منصور مشكور بس التحميل غير ممكن .......................عجبني فيك ميلة التاج
ابو الهش سويت زي ماقلتي وشرهتك على اللي درا وش السالفة.................. التقارير
الأول
comboFix 08-10-16.08 - XP HLOL 10/17/2008 22:13:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.182 [GMT 3:00]
Running from: D:\ali\My Completed Downloads\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\XP HLOL\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Uninst.exe
C:\WINDOWS\artools.dll
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2008-09-17 to 2008-10-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-17 19:34 697,120 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-17 19:32 21,536 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-17 19:30 5,084 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-17 19:30 12,404 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-17 16:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-17 16:48 91,700 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-10-17 16:48 85,860 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-10-17 16:46 --------- d-----w C:\Program Files\Kaspersky Lab
2008-10-17 16:38 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-17 14:20 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\SlipStream
2008-10-17 13:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-16 16:47 --------- d-----w C:\Program Files\ESET
2008-10-16 13:17 --------- d-----w C:\Program Files\onspeed_toolbar
2008-10-16 12:30 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\IEPro
2008-10-16 12:27 --------- d-----w C:\Program Files\ONSPEED
2008-10-16 12:21 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\Nokia
2008-10-16 11:00 --------- d-----w C:\Program Files\Your Uninstaller 2006
2008-10-16 10:58 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\URSoft
2008-10-11 12:06 --------- d-----w C:\Program Files\NOS
2008-10-11 12:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\NOS
2008-10-11 12:05 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\AdobeUM
2008-10-08 09:10 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\PG Calculator
2008-10-08 09:05 --------- d-----w C:\Program Files\Calc98
2008-10-04 11:00 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-10-04 06:22 99,600 ----a-w C:\WINDOWS\system32\drivers\cmdguard.sys
2008-10-04 06:22 24,080 ----a-w C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-10-04 06:22 143,104 ----a-w C:\WINDOWS\system32\guard32.dll
2008-09-28 01:14 --------- d-----w C:\Program Files\Avant Browser
2008-09-28 00:51 --------- d-----w C:\Program Files\Sun
2008-09-28 00:50 --------- d-----w C:\Program Files\Java
2008-09-28 00:44 --------- d-----w C:\Program Files\Common Files\Java
2008-09-27 16:53 --------- d-----w C:\Program Files\Windows Live
2008-09-27 02:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-24 19:55 --------- d-----w C:\Program Files\Arabic.Arabic
2008-09-24 18:23 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\Comodo
2008-09-24 01:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\comodo
2008-09-24 01:00 249,592 ----a-w C:\WINDOWS\system32\cssdll32.dll
2008-09-24 01:00 --------- d-----w C:\Program Files\COMODO
2008-09-22 00:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-20 23:06 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-09-20 22:54 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-20 20:56 --------- d-----w C:\Program Files\JetAudio
2008-09-19 21:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-09-17 20:46 --------- d-----w C:\Program Files\HP
2008-09-17 20:43 --------- d-----w C:\Program Files\Common Files\HP
2008-09-17 20:40 --------- d-----w C:\Program Files\Hewlett-Packard
2008-09-17 20:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-09-17 20:38 --------- d-----w C:\Program Files\Common Files\Hewlett-Packard
2008-09-12 12:01 --------- d-----w C:\Program Files\MSXML 4.0
2008-09-11 01:30 413,760 ----a-w C:\WINDOWS\system32\mpg4c32.dll
2008-09-09 19:46 --------- d-----w C:\Program Files\Yahoo!
2008-09-08 22:26 --------- d-----w C:\Documents and Settings\XP HLOL\Application Data\Nokia Multimedia Player
2008-09-05 22:02 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-09-05 22:02 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-09-05 21:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-09-05 21:51 --------- d-----w C:\Program Files\Nokia
2008-09-05 21:50 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-05 21:50 --------- d-----w C:\Program Files\Common Files\Nokia
2008-09-05 21:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-07-28 21:22 247,808 ----a-w C:\WINDOWS\hg176lbx.exe
2008-07-28 21:22 185,856 ----a-w C:\WINDOWS\mf1766.dll
2008-07-25 11:48 155,995 ----a-w C:\WINDOWS\java\Packages\n571n5zt.zip
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 19:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 19:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [08/03/2004 11:32 PM 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [08/03/2004 11:31 PM 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [08/03/2004 11:32 PM 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [08/03/2004 11:32 PM 455168]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [01/08/2007 10:26 PM 68640]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [01/08/2007 10:17 PM 52256]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/17/2008 03:44 PM 185896]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [06/18/2007 03:10 PM 271360]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/12/2004 01:38 PM 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [05/12/2004 03:18 PM 241664]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM 144784]
"SlipStream"="C:\Program Files\ONSPEED\onspeedcore.exe" [10/19/2007 05:49 AM 344064]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [02/08/2008 06:36 PM 227856]
"SoundMan"="SOUNDMAN.EXE" [04/01/2006 08:33 AM 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SMSERIAL"="sm56hlpr.exe" [12/29/2004 07:01 AM 544768 C:\WINDOWS\sm56hlpr.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 03:12 AM 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [06/19/2007 10:17 AM 1241088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 06/18/2007 03:10 PM 271360 C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 02/01/2008 05:22 PM 21898024 C:\Program Files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 08/30/2007 05:43 PM 4670704 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\IEPro\\MiniDM.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 7.0\\avp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [10/04/2008 09:22 AM 99600]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [10/04/2008 09:22 AM 24080]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [12/13/2007 01:28 PM 24592]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [08/29/2008 10:00 AM 33752]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [02/01/2008 04:17 PM 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [02/01/2008 04:17 PM 8320]
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-DW6 - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
HKLM-Run-COMODO Internet Security - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
MSConfigStartUp-MsnMsgr - C:\Program Files\MSN Messenger\MsnMsgr.Exe
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\XP HLOL\Application Data\Mozilla\Firefox\Profiles\nk1an0dm.default\
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-10-17 22:33:03
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Completion time: 10/17/2008 22:40:03 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-17 19:39:37
Pre-Run: 45,067,280,384 bytes free
Post-Run: 45,072,228,352 bytes free
204 --- E O F --- 2008-09-12 12:04:10
الثاني
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:54:57 م, on 17/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\explorer.exe
D:\ali\My Completed Downloads\Zyzoom_HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = zttp=127.0.0.1:5405
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: Prefetch - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files\ONSPEED\Prefetch.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) -
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7385 bytes
من الكاسبر وحملت النود لقيت نفس المشكلة رغم انه كان شغال فل الفل قبل ما احمل الكاسبر
