ا
التقرير تم عمله بـ الاداة الاخيرة على ما اعتقد انها للجنتل وشكل الاداة الموجب الاخضر
Deckard's System Scanner v20071014.68
Run by User on 2008-11-21 14:54:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 511 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-11-21 14:54:17
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\agrsmmsg.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosOBEX.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\User\سطح المكتب\تحميل\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: TBSB02132 - {0AFADFDA-1497-4DD8-A043-B31D28EE8715} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: TBSB03970 - {3633036F-0620-4363-8614-FCB0901F1B40} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O2 - BHO: eree Toolbar - {40b33abf-0fd8-4675-b902-fe1be8863436} - C:\Program Files\eree\tberee.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: TBSB09374 - {BE678A1F-8FC3-42CA-906F-AC7003C53314} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O3 - Toolbar: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O3 - Toolbar: eree Toolbar - {40b33abf-0fd8-4675-b902-fe1be8863436} - C:\Program Files\eree\tberee.dll (file missing)
O3 - Toolbar: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra 'Tools' menuitem: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra button: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra 'Tools' menuitem: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - /hardwaredetection_3_0_3_1.cab[/url]
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{C8DCCF97-61FC-4499-8C29-9313A3239DB9}: NameServer = 192.168.1.254
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
--
End of file - 8848 bytes
-- Files created between 2008-10-21 and 2008-11-21 -----------------------------
2008-11-21 14:08:06 0 dr-h----- C:\Documents and Settings\User\Recent
2008-11-20 13:04:35 0 d-------- C:\Documents and Settings\User\Application Data\Mozilla
2008-11-20 12:21:42 5767168 --a------ C:\Documents and Settings\User\ntuser.dat
2008-11-20 12:08:01 0 d-------- C:\Documents and Settings\User\Application Data\Talkback
2008-11-19 17:20:04 0 d-------- C:\Program Files\Maxthon2
2008-11-18 22:35:14 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-11-18 22:14:21 0 d-------- C:\WINDOWS\Prefetch
2008-11-18 22:06:40 0 d-------- C:\WINDOWS\l2schemas
2008-11-18 22:03:37 0 d-------- C:\WINDOWS\ServicePackFiles
2008-11-18 22:00:55 0 d-------- C:\WINDOWS\network diagnostic
2008-11-16 17:22:47 0 d-------- C:\Documents and Settings\User\Application Data\TuneUp Software
2008-11-16 11:39:04 0 d-------- C:\Documents and Settings\User\Application Data\Avant Profiles
2008-11-16 11:02:05 0 d--h----- C:\WINDOWS\PIF
2008-11-12 22:51:20 0 d-------- C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-11-12 22:51:12 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-11-12 22:51:07 0 d-------- C:\Program Files\DAP
2008-11-06 11:05:22 0 d-------- C:\Program Files\Boilsoft Video Joiner
2008-11-02 19:04:08 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-11-01 21:39:48 0 d--h---c- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-11-01 21:31:43 0 d-------- C:\fsaua.data
2008-10-30 20:39:36 2031 --a------ C:\WINDOWS\system32\%LocalXml%
2008-10-30 19:58:05 0 d-------- C:\Program Files\Mozilla FirefoxPlugins
2008-10-29 22:05:25 0 d-------- C:\Documents and Settings\User\Application Data\DivX
2008-10-29 16:48:51 66048 --a------ C:\WINDOWS\ieResetIcons.exe <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2008-10-29 16:36:29 0 d-------- C:\WINDOWS\system32\ar-sa
2008-10-29 00:18:22 0 d-------- C:\Documents and Settings\User\Application Data\Adobe
2008-10-28 23:54:15 0 d-------- C:\Documents and Settings\User\Application Data\ONSPEED_TOOLBAR
2008-10-28 23:54:12 0 d-------- C:\Program Files\onspeed_toolbar
2008-10-28 23:42:15 114688 --a------ C:\WINDOWS\sliprt.dll <Not Verified; SlipStream Data Inc.; SlipStream Engine>
2008-10-28 22:55:56 0 d-------- C:\Documents and Settings\User\Application Data\SlipStream
2008-10-23 21:19:14 0 d-------- C:\WINDOWS\pss
-- Find3M Report ---------------------------------------------------------------
2008-11-21 14:18:18 0 d-------- C:\Documents and Settings\User\Application Data\DMCache
2008-11-20 12:26:52 251946 --a------ C:\WINDOWS\system32\perfh001.dat
2008-11-20 12:26:52 40316 --a------ C:\WINDOWS\system32\perfc001.dat
2008-11-20 11:26:27 0 d-------- C:\Program Files\Common Files\delet
2008-11-19 17:30:31 0 d-------- C:\Program Files\al-hora
2008-11-18 22:36:34 0 d-------- C:\Program Files\Windows NT
2008-11-18 22:36:28 0 d-------- C:\Program Files\Movie Maker
2008-11-18 22:35:24 0 d-------- C:\Program Files\Messenger
2008-11-18 22:00:08 250048 -rahs---- C:\ntldr
2008-11-16 17:22:41 0 d-------- C:\Documents and Settings\User\Application Data\Thinstall
2008-11-12 00:10:07 0 d-------- C:\Documents and Settings\User\Application Data\IDM
2008-10-31 22:45:28 0 d-------- C:\Program Files\Messenger Plus! Live
2008-10-30 19:58:06 0 d-------- C:\Program Files\Browster
2008-10-29 10:00:19 0 d-------- C:\Documents and Settings\User\Application Data\Real
2008-10-28 23:36:19 0 d-------- C:\Documents and Settings\User\Application Data\Orbit
2008-10-17 00:13:58 0 d-------- C:\Program Files\Plustech Inc
2008-10-15 19:32:30 0 d-------- C:\Program Files\Rapid Hacker
2008-10-14 17:44:44 0 d-------- C:\Program Files\Internet Download Manager
2008-10-10 15:23:26 0 d-------- C:\Program Files\ma-config.com
2008-10-09 01:14:38 0 d-------- C:\Program Files\MSXML 4.0
2008-10-08 22:48:21 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-10-06 21:23:49 396288 --a------ C:\HijackThis.exe <Not Verified; Trend Micro Inc.; HijackThis>
2008-10-05 22:23:25 0 d-------- C:\Program Files\Common Files
2008-10-05 22:23:25 0 d-------- C:\Program Files\Common Files\xing shared
2008-10-05 22:23:19 0 d-------- C:\Program Files\Common Files\Real
2008-10-02 22:11:00 0 d-------- C:\Program Files\Sun
2008-10-02 22:10:22 0 d-------- C:\Program Files\Java
2008-09-30 18:12:40 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-29 01:29:22 0 d-------- C:\Documents and Settings\User\Application Data\GrabPro
2008-09-08 19:31:26 62 --ahs---- C:\Documents and Settings\User\Application Data\desktop.ini
2008-09-08 16:40:52 0 -rahs---- C:\MSDOS.SYS
2008-09-08 16:40:52 0 -rahs---- C:\IO.SYS
2008-09-08 16:40:52 0 --a------ C:\CONFIG.SYS
2008-09-08 16:40:52 0 --a------ C:\AUTOEXEC.BAT
2008-09-08 16:37:23 22144 --a------ C:\WINDOWS\system32\emptyregdb.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{0AFADFDA-1497-4DD8-A043-B31D28EE8715}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{3633036F-0620-4363-8614-FCB0901F1B40}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{40b33abf-0fd8-4675-b902-fe1be8863436}]
C:\Program Files\eree\tberee.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
07/29/2008 08:21 PM 62728 --a------ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{BE678A1F-8FC3-42CA-906F-AC7003C53314}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{378BD826-01E2-4CB1-8D71-57E829D3EEE3}"= C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll [09/23/2008 02:19 PM 2485760]
"{40B33ABF-0FD8-4675-B902-FE1BE8863436}"= C:\Program Files\eree\tberee.dll [ ]
"{6226BA26-C017-4007-928C-DE9715C6FA67}"= C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll [09/23/2008 02:19 PM 2485760]
[-HKEY_CLASSES_ROOT\CLSID\{378BD826-01E2-4CB1-8D71-57E829D3EEE3}]
[HKEY_CLASSES_ROOT\TBSB09374.TBSB09374.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB09374.TBSB09374]
[-HKEY_CLASSES_ROOT\CLSID\{40B33ABF-0FD8-4675-B902-FE1BE8863436}]
[-HKEY_CLASSES_ROOT\CLSID\{6226BA26-C017-4007-928C-DE9715C6FA67}]
[HKEY_CLASSES_ROOT\TBSB02132.TBSB02132.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB02132.TBSB02132]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM]
"AGRSMMSG"="AGRSMMSG.exe" [12/22/2004 11:10 AM C:\WINDOWS\agrsmmsg.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/05/2008 10:22 PM]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [08/04/2004 03:56 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/04/2004 01:09 AM]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [08/16/2007 04:19 PM]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/15/2008 08:39 AM]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [11/12/2008 10:51 PM]
C:\Documents and Settings\All Users\çںê، ں§ڑ\ںé©ںê¤\§ک ں颬نïé\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [22/03/2005 09:44:36 ê]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"DisallowRun"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\DisallowRun]
"FolderSniffer"=FolderSniffer.exe
"IceSword"=IceSword.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^ONSPEED.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\ONSPEED.lnk
backup=C:\WINDOWS\pss\ONSPEED.lnkCommon Startup
-- End of Deckard's System Scanner: finished at 2008-11-21 14:54:41 ------------
لسلام عليكم :
أحد يا الربع يشوف لنا ها التقرير أحيانا تعليق حتى مع متصفح الفايروكس لو هي على الاكسبلور ما عليه شرهه بس الفايروكس وما نستغني عن توجيهاتكم وشاكر ومقدر للجميع
أحد يا الربع يشوف لنا ها التقرير أحيانا تعليق حتى مع متصفح الفايروكس لو هي على الاكسبلور ما عليه شرهه بس الفايروكس وما نستغني عن توجيهاتكم وشاكر ومقدر للجميع
التقرير تم عمله بـ الاداة الاخيرة على ما اعتقد انها للجنتل وشكل الاداة الموجب الاخضر
Deckard's System Scanner v20071014.68
Run by User on 2008-11-21 14:54:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------
Total Physical Memory: 511 MiB (512 MiB recommended).
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-11-21 14:54:17
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\agrsmmsg.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosOBEX.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\User\سطح المكتب\تحميل\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O2 - BHO: TBSB02132 - {0AFADFDA-1497-4DD8-A043-B31D28EE8715} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: TBSB03970 - {3633036F-0620-4363-8614-FCB0901F1B40} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O2 - BHO: eree Toolbar - {40b33abf-0fd8-4675-b902-fe1be8863436} - C:\Program Files\eree\tberee.dll (file missing)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: TBSB09374 - {BE678A1F-8FC3-42CA-906F-AC7003C53314} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O3 - Toolbar: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O3 - Toolbar: eree Toolbar - {40b33abf-0fd8-4675-b902-fe1be8863436} - C:\Program Files\eree\tberee.dll (file missing)
O3 - Toolbar: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Browster Prefetch On/Off - res://C:\Program Files\Browster\Browster.dll/CustomPrefetchMenu.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra 'Tools' menuitem: al-hora Toolbar - {378BD826-01E2-4CB1-8D71-57E829D3EEE3} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra button: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra 'Tools' menuitem: Al-Hora Toolbar - {6226BA26-C017-4007-928C-DE9715C6FA67} - C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} () - /hardwaredetection_3_0_3_1.cab[/url]
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{C8DCCF97-61FC-4499-8C29-9313A3239DB9}: NameServer = 192.168.1.254
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
--
End of file - 8848 bytes
-- Files created between 2008-10-21 and 2008-11-21 -----------------------------
2008-11-21 14:08:06 0 dr-h----- C:\Documents and Settings\User\Recent
2008-11-20 13:04:35 0 d-------- C:\Documents and Settings\User\Application Data\Mozilla
2008-11-20 12:21:42 5767168 --a------ C:\Documents and Settings\User\ntuser.dat
2008-11-20 12:08:01 0 d-------- C:\Documents and Settings\User\Application Data\Talkback
2008-11-19 17:20:04 0 d-------- C:\Program Files\Maxthon2
2008-11-18 22:35:14 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-11-18 22:14:21 0 d-------- C:\WINDOWS\Prefetch
2008-11-18 22:06:40 0 d-------- C:\WINDOWS\l2schemas
2008-11-18 22:03:37 0 d-------- C:\WINDOWS\ServicePackFiles
2008-11-18 22:00:55 0 d-------- C:\WINDOWS\network diagnostic
2008-11-16 17:22:47 0 d-------- C:\Documents and Settings\User\Application Data\TuneUp Software
2008-11-16 11:39:04 0 d-------- C:\Documents and Settings\User\Application Data\Avant Profiles
2008-11-16 11:02:05 0 d--h----- C:\WINDOWS\PIF
2008-11-12 22:51:20 0 d-------- C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-11-12 22:51:12 50688 --a------ C:\WINDOWS\system32\wbhelp2.dll <Not Verified; Stardock.Net, Inc; WindowBlinds for Win32 x86 machines>
2008-11-12 22:51:07 0 d-------- C:\Program Files\DAP
2008-11-06 11:05:22 0 d-------- C:\Program Files\Boilsoft Video Joiner
2008-11-02 19:04:08 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-11-01 21:39:48 0 d--h---c- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2008-11-01 21:31:43 0 d-------- C:\fsaua.data
2008-10-30 20:39:36 2031 --a------ C:\WINDOWS\system32\%LocalXml%
2008-10-30 19:58:05 0 d-------- C:\Program Files\Mozilla FirefoxPlugins
2008-10-29 22:05:25 0 d-------- C:\Documents and Settings\User\Application Data\DivX
2008-10-29 16:48:51 66048 --a------ C:\WINDOWS\ieResetIcons.exe <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2008-10-29 16:36:29 0 d-------- C:\WINDOWS\system32\ar-sa
2008-10-29 00:18:22 0 d-------- C:\Documents and Settings\User\Application Data\Adobe
2008-10-28 23:54:15 0 d-------- C:\Documents and Settings\User\Application Data\ONSPEED_TOOLBAR
2008-10-28 23:54:12 0 d-------- C:\Program Files\onspeed_toolbar
2008-10-28 23:42:15 114688 --a------ C:\WINDOWS\sliprt.dll <Not Verified; SlipStream Data Inc.; SlipStream Engine>
2008-10-28 22:55:56 0 d-------- C:\Documents and Settings\User\Application Data\SlipStream
2008-10-23 21:19:14 0 d-------- C:\WINDOWS\pss
-- Find3M Report ---------------------------------------------------------------
2008-11-21 14:18:18 0 d-------- C:\Documents and Settings\User\Application Data\DMCache
2008-11-20 12:26:52 251946 --a------ C:\WINDOWS\system32\perfh001.dat
2008-11-20 12:26:52 40316 --a------ C:\WINDOWS\system32\perfc001.dat
2008-11-20 11:26:27 0 d-------- C:\Program Files\Common Files\delet
2008-11-19 17:30:31 0 d-------- C:\Program Files\al-hora
2008-11-18 22:36:34 0 d-------- C:\Program Files\Windows NT
2008-11-18 22:36:28 0 d-------- C:\Program Files\Movie Maker
2008-11-18 22:35:24 0 d-------- C:\Program Files\Messenger
2008-11-18 22:00:08 250048 -rahs---- C:\ntldr
2008-11-16 17:22:41 0 d-------- C:\Documents and Settings\User\Application Data\Thinstall
2008-11-12 00:10:07 0 d-------- C:\Documents and Settings\User\Application Data\IDM
2008-10-31 22:45:28 0 d-------- C:\Program Files\Messenger Plus! Live
2008-10-30 19:58:06 0 d-------- C:\Program Files\Browster
2008-10-29 10:00:19 0 d-------- C:\Documents and Settings\User\Application Data\Real
2008-10-28 23:36:19 0 d-------- C:\Documents and Settings\User\Application Data\Orbit
2008-10-17 00:13:58 0 d-------- C:\Program Files\Plustech Inc
2008-10-15 19:32:30 0 d-------- C:\Program Files\Rapid Hacker
2008-10-14 17:44:44 0 d-------- C:\Program Files\Internet Download Manager
2008-10-10 15:23:26 0 d-------- C:\Program Files\ma-config.com
2008-10-09 01:14:38 0 d-------- C:\Program Files\MSXML 4.0
2008-10-08 22:48:21 720896 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-10-06 21:23:49 396288 --a------ C:\HijackThis.exe <Not Verified; Trend Micro Inc.; HijackThis>
2008-10-05 22:23:25 0 d-------- C:\Program Files\Common Files
2008-10-05 22:23:25 0 d-------- C:\Program Files\Common Files\xing shared
2008-10-05 22:23:19 0 d-------- C:\Program Files\Common Files\Real
2008-10-02 22:11:00 0 d-------- C:\Program Files\Sun
2008-10-02 22:10:22 0 d-------- C:\Program Files\Java
2008-09-30 18:12:40 0 --a------ C:\WINDOWS\nsreg.dat
2008-09-29 01:29:22 0 d-------- C:\Documents and Settings\User\Application Data\GrabPro
2008-09-08 19:31:26 62 --ahs---- C:\Documents and Settings\User\Application Data\desktop.ini
2008-09-08 16:40:52 0 -rahs---- C:\MSDOS.SYS
2008-09-08 16:40:52 0 -rahs---- C:\IO.SYS
2008-09-08 16:40:52 0 --a------ C:\CONFIG.SYS
2008-09-08 16:40:52 0 --a------ C:\AUTOEXEC.BAT
2008-09-08 16:37:23 22144 --a------ C:\WINDOWS\system32\emptyregdb.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{0AFADFDA-1497-4DD8-A043-B31D28EE8715}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{3633036F-0620-4363-8614-FCB0901F1B40}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{40b33abf-0fd8-4675-b902-fe1be8863436}]
C:\Program Files\eree\tberee.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
07/29/2008 08:21 PM 62728 --a------ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{BE678A1F-8FC3-42CA-906F-AC7003C53314}]
09/23/2008 02:19 PM 2485760 --a------ C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{378BD826-01E2-4CB1-8D71-57E829D3EEE3}"= C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll [09/23/2008 02:19 PM 2485760]
"{40B33ABF-0FD8-4675-B902-FE1BE8863436}"= C:\Program Files\eree\tberee.dll [ ]
"{6226BA26-C017-4007-928C-DE9715C6FA67}"= C:\Program Files\al-hora\al-hora Toolbar\al-hora.dll [09/23/2008 02:19 PM 2485760]
[-HKEY_CLASSES_ROOT\CLSID\{378BD826-01E2-4CB1-8D71-57E829D3EEE3}]
[HKEY_CLASSES_ROOT\TBSB09374.TBSB09374.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB09374.TBSB09374]
[-HKEY_CLASSES_ROOT\CLSID\{40B33ABF-0FD8-4675-B902-FE1BE8863436}]
[-HKEY_CLASSES_ROOT\CLSID\{6226BA26-C017-4007-928C-DE9715C6FA67}]
[HKEY_CLASSES_ROOT\TBSB02132.TBSB02132.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB02132.TBSB02132]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [07/29/2008 08:20 PM]
"AGRSMMSG"="AGRSMMSG.exe" [12/22/2004 11:10 AM C:\WINDOWS\agrsmmsg.exe]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/05/2008 10:22 PM]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [08/04/2004 03:56 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/04/2004 01:09 AM]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [08/16/2007 04:19 PM]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [07/15/2008 08:39 AM]
"DownloadAccelerator"="C:\Program Files\DAP\DAP.exe" [11/12/2008 10:51 PM]
C:\Documents and Settings\All Users\çںê، ں§ڑ\ںé©ںê¤\§ک ں颬نïé\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [22/03/2005 09:44:36 ê]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ClearRecentDocsOnExit"=1 (0x1)
"DisallowRun"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\DisallowRun]
"FolderSniffer"=FolderSniffer.exe
"IceSword"=IceSword.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^ONSPEED.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\ONSPEED.lnk
backup=C:\WINDOWS\pss\ONSPEED.lnkCommon Startup
-- End of Deckard's System Scanner: finished at 2008-11-21 14:54:41 ------------
