdm-ProcLaunch!171(Remote Admin Tool)
29/07/2008 11:03:57 م No Action Taken (Clean failed) mohsen sharaf g:\ComboFix_3.zip\COMBOFIX_3.EXE\PSEXEC.CFEXE RemAdm-ProcLaunch!171(Remote Admin Tool)
29/07/2008 11:05:15 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c00\TECDATA.UHA
29/07/2008 11:05:16 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c13\TECGMS.UHA
29/07/2008 11:05:16 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c14\TECMISC0.UHA
29/07/2008 11:05:16 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c15\TECMAIN.UHA
29/07/2008 11:05:16 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c16\TECMISC1.UHA
29/07/2008 11:05:16 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c20\TECSND2.UHA
29/07/2008 11:05:17 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c35\TECSND0.UHA
29/07/2008 11:05:18 م Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c48\TECSND1.UHA
29/07/2008 11:16:55 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\4Passwords\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

29/07/2008 11:17:22 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\ALL RECOVER\Data_Recovery_Program.rar\RECOVERY.EXE\AUTORUN.CDD\_DETECT.DAT
29/07/2008 11:17:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\avg75free_484a1100.exe\SETUP.DAT
29/07/2008 11:17:40 م Deleted mohsen sharaf G:\SETUP\ANTI\ANTI VIRUS PROGRAMS\RG_SECURITY.ZIP W32/Generic.e(Virus)
31/07/2008 10:09:49 ص Engine version =5200.2160
31/07/2008 10:09:49 ص AntiVirus DAT version =5242.0000
31/07/2008 10:09:49 ص Number of detection signatures in EXTRA.DAT =None
31/07/2008 10:09:49 ص Names of detection signatures in EXTRA.DAT =None
31/07/2008 10:09:40 ص Scan Started ITALIANO\mohsen sharaf On-Demand Scan
31/07/2008 10:26:02 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\ChaosLegionmazika2day.rar\CHAOS LEGION.MAZIKA2DAY.COM BY.MIDOSTAR.ZIP\6.BMP
31/07/2008 10:26:03 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part1.rar\BATTLEFIELD 2 ARMORED FURY [PCCD][MULTILANGUAGE][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 10:26:03 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Battlefield 2 Armored Fury\Battlefield 2 Armored Fury [PCCD] MULTiLANGUAGE.part2.rar\G.BMP
31/07/2008 10:29:09 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part1.rar\KPS.FACES.OF.WAR.MULTI5.EXE
31/07/2008 10:29:09 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\faces.of.war\Rwa2an.CoM_kps.faces.of.war.multi5.part4.rar\RWA2AN FORUMS.URL
31/07/2008 10:29:19 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\midnight\ArablionZ.com-Midnight.II.Ripped.part3.rar\MC2.C54\DATA2.UHA
31/07/2008 10:29:28 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part1.rar\WOV.C02\BLH.TXT
31/07/2008 10:29:29 ص Not scanned (The file is encrypted) mohsen sharaf d:\Games\Whirlwind Over Vietnam\fonekat.net-whirlwind.over.vietnam.ripped.part2.rar\WOV.C20\DATA2.UHA
31/07/2008 10:48:15 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C23\DVNPAK4.DVN
31/07/2008 10:48:15 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C40\DVNPAK2.DVN
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C53\DVNPAK3.DVN
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C54\DTRSETUP.EXE
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C55\SC01_06C.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C56\SC02_17.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C57\SC02_21.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C58\SC03_02.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C59\SC05_03.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C60\SC07_13.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C61\SC09_10.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C62\SC11_14.OGG
31/07/2008 10:48:16 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Dead_To_Rights\Dead_To_Rights_By.MiDo_StaR\Dead_To_Rights_By.MiDo StaR\DVNDEAD.C63\SC13_11.OGG
31/07/2008 10:51:30 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Driv3r\Driv3r-The Game.rar\FOVDRV3R.C26\MAIN.EXE
31/07/2008 10:51:35 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\IronMan\IronMan.zip\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IRON.MAN.ZIP\DESKTOP.INI
31/07/2008 10:53:28 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part1.rar\TTHIF3.C03\TECMORE.UHA
31/07/2008 10:53:29 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part2.rar\TTHIF3.C21\TECMAIN.UHA
31/07/2008 10:53:29 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\THEEF\arablionz.com.thief3.part3.rar\TTHIF3.C48\TECWAV.UHA
31/07/2008 10:53:41 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part2.rar\RITUEL.C22\RITDATA1.UHA
31/07/2008 10:53:41 ص Not scanned (The file is encrypted) mohsen sharaf e:\Games\Setup\Transformers\Transformers 1\Transformers.ArablionZ.CoM.part3.rar\RITUEL.C41\RITDATA2.UHA
31/07/2008 10:56:56 ص Deleted mohsen sharaf G:\COMBOFIX_3.ZIP RemAdm-ProcLaunch!171(Remote Admin Tool)
31/07/2008 11:54:47 ص No Action Taken (Clean failed) mohsen sharaf g:\ComboFix_3.zip\COMBOFIX_3.EXE\PSEXEC.CFEXE RemAdm-ProcLaunch!171(Remote Admin Tool)
31/07/2008 11:55:56 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c00\TECDATA.UHA
31/07/2008 11:55:56 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c13\TECGMS.UHA
31/07/2008 11:55:57 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c14\TECMISC0.UHA
31/07/2008 11:55:57 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c15\TECMAIN.UHA
31/07/2008 11:55:57 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c16\TECMISC1.UHA
31/07/2008 11:55:57 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c20\TECSND2.UHA
31/07/2008 11:55:58 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c35\TECSND0.UHA
31/07/2008 11:55:58 ص Not scanned (The file is encrypted) mohsen sharaf g:\Others\games\Hitman_3_Contracts\thitm3.c48\TECSND1.UHA
31/07/2008 12:07:48 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\4Passwords\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 12:08:13 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\ALL RECOVER\Data_Recovery_Program.rar\RECOVERY.EXE\AUTORUN.CDD\_DETECT.DAT
31/07/2008 12:08:28 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\avg75free_484a1100.exe\SETUP.DAT
31/07/2008 12:08:31 م Deleted mohsen sharaf G:\SETUP\ANTI\ANTI VIRUS PROGRAMS\RG_SECURITY.ZIP W32/Generic.e(Virus)
31/07/2008 12:08:44 م Deleted (Clean failed) mohsen sharaf g:\Setup\anti\Anti Virus Programs\Rg_Security.zip\RG SECURITY.EXE W32/Generic.e(Virus)
31/07/2008 12:09:41 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Anti Virus Programs\kasbriskey\kav7.zip\ZYZOOM_KASPERSKY2007_CD.EXE\AUTORUN.CDD\_DETECT.DAT
31/07/2008 12:10:05 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Fast Anti\ArabLion_Tools_For_Virus.exe\CLICK1.OGG
31/07/2008 12:10:24 م Deleted mohsen sharaf G:\SETUP\ANTI\FAST ANTI\TROJAN_REMOVER_6.6.5__ZYZOOM.ZIP BackDoor-BAC(Trojan)
31/07/2008 12:10:38 م Deleted (Clean failed) mohsen sharaf g:\Setup\anti\Fast Anti\Trojan_Remover_6.6.5__Zyzoom.zip\RMT.DTA BackDoor-BAC(Trojan)
31/07/2008 12:10:40 م Deleted mohsen sharaf G:\SETUP\ANTI\FAST ANTI\ZYZOOM_AUTORUN_VIRUSES_CLEANER_1-1429.EXE PrcViewer(Potentially Unwanted Program)
31/07/2008 12:10:52 م Deleted (Clean failed) mohsen sharaf g:\Setup\anti\Fast Anti\Zyzoom_Autorun_Viruses_cleaner_1-1429.exe\ZYZOOM_PROCESS.EXE PrcViewer(Potentially Unwanted Program)
31/07/2008 12:10:59 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\anti\Fast Anti\برنامج aurorun eater للقضاء على فيروس aurorun\aesetup2.0.rar\AESETUP2.0.EXE
31/07/2008 12:12:04 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\CHAT\YAHOO\my ducu\YAHOO.exe\CLICK1.OGG
31/07/2008 12:14:13 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\fonts\win zip انجليزى\339 famous fonts.zip\ACTIONIS.ZIP\BEFONTS.GIF
31/07/2008 12:16:57 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\IPROTECT\تشفير ملفات\Iprotect\iprotect.rar\IPROTECT.ZIP\IPR13.EXE\USERCOPY.EXE
31/07/2008 12:17:00 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\IPROTECT\تشفير ملفات\TheLock\tlok1202.zip\thelock.s10\LOCKSET.EX_
31/07/2008 12:17:40 م Deleted mohsen sharaf g:\Setup\media\Flash Player\FlashPlayer8\Desktop_.ini W32/Fujacks.ini(Virus)
31/07/2008 12:19:02 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\New Folder\44-WWII_TANK[1].wsz\EQMAIN.BMP
31/07/2008 12:19:18 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\Skins For WMP\EREKTO~1.WMZ\MAINBKGND.BMP
31/07/2008 12:19:22 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\Skins For WMP\Television.wmz\BACKGROUND_PL.BMP
31/07/2008 12:19:22 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\Skins For WMP\TELEVI~1.WMZ\BACKGROUND_PL.BMP
31/07/2008 12:19:23 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Boiler room.rjs\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Lord of the Rings Shire.rjs\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Lord of the Rings Trilogy(2).rjs\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Lord of the Rings Trilogy.rjs\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\NeoChick.rjs\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\OEM.RJS\ALBUMART.RJT
31/07/2008 12:19:24 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Picket Fences.rjs\ALBUMART.RJT
31/07/2008 12:19:25 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\media\Skins\SKINS real\Treehouse.rjs\ALBUMART.RJT
31/07/2008 12:19:42 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Mobile\Mobile X660\My Mobile.zip\WAVTRIM.ZIP\WAVTRIM.EXE
31/07/2008 12:19:45 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Mobile\Mobile X660\My Mobile\Goldwave حقوق محفظة.zip\GOLDWAVESTORM.ZIP\GOLDWAVESTORM.EXE
31/07/2008 12:19:47 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Mobile\Mobile X660\My Mobile\WavTrim.zip\WAVTRIM.EXE
31/07/2008 12:20:09 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Net\DoWnLoAd\Rwa2aN.Com_Portable.IDM.v5.12.8.rar\PORTABLE.IDM.V5.12.8.EXE
31/07/2008 12:20:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Net\NetWork\znetcut\MG_Network_Tricks.exe\CLICK1.OGG
31/07/2008 12:20:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Net\NetWork\znetcut\Network Magic 2.0.rar\CRACK IT NOW.CMD
31/07/2008 12:23:09 م Deleted (Clean failed because the detection isn't cleanable) mohsen sharaf g:\Setup\Try it now\ID.Internet.Optimizer.v1.2.rar\PATCH.EXE New Malware.aq(Trojan)
31/07/2008 12:23:36 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Try it now\New Folder\Patch Crack

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Mixawy 2007.zip\IMPORTANT.TXT
31/07/2008 12:23:42 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Try it now\Programs\netcut 2.8.rar\NETCUT.EXE
31/07/2008 12:24:00 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Try it now\Protable pro\Gold.Wave.5.2.2_Game_on__.rar\INFOFILES.RAR\FORUMW.ORG.NFO
31/07/2008 12:24:00 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Try it now\Protable pro\JetAudio_Plus_6.28_VX_Game_on_.rar\INFOFILES.RAR\FORUMW.ORG.NFO
31/07/2008 12:24:20 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Try it now\Protable pro\Portable_Easy_GIF_Animator_v4.12.28_Game_on_.rar\PORTABLE EASY GIF ANIMATOR V4.12.28.EXE\CLICK1.OGG
31/07/2008 12:25:14 م Deleted mohsen sharaf G:\COMBOFIX_3.ZIP RemAdm-ProcLaunch!171(Remote Admin Tool)
31/07/2008 12:25:21 م No Action Taken (Clean failed) mohsen sharaf g:\ComboFix_3.zip\COMBOFIX_3.EXE\PSEXEC.CFEXE RemAdm-ProcLaunch!171(Remote Admin Tool)
31/07/2008 12:25:29 م Deleted mohsen sharaf g:\ComboFix_3.zip
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycom0cc446546b.zip\NFSPS[1].GRIP.TXT
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycom238316f091.zip\HIA FWDA FILM GAMED GIDAN BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycom461142f97d.zip\FILM EL JEZERA

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycom522fd10ab7.zip\.PPS
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycom73519e4226.zip\7AMAKY BY OMAR4EVER

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

0183185672.3GP
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycoma47810f7bc.rar\WEBHORSE.EXE
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycoma9be571a80.zip\EL MAGEK FILM GAMED GIDAN BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycomda26890ce0.zip\HIA FWDA FILM GAMED GIDAN BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:26:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\Nos5a\up\uploads\files\mrhandsawycome262349743.zip\CARMEL.TXT
31/07/2008 12:27:38 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\المجله للمنتدى\psd\تهنئة بحلول شهر رمضان واجهة احترافيه (مجانية) الحق حمل نسختك\تهنئة بحلول شهر رمضان واجهة احترافيه (مجانية) الحق حمل نسختك.rar\RAMADAN.PSD
31/07/2008 12:28:01 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\للبعث للأيميلات\EMAIL-SENDER-1EXPRESS.zip\CRACK.RAR
31/07/2008 12:28:02 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\للبعث للأيميلات\EMAIL-SENDER-EXPRESS.zip\CRACK.RAR
31/07/2008 12:28:13 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\للمواقع\ScorPits\3v3arcade.rar\JAWASHOOT (SNOWY).ZIP
31/07/2008 12:29:14 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\Nos5a.zip\MRHANDSAWYCOM0CC446546B.ZIP\NFSPS[1].GRIP.TXT
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycom0cc446546b.zip\NFSPS[1].GRIP.TXT
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycom238316f091.zip\HIA FWDA FILM GAMED GIDAN BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycom73519e4226.zip\7AMAKY BY OMAR4EVER

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

0183185672.3GP
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycoma47810f7bc.rar\WEBHORSE.EXE
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycomda26890ce0.zip\HIA FWDA FILM GAMED GIDAN BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:29:31 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\files\mrhandsawycome262349743.zip\CARMEL.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\116HeroWantddVd.zip\HEROWANTDDVD.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\117Cloverfield.2008.zip\CLOVERFIELD.2008.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\132fileuploader_setup.exe\FILEUPLOADER_SETUP.MSI
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\13Taba5 El Rais By Mr.Storm MRhandsawy.com.zip\TABA5 EL RAIS BY MR.STORM MRHANDSAWY.COM.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\183WWe[1].ECW.1.15.2008.Rmvbsmall.zip\WWE[1].ECW.1.15.2008.RMVB.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\1917ena.maysara.CamVcd mrhandsawy.com.zip\7ENA.MAYSARA.CAMVCD MRHANDSAWY.COM.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\204Missionary.Manwww.mrhandsawy.com.zip\MISSIONARY.MANWWW.MRHANDSAWY.COM.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\211X-plore_mrhandsawy.com.zip\X-PLORE_MRHANDSAWY.COM.SIS
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\239Andaleb El Doky.Rmvb Mrhandsawy.com.zip\ANDALEB EL DOKY.RMVB.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\275No.Way.Out.2008.Rmvb.zip\NO.WAY.OUT.2008.RMVB.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\328KaKaR_Mrhandsawy.Com.zip\KAKAR_MRHANDSAWY.COM.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\331rapidshare.zip\RAPIDSHARE.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\372NFSPS[1].GRip.zip\NFSPS[1].GRIP.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\383Fe Ma7atet Masr By Mrhandsawy.Com.zip\FE MA7ATET MASR BY MRHANDSAWY.COM.TXT
31/07/2008 12:29:32 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\399shar3.zip\SHARE3.18.ZIP\SHARE3.18.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\407Jumanji.zip\JUMANJI.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\41CoreCodec Player

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\4483orfa707.zip\3'ORFA707.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\451La7azat.zip\LA7AZAT ENOSA_MRHANDSAWY.COM.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\488El.Torpini.VCD MRhandsawy.Com.zip\EL.TORPINI.VCD MRHANDSAWY.COM.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\5177asantiara.zip\7ASANTIARA.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\56110000 BC.CAM.zip\10000 BC.CAM.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\56FilmMohima.zip\MOHIMAFILM.ZIP\MOHIMAFILM.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\598Morganz.zip\MOGRAN.ZIP\MOGRAN.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\613Shikamara.zip\SHIKAMARA.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\617TiTaNiC.zip\TITANIC.TXT
31/07/2008 12:29:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\629Cocoto.Kart.Racer.zip\COCOTO.KART.RACER.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\629Gorge.zip\GORGEWSOF.ZIP\GORGEWSOF.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\634Deal.2008.zip\DEAL.2008.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\654Making[1].Of.Klashn By King Night kof.zip\MAKING[1].OF.KLASHN BY KING NIGHT KOF.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\663TweakUiPowertoySetup mrhandsawy.com.zip\TWEAKUIPOWERTOYSETUP.EXE
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\675Camp_Storm.zip\CAMP_STORM.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\689Street.Kings.zip\STREET.KINGS.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\692Anti.Killer.zip\ANTI.KILLER.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\702Saba7oRmvb.zip\SABA7O.KEDB.RMVB.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\707The.Bank.Job.zip\THE.BANK.JOB.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\74410.000.B.C.zip\10.000.B.C.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\748SpecialMissions.com.zip\SPECIAL MISSIONSWWW.MRHANDSAWY.COM.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\756no2tet_rego3.zip\NO2TET_REGO3.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\76tom_and_jerry_.rar\TOM_AND_JERRY_TO.EXE
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\77845 Days Ahemd El Fishawy By Mr.STorm

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DAYS AHEMD EL FISHAWY BY MR.STORM

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\827ElShaba7.zip\ELSHABA7.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\834Andaleb El Doky.Rmvb.Moga.zip\ANDALEB EL DOKY.RMVB.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\839Sweeny.Todd.2007www.mrhandsawy.com.zip\SWEENY.TODD.2007.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\8447ssamTayaraMrhandsawy.com.zip\7SSAM TAYARA MRHANDSAWY.COM.TXT
31/07/2008 12:29:34 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\851inthename.zip\INTHENAME.TXT
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\882Film El jezera

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

EL JEZERA

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\898prsetup.zip\PRSETUP.ZIP\PRSETUP.EXE
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\913E7na.zip\E7NA.ET2ABELNA.2ABL.KEDA.HIGH.ZIP\E7NA.ET2ABELNA.2ABL.KEDA.HIGH.TXT
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\915Film 7en Maysara By eL Kaisar Ahmed Only 4 Storm.zip\FILM 7EN MAYSARA BY EL KAISAR AHMED ONLY 4 STORM.TXT
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\921Beouwulf Mrhandsawy.Com.zip\BEOUWULF MRHANDSAWY.COM.TXT
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\973WWe[1].ECW.1.15.2008.AVI.zip\WWE[1].ECW.1.15.2008.AVI.TXT
31/07/2008 12:29:35 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة احطياطيه هاااااااام\New Storms.net.tf\2\The BEst Download Now\uploing\storage stormup\NationalTreasure.zip\NATIONAL.TREASURE.2.TXT
31/07/2008 12:29:40 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\نسخة فى بى جديد\vBulletin.v3.6.8.PHP.NULLIFIED.Incl.Keygen-GYSN_passwww.eibda3.com.zip\VB3_README.TXT
31/07/2008 12:30:37 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\vb\هاكات\مستخدم\تنسيق المنتديات الفرعيه\Product-Subforums-Arranger.zip\PRODUCT-SUBFORUMS-ARRANGER.XML
31/07/2008 12:31:13 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\Win Rar,Zip\افضل برنامج للضغط\Uharc.zip\UHARC.ZIP
31/07/2008 12:31:39 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\جرفك\Photo Shop\AdobeCs3-wWw.EiBDa3.CoM.zip\ADOBECS3-WWW.EIBDA3.COM.EXE
31/07/2008 12:32:33 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\جرفك\Wight pro\1700.ace\1001FODY.8BF
31/07/2008 12:33:13 م Not scanned (The file is encrypted) mohsen sharaf g:\Setup\جرفك\صور متحركه\Easy GIF Animator v3.03.zip\GIF.EXE\ARN.NFO
31/07/2008 12:35:39 م Deleted mohsen sharaf HKU\S-1-5-21-436374069-484061587-1417001333-1003\Software\Softwrap Proxy-OSS(Potentially Unwanted Program)
31/07/2008 12:35:39 م Deleted mohsen sharaf HKU\S-1-5-21-436374069-484061587-1417001333-1003\Software\Softwrap Proxy-OSS(Potentially Unwanted Program)
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Scan Summary
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Processes scanned : 24
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Processes detected : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Processes cleaned : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Boot sectors scanned : 5
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Boot sectors detected: 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Boot sectors cleaned : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Files scanned : 152710
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Files with detections: 6
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf File detections : 10
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Files cleaned : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Files deleted : 5
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Files not scanned : 225
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Scan Summary (Registry Scanning)
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Keys scanned : 36428
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Keys detected : 2
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Keys cleaned : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Keys deleted : 2
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Scan Summary ( Scanning)
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf s scanned : 2
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf s detected : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf s cleaned : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf s deleted : 0
31/07/2008 12:36:15 م Scan Summary ITALIANO\mohsen sharaf Run time : 2:26:35
31/07/2008 12:36:15 م Scan Complete ITALIANO\mohsen sharaf On-Demand Scan

ثانيا
تقرير برنامج ComboFix

ComboFix 08-07-29.1 - mohsen sharaf 2008-08-01 3:42:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.558 [GMT 3:00]
Running from: C:\Documents and Settings\mohsen sharaf\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\kakle.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF

((((((((((((((((((((((((( Files Created from 2008-07-01 to 2008-08-01 )))))))))))))))))))))))))))))))
.

2008-07-31 17:02 . 2008-07-31 17:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-31 17:02 . 2008-07-31 17:02 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-30 13:05 . 2008-07-30 13:05 <DIR> d-------- C:\Program Files\Google
2008-07-29 12:51 . 2008-07-29 12:51 <DIR> d-------- C:\WINDOWS\system32\RMBin
2008-07-29 12:51 . 2008-07-29 12:51 <DIR> d-------- C:\Program Files\Real_SC
2008-07-29 12:51 . 2008-07-29 12:51 2,535,424 --a------ C:\WINDOWS\system32\agsaamj.dll
2008-07-29 12:51 . 2008-07-29 12:51 1,986,560 --a------ C:\WINDOWS\system32\akll.dll
2008-07-29 12:51 . 2008-07-29 12:51 1,245,184 --a------ C:\WINDOWS\system32\bkll.dll
2008-07-29 12:51 . 2008-07-29 12:51 1,212,416 --a------ C:\WINDOWS\system32\ckll.dll
2008-07-29 12:51 . 2008-07-29 12:51 610,304 --a------ C:\WINDOWS\system32\agsaamg.dll
2008-07-29 12:51 . 2008-07-29 12:51 372,736 --a------ C:\WINDOWS\system32\agsaamc.dll
2008-07-29 12:51 . 2008-07-29 12:51 90,112 --a------ C:\WINDOWS\system32\agsaami.dll
2008-07-29 12:51 . 2008-07-29 12:51 53,760 --a------ C:\WINDOWS\system\ppacklib.dll
2008-07-29 10:28 . 2008-07-29 10:28 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Thinstall
2008-07-29 00:33 . 2008-07-29 00:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-07-28 10:48 . 2008-07-28 11:07 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-07-28 10:12 . 2008-07-28 10:12 <DIR> d-------- C:\Program Files\GRETECH
2008-07-28 10:12 . 2008-07-28 10:12 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\GRETECH
2008-07-27 20:22 . 2008-07-27 20:22 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\AdobeUM
2008-07-27 20:20 . 2008-07-27 20:20 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-27 13:23 . 2008-07-27 13:23 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-07-27 10:21 . 2008-07-27 12:31 <DIR> d-------- C:\Program Files\Internet Download Manager
2008-07-26 18:58 . 2008-07-26 18:58 2,328,704 --a------ C:\WINDOWS\system32\TUKernel.exe
2008-07-26 18:13 . 2008-07-26 18:13 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-07-26 18:13 . 2008-07-26 18:13 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-26 18:13 . 2008-07-26 18:13 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\TuneUp Software
2008-07-26 18:13 . 2008-07-26 18:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-07-26 18:13 . 2008-07-26 18:13 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-07-26 18:13 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-07-26 15:39 . 2008-07-29 17:49 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Tracing
2008-07-26 10:51 . 2008-07-26 10:51 <DIR> d-------- C:\Documents and Settings\Administrator
2008-07-26 07:10 . 2008-07-26 07:10 <DIR> d-------- C:\WINDOWS\FLV Player
2008-07-26 06:33 . 2008-07-26 06:33 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\FlashFXP
2008-07-26 06:32 . 2008-07-31 01:16 <DIR> d-------- C:\Program Files\FlashFXP
2008-07-24 16:05 . 2008-07-24 16:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2008-07-23 12:44 . 2008-07-23 12:44 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\dBpoweramp
2008-07-23 12:37 . 2008-07-23 12:37 <DIR> d-------- C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter)
2008-07-21 10:57 . 2008-04-14 00:15 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-07-21 10:57 . 2008-04-14 00:15 26,112 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-07-21 10:55 . 2008-07-21 10:55 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-07-21 10:55 . 2008-07-21 10:55 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-07-21 10:13 . 2008-07-21 10:13 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Vso
2008-07-21 10:13 . 2008-07-21 10:13 81,920 --a------ C:\Documents and Settings\mohsen sharaf\Application Data\ezpinst.exe
2008-07-21 10:13 . 2008-07-21 10:13 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2008-07-21 10:13 . 2008-07-21 10:13 47,360 --a------ C:\Documents and Settings\mohsen sharaf\Application Data\pcouffin.sys
2008-07-21 10:12 . 2008-07-23 11:40 <DIR> d-------- C:\Program Files\Video Convert Master
2008-07-21 09:49 . 2008-07-28 23:57 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-21 09:43 . 2008-07-22 16:20 <DIR> d-------- C:\Program Files\Easy RealMedia Tools
2008-07-19 13:27 . 2008-07-19 13:27 <DIR> d-------- C:\Program Files\Common Files\DirectX
2008-07-19 12:22 . 2008-07-19 12:22 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Nokia
2008-07-19 12:15 . 2008-07-19 12:15 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-07-19 12:15 . 2008-07-19 12:15 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-07-19 12:12 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-07-19 12:11 . 2008-07-19 12:12 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-07-19 12:10 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-07-19 12:10 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-07-19 12:10 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-07-19 12:10 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-07-19 12:10 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-07-19 12:10 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-07-19 12:05 . 2008-07-19 12:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Installations
2008-07-19 11:45 . 2003-06-25 16:05 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2008-07-19 11:45 . 2002-06-21 15:09 160,217 --a------ C:\WINDOWS\system32\PowerToysLicense.rtf
2008-07-19 09:16 . 2008-07-19 10:50 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Ulead Systems
2008-07-19 09:13 . 2008-07-19 09:13 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-07-19 09:13 . 2008-07-19 09:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-07-19 09:13 . 2007-03-06 11:58 210,456 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-07-19 09:13 . 2007-03-06 11:58 206,360 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-07-19 09:13 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-07-19 09:13 . 2007-03-06 11:58 198,168 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-07-19 09:13 . 2007-03-06 11:58 194,072 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-07-19 09:13 . 2007-03-06 11:58 26,136 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-07-19 09:11 . 2008-07-19 09:11 <DIR> d-------- C:\Program Files\Windows Media Components
2008-07-19 09:11 . 2008-07-19 09:11 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-07-19 09:11 . 2008-07-19 09:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-07-19 09:10 . 2008-07-19 09:11 <DIR> d-------- C:\Program Files\Ulead Systems
2008-07-19 08:52 . 2008-07-30 01:43 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\IDM
2008-07-19 08:52 . 2008-08-01 03:45 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\DMCache
2008-07-19 08:48 . 2004-01-08 11:38 208,896 --a------ C:\WINDOWS\system\lame_enc.dll
2008-07-19 08:47 . 2008-07-19 08:48 <DIR> d-------- C:\Program Files\GoldWave
2008-07-19 08:35 . 2008-07-26 18:38 21,598 --a------ C:\WINDOWS\system32\oemlogo.bmp
2008-07-19 08:35 . 2008-07-26 18:38 339 --a------ C:\WINDOWS\system32\OEMINFO.INI
2008-07-18 14:52 . 2008-07-18 20:47 <DIR> d--hs---- C:\Documents and Settings\mohsen sharaf\Phone Browser
2008-07-18 14:52 . 2008-07-18 14:52 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Datalayer
2008-07-18 13:51 . 2008-07-18 13:51 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-07-18 13:49 . 2008-07-19 12:12 <DIR> d-------- C:\Program Files\DIFX
2008-07-18 13:48 . 2008-07-19 12:16 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-07-18 13:48 . 2008-07-19 12:15 <DIR> d-------- C:\Program Files\Nokia
2008-07-18 13:48 . 2008-07-21 11:03 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\PC Suite
2008-07-18 13:48 . 2008-07-21 10:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-18 13:48 . 2008-05-07 07:38 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-07-18 13:47 . 2008-07-19 12:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-07-17 21:17 . 2008-07-17 21:17 17 --a------ C:\WINDOWS\popcinfo.dat
2008-07-15 19:55 . 2008-08-01 03:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-13 04:28 . 2008-04-14 00:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-12 17:46 . 2008-06-13 14:05 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-07-12 17:46 . 2008-06-13 14:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-07-11 04:42 . 2008-07-11 04:42 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-07-11 04:35 . 2008-07-11 04:35 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Media Player Classic
2008-07-11 04:34 . 2008-07-11 04:34 <DIR> d-------- C:\WINDOWS\system32\Quicktime
2008-07-11 04:34 . 2008-07-11 04:34 <DIR> d-------- C:\Program Files\Ringz Studio
2008-07-11 04:34 . 2008-07-11 04:34 0 --a------ C:\WINDOWS\system32\QuickTime.qtp
2008-07-11 04:09 . 2008-07-11 04:09 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-07-11 04:09 . 2008-07-11 04:09 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-07-11 04:04 . 2008-07-11 04:04 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\Sunbelt Software
2008-07-11 02:23 . 2008-07-11 02:23 <DIR> d-------- C:\Program Files\Illustrate
2008-07-11 02:23 . 2008-07-11 02:23 2,433,400 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-07-11 02:23 . 2008-07-11 02:23 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2008-07-11 02:23 . 2008-07-11 02:23 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp DSP Effects.bmp
2008-07-11 02:23 . 2008-07-11 02:23 13,281 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2008-07-11 02:23 . 2008-07-11 02:23 8,457 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2008-07-10 20:36 . 2008-07-10 20:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-07-10 20:22 . 2007-08-07 12:40 98,944 -ra------ C:\WINDOWS\system32\drivers\Rtenicxp.sys
2008-07-10 20:21 . 2008-07-10 20:21 <DIR> d-------- C:\WINDOWS\OPTIONS
2008-07-10 20:21 . 2008-07-10 20:21 <DIR> d-------- C:\Documents and Settings\mohsen sharaf\Application Data\InstallShield
2008-07-10 20:14 . 2008-07-10 20:14 <DIR> d-------- C:\Program Files\Windows Live
2008-07-10 20:13 . 2008-07-10 20:13 <DIR> d-------- C:\Program Files\Yahoo!
2008-07-10 20:12 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-07-10 20:12 . 2006-09-28 16:05 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2008-07-10 20:12 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-07-10 20:12 . 2006-09-28 16:05 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2008-07-10 20:12 . 2006-07-28 09:30 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2008-07-10 20:12 . 2006-09-28 16:04 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2008-07-10 20:12 . 2006-07-28 09:30 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2008-07-10 20:12 . 2006-11-15 11:38 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-01 00:46 982,048 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-01 00:46 8,752 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-01 00:46 253,984 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-08-01 00:46 1,948 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-28 11:21 --------- d-----w C:\Documents and Settings\mohsen sharaf\Application Data\Winamp
2008-07-25 22:01 96,559 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-07-25 22:01 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-19 06:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-19 06:13 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-19 05:49 --------- d-----w C:\Program Files\Winamp
2008-07-10 17:21 --------- d-----w C:\Program Files\Realtek
2008-07-10 16:52 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-07-10 16:48 --------- d-----w C:\Program Files\Intel
2008-07-10 16:42 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-07-10 16:30 --------- d-----w C:\Program Files\Kaspersky Lab
2008-07-10 16:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-07-10 16:20 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 11:51 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 11:40 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 11:08 225,856 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-05-20 07:32 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-07-11 04:41 185896]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 7 (0x7)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\Documents and Settings\\All Users\\Application Data\\TuneUp Software\\TuneUp Utilities\\WinStyler\\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"vidc.vp31"= vp31vfw.dll
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 15:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2008-07-27 10:21 896256 C:\Program Files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
-ra------ 2005-11-28 08:52 77824 C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
-ra------ 2005-11-28 08:55 118784 C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
-ra------ 2005-11-28 08:55 98304 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
--a------ 2008-05-27 21:58 4269296 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 2008-06-18 14:31 1122816 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StormCodec_Helper]
--a------ 2005-02-07 05:04 94037 C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-07-11 04:41 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS11 Preload]
--a------ 2007-03-03 14:12 341488 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-r------- 2005-05-03 13:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2007-07-05 11:08 16380416 C:\WINDOWS\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2007-06-15 11:45 1826816 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-14 15:00]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 20:07]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-26 18:13]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-DriverCD - H:\Run.exe
MSConfigStartUp-ISTray - C:\Program Files\Spyware Doctor\pctsTray.exe
MSConfigStartUp-MSMSGS - C:\Program Files\Messenger\msmsgs.exe
MSConfigStartUp-PCSuiteTrayApplication - C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com/
R0 -: HKLM-Main,Start Page = about:blank
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-08-01 03:47:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
.
**************************************************************************
.
Completion time: 2008-08-01 3:51:07 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-01 00:51:02

Pre-Run: 9,994,080,256 bytes free
Post-Run: 9,927,974,912 bytes free

283 --- E O F --- 2008-07-16 21:44:48

ثالثا تقرير hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:57:39 AM, on 8/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
G:\Setup\anti\Zyzoom_HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.Masrawy.com
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 5233 bytes

اتمنى ان تجد حل
وشكرا
:no:

dяăģôŋ · 31 يوليو 2008

حياك الله
عبودى الظاهر انه نايم لانه كان مستلم امس
:hh:
نكمل لحد مايجى

حدد القيم التاليه

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=http://www.Masrawy.com

طريقة الحذف

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبي فقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

وتقرير اخر

oMaR4eVeR · 31 يوليو 2008

اولا الف الف شكر على المتابعة اخى العزيز

وبالنسبه للحذف انا حذفت بس مش متأكدة اوى

وبالنسبه للأداة انا حملتها من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

لان المديا فير فيه مشكله عند التحميل يقف عند 99 فى الميه

وبعد الأنتهاء والتحميل وعمل اللازم

هذا تقرير ........... المطلوب

الخاص بي Zyzoom_HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:17:32 PM, on 8/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\Setup\anti\Zyzoom_HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 4855 bytes

AbOdy · 31 يوليو 2008

حياك الله
عبودى الظاهر انه نايم لانه كان مستلم امس
:hh:
نكمل لحد مايجى

k:
_______________________________
طيب بالنسبة لصاحب الموضوع

كيف وضع التورجان عندك ؟؟

AbOdy · 31 يوليو 2008

على حسب التقرير للهايجاك

جهازك مية بالمية

كيف وضع التورجان ؟؟

البارون · 31 يوليو 2008

التقرير سليم 100/100

oMaR4eVeR · 1 أغسطس 2008

السلام عليكم

الف شكر ليكم

الأن الفيرس ما عاد يرجع عند التصفح

وكنت اريد ان اعرف ايه اللى شالوا بالظبط

انهو اداة

ولسه مجربتش المنتدى اصلوا مغلق حاليا ..... تحت التجريب

وهل بالنسبه ل Hijack

هل ممكن شرح للأوامر اللى جواه علشان انا فيه حاجات كتير كان نفسى الغيها متبقاش شغالة

ممكن البرانامج دة يساعدنى فى الريجسترى ؟

dяăģôŋ · 1 أغسطس 2008

من هنا اخى الكريم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

أكبر مشكله فيروسات لا يوجد من وجد لها حل ممكن نحاول يمكن نكتشف تعريف كامل بالمشكله !!!

oMaR4eVeR

زيزوومي جديد

توقيع : oMaR4eVeR

AbOdy

عضو شرف

توقيع : AbOdy

oMaR4eVeR

زيزوومي جديد

توقيع : oMaR4eVeR

AbOdy

عضو شرف

توقيع : AbOdy

oMaR4eVeR

زيزوومي جديد

توقيع : oMaR4eVeR

dяăģôŋ

ذيبان

oMaR4eVeR

زيزوومي جديد

توقيع : oMaR4eVeR

AbOdy

عضو شرف

توقيع : AbOdy

AbOdy

عضو شرف

توقيع : AbOdy

البارون

زيزوومى فضى

توقيع : البارون

oMaR4eVeR

زيزوومي جديد

توقيع : oMaR4eVeR

dяăģôŋ

ذيبان

NTLite Business 2025.8.10552 X64