1. إستبعاد الملاحظة
  2. الإدارة العامة

    صفحة منتديات زيزووم للأمن والحماية

  3. الإدارة العامة

    الصفحة الرسمية لمنتديات زيزووم للأمن والحماية الفيس بوك

  4. الإدارة العامة

    الصفحة الرسمية لمنتديات زيزووم للأمن والحماية التلكرام

ابغى حل للمشاكل اللي بالجهازي

الموضوع في 'منتدى مشاكـل وحلول الحـاسب' بواسطة حسووونه, بتاريخ ‏ديسمبر 13, 2008.

  1. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7


    حملت اليربلير وكان فيه فايروس
    tazebama.dl_ وبعد كذا
    بديت المشاكل مره يطفى الجهاز ويشتغل
    من جديد وكل محمل اي شي تطلع لي
    لائحه تحتوي انه يوجد خلل في
    tazebama.dl_ هذه الفايرس
    خلا عندي كل ملف دخله ملف مثله
    مثالآ ملف الملفات المتلقاة
    داخله ملف اسمه الملفات المتلقاة
    واذا فتحته تطلع لائحه حقة الملف
    على جانب وهذي المشكله الاول
    اماالمشكله الثانيه يكون فيه خلل بمتصفح
    تطلع لي لائحه كل ما افتح الجهاز
    واثناء التصفح للانترنت
    تطلع يوجد خلل
    Internet Explorer
    ويسكر عندي بعد الصفحات حق
    الانترنت
    وغير كذاانا ما عندي برنامج
    حمايه للجهازي
    ياليت ترشدوني لي للحل
    واكون شاكره لك
     
  2. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    (1)
    عطل جميع برامج الحماية ,,
    وحمل هذه الاداة واحفظها على سطح المكتب
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
    بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
    انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
    وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
    انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
    (2)
    واعمل تقرير للهايجاك
    http://www.zyzoom.net/soft/security/...HijackThis.exe
    اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
    لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
     
    آخر تعديل بواسطة المشرف: ‏مايو 12, 2014
  3. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    هذا اللي طلع عندي وش اسوي بعد كذا
    ComboFix 08-12-12.05 - wafaa 2008-12-13 22:33:51.2 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.1014.637 [GMT 3:00]
    Running from: d:\downloads\Programs\ComboFix.exe
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    C:\autorun.inf
    c:\documents and settings\wafaa\Application Data\tazebama
    c:\documents and settings\wafaa\Application Data\tazebama\zPharaoh.dat
    C:\zPharaoh.exe
    D:\Autorun.inf
    d:\recycler\Office2003 CD-Key.doc.exe
    d:\recycler\RECYCLER .exe
    D:\zPharaoh.exe
    E:\autorun.inf
    e:\recycler\NokiaN73Tools.exe
    e:\recycler\RECYCLER .exe
    E:\zPharaoh.exe
    .
    ---- Previous Run -------
    .
    C:\Autorun.inf
    c:\documents and settings\wafaa\Application Data\tazebama
    c:\documents and settings\wafaa\Application Data\tazebama\tazebama.log
    c:\documents and settings\wafaa\Application Data\tazebama\zPharaoh.dat
    c:\program files\FunWebProducts
    c:\program files\FunWebProducts\Installr\2.bin\F3EZSETP.DLL
    c:\program files\IEToolbar
    c:\program files\IEToolbar\Maktoob ToolBar\as7ab.ico
    c:\program files\IEToolbar\Maktoob ToolBar\basis.xml
    c:\program files\IEToolbar\Maktoob ToolBar\bent-el7alal.ico
    c:\program files\IEToolbar\Maktoob ToolBar\blogs.ico
    c:\program files\IEToolbar\Maktoob ToolBar\business.ico
    c:\program files\IEToolbar\Maktoob ToolBar\cars.ico
    c:\program files\IEToolbar\Maktoob ToolBar\chat.ico
    c:\program files\IEToolbar\Maktoob ToolBar\clippat.ico
    c:\program files\IEToolbar\Maktoob ToolBar\description.jpg
    c:\program files\IEToolbar\Maktoob ToolBar\email.ico
    c:\program files\IEToolbar\Maktoob ToolBar\favorites.ico
    c:\program files\IEToolbar\Maktoob ToolBar\flash-games.ico
    c:\program files\IEToolbar\Maktoob ToolBar\games-main.ico
    c:\program files\IEToolbar\Maktoob ToolBar\girls-games.ico
    c:\program files\IEToolbar\Maktoob ToolBar\icons.bmp
    c:\program files\IEToolbar\Maktoob ToolBar\icons.bmp_16.bmp
    c:\program files\IEToolbar\Maktoob ToolBar\icons.bmp_24.bmp
    c:\program files\IEToolbar\Maktoob ToolBar\info.txt
    c:\program files\IEToolbar\Maktoob ToolBar\jokes.ico
    c:\program files\IEToolbar\Maktoob ToolBar\logo.bmp
    c:\program files\IEToolbar\Maktoob ToolBar\Maktoob-channels.ico
    c:\program files\IEToolbar\Maktoob ToolBar\Maktoob-logo.ico
    c:\program files\IEToolbar\Maktoob ToolBar\maktoobToolBar_RC2.crc
    c:\program files\IEToolbar\Maktoob ToolBar\maktoobToolBar_RC2.dll
    c:\program files\IEToolbar\Maktoob ToolBar\Master.bmp
    c:\program files\IEToolbar\Maktoob ToolBar\new-game.ico
    c:\program files\IEToolbar\Maktoob ToolBar\news.ico
    c:\program files\IEToolbar\Maktoob ToolBar\sports.ico
    c:\program files\IEToolbar\Maktoob ToolBar\stub.xml
    c:\program files\IEToolbar\Maktoob ToolBar\tbhelper.dll
    c:\program files\IEToolbar\Maktoob ToolBar\tbs_include_script_001578.js
    c:\program files\IEToolbar\Maktoob ToolBar\uninstall.exe
    c:\program files\IEToolbar\Maktoob ToolBar\update.exe
    c:\program files\IEToolbar\Maktoob ToolBar\version.txt
    c:\program files\IEToolbar\Maktoob ToolBar\women.ico
    c:\program files\IEToolbar\Maktoob ToolBar\your_logo.png
    c:\windows\system32\agsaame.dll
    c:\windows\system32\ALOAudioFile2.dll
    c:\windows\system32\ALOAVIFile.dll
    c:\windows\system32\ALOQuickTimeFile.dll
    c:\windows\system32\ALOVideoCoreM.dll
    c:\windows\system32\ALOWMAFile2.dll
    c:\windows\system32\ff_vfw.dll
    c:\windows\system32\kakle.dll
    c:\windows\system32\lame_enc.dll
    c:\windows\system32\svshost.dll
    c:\windows\system32\wininet.exe
    c:\windows\system32\winitn.dll
    C:\zPharaoh.exe
    D:\Autorun.inf
    d:\recycler\InstallMSN11Ar.exe
    d:\recycler\RECYCLER .exe
    D:\zPharaoh.exe
    E:\Autorun.inf
    e:\recycler\RECYCLER .exe
    e:\recycler\Win98compatibleXP.exe
    E:\zPharaoh.exe
    .
    ((((((((((((((((((((((((( Files Created from 2008-11-13 to 2008-12-13 )))))))))))))))))))))))))))))))
    .
    2008-12-13 22:37 . 2008-12-13 22:38 <DIR> d-------- c:\documents and settings\wafaa\Application Data\tazebama
    2008-12-13 22:37 . 2008-12-13 22:38 155,121 -r-hs---- C:\zPharaoh.exe
    2008-12-13 22:34 . 2008-12-13 22:38 126 -r-hs---- C:\autorun.inf
    2008-12-13 18:35 . 2008-12-13 18:35 <DIR> d-------- c:\program files\Riva
    2008-12-13 18:35 . 2008-12-13 18:35 <DIR> d-------- c:\program files\Common Files\SWF Studio
    2008-12-13 17:51 . 2008-12-13 17:58 <DIR> d-------- c:\program files\Alex Gordon
    2008-12-12 17:23 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Flood Light Games
    2008-12-12 17:23 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Flood Light Games
    2008-12-12 01:59 . 2008-12-12 01:59 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Games
    2008-12-12 00:45 . 2008-12-12 00:45 <DIR> d-------- c:\documents and settings\wafaa\Application Data\URSE Games
    2008-12-11 23:44 . 2008-12-11 23:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\FlyWheelGames
    2008-12-11 23:41 . 2008-12-13 17:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\AlawarGameBox
    2008-12-11 18:36 . 2008-12-11 18:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\SlapdashGames
    2008-12-11 17:48 . 2008-12-11 18:40 <DIR> d-------- c:\program files\PlayFirst
    2008-12-11 16:36 . 2008-12-11 16:36 <DIR> d-------- c:\program files\Saree PC Cleaner 2
    2008-12-10 16:33 . 2008-12-10 16:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trymedia
    2008-12-10 16:30 . 2008-12-10 16:30 <DIR> d-------- c:\program files\Luxor 2
    2008-12-10 16:02 . 2008-12-10 16:02 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Shape games
    2008-12-10 15:37 . 2008-12-10 15:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\ERS G-Studio
    2008-12-10 15:02 . 2008-12-10 15:02 <DIR> d-------- c:\program files\bfgclient
    2008-12-10 15:00 . 2008-12-10 16:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
    2008-12-10 14:55 . 2008-12-10 14:55 <DIR> d-------- c:\program files\RealArcade
    2008-12-06 23:28 . 2008-12-06 23:39 <DIR> d-------- c:\program files\Ontrack
    2008-12-06 21:33 . 2008-12-06 21:33 <DIR> d-------- c:\documents and settings\SYSTEM
    2008-12-06 18:21 . 2008-12-06 18:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Astar Games
    2008-12-06 16:57 . 2008-12-06 16:57 <DIR> d-------- c:\documents and settings\wafaa\Application Data\GamesCafe
    2008-12-06 02:44 . 2008-12-06 02:44 268 --ah----- C:\sqmdata06.sqm
    2008-12-06 02:44 . 2008-12-06 02:44 244 --ah----- C:\sqmnoopt06.sqm
    2008-12-05 22:53 . 2008-12-05 22:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\GameHouse
    2008-12-05 22:30 . 2008-12-05 22:30 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Friday's games
    2008-12-05 00:18 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\wafaa\Saved Games
    2008-12-05 00:17 . 2008-12-07 12:14 <DIR> d-------- c:\program files\Zylom Games
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Zylom
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\wafaa\Application Data\iWin
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Zylom
    2008-12-04 18:16 . 2008-12-06 00:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
    2008-12-04 01:05 . 2008-12-04 01:05 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Alawar
    2008-12-04 00:17 . 2008-12-04 00:18 <DIR> d-------- c:\documents and settings\wafaa\Application Data\SecretIslandEng
    2008-12-02 17:09 . 2008-12-13 22:38 154,751 --a------ c:\documents and settings\hook.dl_
    2008-12-02 15:24 . 2008-12-02 15:24 <DIR> d-------- c:\program files\Common Files\xing shared
    2008-12-02 14:21 . 2008-12-13 22:37 154,751 --a------ c:\documents and settings\tazebama.dl_
    2008-12-02 14:21 . 2008-12-13 22:37 32,768 --a------ c:\documents and settings\tazebama.dll
    2008-12-01 13:14 . 2003-11-04 15:11 159,744 --a------ c:\windows\system32\lfpng13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 462,848 --a------ c:\windows\system32\ltkrn13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 450,560 --a------ c:\windows\system32\ltimg13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 401,408 --a------ c:\windows\system32\lfcmp13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 299,008 --a------ c:\windows\system32\ltdis13n.dll
    2008-12-01 13:13 . 2004-01-12 02:09 206,336 --a------ c:\windows\system32\ltefx13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 163,840 --a------ c:\windows\system32\ltfil13n.dll
    2008-12-01 13:13 . 2003-11-04 15:10 69,632 --a------ c:\windows\system32\lfgif13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 57,344 --a------ c:\windows\system32\lfbmp13n.dll
    2008-11-27 15:50 . 2008-11-27 17:25 <DIR> d-a------ c:\program files\Al Muhaddith
    2008-11-27 15:50 . 2008-11-27 17:25 <DIR> d-a------ C:\HAD
    2008-11-25 20:36 . 2008-11-25 20:37 <DIR> d-------- c:\windows\system32\REALTEK PCI&Cardbus Wireless LAN Driver and Utility
    2008-11-25 20:36 . 2008-11-25 20:50 <DIR> d-------- c:\program files\REALTEK PCI&Cardbus Wireless LAN Driver and Utility
    2008-11-25 20:36 . 2007-02-01 10:36 306,560 -r------- c:\windows\system32\drivers\rtl8185.sys
    2008-11-25 20:36 . 2006-11-15 16:23 38,144 --a------ c:\windows\system32\drivers\EAPPkt.sys
    2008-11-25 12:52 . 2008-11-25 12:52 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Media Player Classic
    2008-11-25 12:48 . 2008-11-25 12:48 <DIR> d-------- c:\program files\K-Lite Codec Pack
    2008-11-25 12:48 . 2008-11-25 12:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
    2008-11-25 12:48 . 2007-01-20 21:26 1,565,480 --a------ c:\windows\system32\wmv9vcm.dll
    2008-11-25 12:48 . 2006-11-01 14:52 765,952 --a------ c:\windows\system32\xvidcore.dll
    2008-11-25 12:48 . 2004-01-25 18:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
    2008-11-25 12:48 . 2006-11-01 14:54 180,224 --a------ c:\windows\system32\xvidvfw.dll
    2008-11-25 12:48 . 2006-05-13 23:16 118,784 --a------ c:\windows\system32\ac3acm.acm
    2008-11-25 12:48 . 2007-02-16 10:54 65,536 --a------ c:\windows\system32\QuickTimeVR.qtx
    2008-11-25 12:48 . 2007-02-16 10:54 49,152 --a------ c:\windows\system32\QuickTime.qts
    2008-11-25 12:48 . 2005-02-24 18:56 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
    2008-11-24 20:04 . 2008-11-24 20:04 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Talkback
    2008-11-24 20:04 . 2008-11-24 20:04 0 --a------ c:\windows\nsreg.dat
    2008-11-22 13:40 . 2008-11-22 13:40 <DIR> d-------- c:\program files\h
    2008-11-22 00:18 . 2008-11-22 00:18 <DIR> d-------- c:\program files\tray download live
    2008-11-21 12:35 . 2008-11-21 12:35 268 --ah----- C:\sqmdata05.sqm
    2008-11-21 12:35 . 2008-11-21 12:35 244 --ah----- C:\sqmnoopt05.sqm
    2008-11-21 12:27 . 2008-11-21 12:27 <DIR> d-------- c:\documents and settings\wafaa\Application Data\dvdcss
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-12-13 19:34 --------- d-----w c:\documents and settings\wafaa\Application Data\DMCache
    2008-12-13 14:29 --------- d-----w c:\documents and settings\All Users\Application Data\AlawarWrapper
    2008-12-11 23:49 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
    2008-12-11 20:41 --------- d-----w c:\program files\Alawar
    2008-12-11 15:41 --------- d-----w c:\documents and settings\wafaa\Application Data\Playfirst
    2008-12-11 11:30 --------- d-----w c:\program files\Golden Al-Wafi Translator
    2008-12-10 13:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2008-12-08 19:45 --------- d-----w c:\program files\REALTEK RTL8187 Wireless LAN Driver and Utility
    2008-12-08 19:45 --------- d-----w c:\program files\Common Files\InstallShield
    2008-12-06 23:51 925,039 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
    2008-12-06 23:51 314,735 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
    2008-12-06 20:45 --------- d-----w c:\program files\Smiley Arcade
    2008-12-06 20:39 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-12-03 20:16 --------- d-----w c:\documents and settings\All Users\Application Data\Alawar Stargaze
    2008-12-02 13:47 --------- d-----w c:\program files\Yahoo!
    2008-12-02 13:16 229,743 -c--a-w c:\windows\ST6UNST.EXE
    2008-12-02 12:24 --------- d-----w c:\program files\Common Files\Real
    2008-12-02 11:51 --------- d-----w c:\documents and settings\wafaa\Application Data\IDM
    2008-12-02 10:41 499,712 ----a-w c:\windows\system32\msvcp71.dll
    2008-12-02 10:41 348,160 ----a-w c:\windows\system32\msvcr71.dll
    2008-11-28 10:47 --------- d-----w c:\documents and settings\wafaa\Application Data\vlc
    2008-11-27 12:43 155,995 ----a-w c:\windows\java\Packages\TN1VBF5Z.ZIP
    2008-11-25 17:41 --------- d-----w c:\program files\Atheros
    2008-11-21 21:20 --------- d-----w c:\documents and settings\wafaa\Application Data\tray download live
    2008-11-21 21:19 --------- d-----w c:\documents and settings\All Users\Application Data\Trans Once Mess Frag
    2008-11-08 20:53 --------- d-----w c:\program files\VideoLAN
    2008-11-07 18:24 --------- d-----w c:\program files\eTeSoft Video Converter
    2008-10-31 00:06 --------- d-----w c:\program files\DivX
    2008-10-31 00:02 --------- d-----w c:\documents and settings\wafaa\Application Data\Yahoo!
    2008-10-26 10:05 --------- d-----w c:\program files\Internet Download Manager
    2008-10-25 00:49 --------- d-----w c:\program files\BitComet
    2008-10-24 00:17 --------- d-----w c:\program files\MSN Messenger
    2008-10-24 00:17 --------- d-----w c:\program files\Messenger Plus! Live
    2008-10-23 23:51 --------- d-----w c:\program files\Kaspersky Lab
    2008-10-23 21:44 --------- d-----w c:\documents and settings\wafaa\Application Data\Nokia Multimedia Player
    2008-10-23 21:42 --------- d-----w c:\documents and settings\wafaa\Application Data\PC Suite
    2008-10-22 20:26 --------- d-----w c:\program files\Turtix
    2008-10-22 15:20 --------- d-----w c:\program files\MessengerDiscovery
    2008-10-15 11:24 --------- d-----w c:\documents and settings\wafaa\Application Data\PetShowCraze
    2008-10-15 11:22 --------- d-----w c:\program files\Mobily Connect Card
    2008-09-16 00:12 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IDMan"="e:\important program c?? c?e?c??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMan.exe" [?]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
    "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2008-12-06 5830879]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-19 68856]
    "Bend List"="c:\docume~1\wafaa\APPLIC~1\TRAYDO~1\LiteSupportMix.exe" [2008-12-02 683375]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-12-02 1824111]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-12-02 1393519]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-30 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-30 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-30 137752]
    "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
    "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2008-12-02 427887]
    "ACU"="c:\program files\Atheros\ACU.exe" [2008-12-02 459631]
    "mess frag body that"="c:\documents and settings\All Users\Application Data\Trans Once Mess Frag\Win name.exe" [2008-12-02 3126127]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-02 185896]
    "SigmatelSysTrayApp"="stsystra.exe" [2007-05-06 c:\windows\stsystra.exe]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 c:\windows\system32\bthprops.cpl]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
    "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-12-06 1397615]
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-09-11 270191]
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-05-17 724703]
    Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-09-11 207215]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "25075:TCP"= 25075:TCP:BitComet 25075 TCP
    "25075:UDP"= 25075:UDP:BitComet 25075 UDP
    "23044:TCP"= 23044:TCP:BitComet 23044 TCP
    "23044:UDP"= 23044:UDP:BitComet 23044 UDP
    R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2008-11-25 38144]
    S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2008-10-05 194304]
    S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys []
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c9c6d62-9715-11dd-8206-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c9c6d66-9715-11dd-8206-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{773c9df6-9723-11dd-8209-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{773c9df7-9723-11dd-8209-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47706-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47707-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47708-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    .
    s of the 'Scheduled Tasks' folder
    2008-12-13 c:\windows\Tasks\A20DA4A7918A5A63.job
    - c:\docume~1\wafaa\applic~1\traydo~1\Wait Soft Curb.exe [2008-12-02 14:44]
    .
    - - - - ORPHANS REMOVED - - - -
    BHO-{E8D2C90E-C25C-4DFE-8681-F4DDF9190547} - c:\program files\IEToolbar\Maktoob ToolBar\maktoobToolBar_RC2.dll
    Toolbar-{2105CE2D-249D-4B0E-9619-CB91B00101F0} - c:\program files\IEToolbar\Maktoob ToolBar\maktoobToolBar_RC2.dll
    WebBrowser-{2105CE2D-249D-4B0E-9619-CB91B00101F0} - c:\program files\IEToolbar\Maktoob ToolBar\maktoobToolBar_RC2.dll

    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.ae/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://www.yahoo.com
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
    IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
    IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
    IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Download all links with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetAll.htm
    IE: Download FLV video with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetVL.htm
    IE: Download with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEExt.htm
    IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
    .
    **************************************************************************
    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-13 22:37:57
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files: 0
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    - - - - - - - > 'winlogon.exe'(972)
    c:\windows\system32\athgina.dll
    c:\windows\system32\athcfg11.dll
    c:\windows\system32\athcfg11Res.dll
    - - - - - - - > 'explorer.exe'(2156)
    c:\windows\system32\btmmhook.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\windows\system32\acs.exe
    c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
    c:\documents and settings\tazebama.dl_
    c:\windows\system32\igfxsrvc.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Internet Explorer\iexplore.exe
    c:\windows\system32\dwwin.exe
    c:\program files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    c:\program files\PC Connectivity Solution\ServiceLayer.exe
    c:\program files\PC Connectivity Solution\NclBTHandler.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2008-12-13 22:39:41 - machine was rebooted [wafaa]
    ComboFix-quarantined-files.txt 2008-12-13 19:39:36
    Pre-Run: 29,786,968,064 bytes free
    Post-Run: 29,730,713,600 bytes free
    344
     
  4. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    هذا رقم(2 )واللي قبل رقم( 1)
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:44:25 PM, on 12/13/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Documents and Settings\tazebama.dl_
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\dwwin.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    E:\important Program اهم البرامج\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMan.exe
    D:\Downloads\Programs\Zyzoom_HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ae/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMIECC.dll (file missing)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [mess frag body that] C:\Documents and Settings\All Users\Application Data\Trans Once Mess Frag\Win name.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Bend List] C:\DOCUME~1\wafaa\APPLIC~1\TRAYDO~1\LiteSupportMix.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [IDMan] E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMan.exe /onboot
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Download all links with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEExt.htm
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: E?E - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    --
    End of file - 8050 bytes
     
  5. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    السلام عليكم ورحمته الله وبركاته
    اخوي فارس الملاك انا سويت
    زي ماقلت الحين وش اسوي
    تراي اعليميه ياليت تشرح بتفصيل
    اذا كان فيه خطوه ثانيه
    وشاكره لك تعاونك معي
     
  6. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7

    جاري تحليل التقرير
     
  7. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7

    احذفي هالقيم

    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMIECC.dll (file missing)

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O4 - HKLM\..\Run: [mess frag body that] C:\Documents and Settings\All Users\Application Data\Trans Once Mess Frag\Win name.exe

    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

    O4 - HKCU\..\Run: [Bend List] C:\DOCUME~1\wafaa\APPLIC~1\TRAYDO~1\LiteSupportMix .exe

    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab



    طريقة الحذف




    [​IMG]





    [​IMG]






    استخدم هذه الاداة للتنظيف


    http://www.atribune.org/ccount/click.php?id=1

    [​IMG]





    وبعدها اعملي اعادة تشغيل




    وسوي تقارير من جديد




    (1)

    عطل جميع برامج الحماية ,,
    وحمل هذه الاداة واحفظها على سطح المكتب
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
    بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
    انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
    وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
    انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
    (2)
    واعمل تقرير للهايجاك
    http://www.zyzoom.net/soft/security/...HijackThis.exe
    اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log


    لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
     
    آخر تعديل بواسطة المشرف: ‏مايو 12, 2014
  8. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    مشكوررررررررر
    الله يعطيك العافيه
     
  9. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7

    ترى للحين ماخلصنا >>>>>>>>> للعلم فقط
     
  10. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    هذا اللي طلع
    ComboFix 08-12-12.05 - wafaa 2008-12-13 23:42:32.4 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.1014.640 [GMT 3:00]
    Running from: d:\downloads\Programs\ComboFix.exe
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    C:\autorun.inf
    c:\documents and settings\wafaa\Application Data\tazebama
    c:\documents and settings\wafaa\Application Data\tazebama\tazebama.log
    c:\documents and settings\wafaa\Application Data\tazebama\zPharaoh.dat
    C:\zPharaoh.exe
    D:\autorun.inf
    d:\recycler\NokiaN73Tools.exe
    d:\recycler\RECYCLER .exe
    D:\zPharaoh.exe
    E:\Autorun.inf
    e:\recycler\RECYCLER .exe
    e:\recycler\WinrRarSerialInstall.exe
    E:\zPharaoh.exe
    .
    ---- Previous Run -------
    .
    C:\autorun.inf
    c:\documents and settings\wafaa\Application Data\tazebama
    c:\documents and settings\wafaa\Application Data\tazebama\tazebama.log
    c:\documents and settings\wafaa\Application Data\tazebama\zPharaoh.dat
    C:\zPharaoh.exe
    D:\Autorun.inf
    d:\recycler\RECYCLER .exe
    d:\recycler\WinrRarSerialInstall.exe
    D:\zPharaoh.exe
    E:\Autorun.inf
    e:\recycler\RECYCLER .exe
    e:\recycler\WinrRarSerialInstall.exe
    E:\zPharaoh.exe
    .
    ((((((((((((((((((((((((( Files Created from 2008-11-13 to 2008-12-13 )))))))))))))))))))))))))))))))
    .
    2008-12-13 23:46 . 2008-12-13 23:47 <DIR> d-------- c:\documents and settings\wafaa\Application Data\tazebama
    2008-12-13 23:46 . 2008-12-13 23:47 155,341 -r-hs---- C:\zPharaoh.exe
    2008-12-13 23:46 . 2008-12-13 23:47 126 -r-hs---- C:\autorun.inf
    2008-12-13 18:35 . 2008-12-13 18:35 <DIR> d-------- c:\program files\Riva
    2008-12-13 18:35 . 2008-12-13 18:35 <DIR> d-------- c:\program files\Common Files\SWF Studio
    2008-12-13 17:51 . 2008-12-13 17:58 <DIR> d-------- c:\program files\Alex Gordon
    2008-12-12 17:23 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Flood Light Games
    2008-12-12 17:23 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\Flood Light Games
    2008-12-12 01:59 . 2008-12-12 01:59 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Games
    2008-12-12 00:45 . 2008-12-12 00:45 <DIR> d-------- c:\documents and settings\wafaa\Application Data\URSE Games
    2008-12-11 23:44 . 2008-12-11 23:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\FlyWheelGames
    2008-12-11 23:41 . 2008-12-13 17:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\AlawarGameBox
    2008-12-11 18:36 . 2008-12-11 18:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\SlapdashGames
    2008-12-11 17:48 . 2008-12-11 18:40 <DIR> d-------- c:\program files\PlayFirst
    2008-12-11 16:36 . 2008-12-11 16:36 <DIR> d-------- c:\program files\Saree PC Cleaner 2
    2008-12-10 16:33 . 2008-12-10 16:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Trymedia
    2008-12-10 16:30 . 2008-12-10 16:30 <DIR> d-------- c:\program files\Luxor 2
    2008-12-10 16:02 . 2008-12-10 16:02 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Shape games
    2008-12-10 15:37 . 2008-12-10 15:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\ERS G-Studio
    2008-12-10 15:02 . 2008-12-10 15:02 <DIR> d-------- c:\program files\bfgclient
    2008-12-10 15:00 . 2008-12-10 16:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\BigFishGamesCache
    2008-12-10 14:55 . 2008-12-10 14:55 <DIR> d-------- c:\program files\RealArcade
    2008-12-06 23:28 . 2008-12-06 23:39 <DIR> d-------- c:\program files\Ontrack
    2008-12-06 21:33 . 2008-12-06 21:33 <DIR> d-------- c:\documents and settings\SYSTEM
    2008-12-06 18:21 . 2008-12-06 18:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Astar Games
    2008-12-06 16:57 . 2008-12-06 16:57 <DIR> d-------- c:\documents and settings\wafaa\Application Data\GamesCafe
    2008-12-06 02:44 . 2008-12-06 02:44 268 --ah----- C:\sqmdata06.sqm
    2008-12-06 02:44 . 2008-12-06 02:44 244 --ah----- C:\sqmnoopt06.sqm
    2008-12-05 22:53 . 2008-12-05 22:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\GameHouse
    2008-12-05 22:30 . 2008-12-05 22:30 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Friday's games
    2008-12-05 00:18 . 2008-12-12 17:23 <DIR> d-------- c:\documents and settings\wafaa\Saved Games
    2008-12-05 00:17 . 2008-12-07 12:14 <DIR> d-------- c:\program files\Zylom Games
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Zylom
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\wafaa\Application Data\iWin
    2008-12-05 00:17 . 2008-12-05 00:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Zylom
    2008-12-04 18:16 . 2008-12-06 00:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Fugazo
    2008-12-04 01:05 . 2008-12-04 01:05 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Alawar
    2008-12-04 00:17 . 2008-12-04 00:18 <DIR> d-------- c:\documents and settings\wafaa\Application Data\SecretIslandEng
    2008-12-02 17:09 . 2008-12-13 23:46 154,751 --a------ c:\documents and settings\hook.dl_
    2008-12-02 15:24 . 2008-12-02 15:24 <DIR> d-------- c:\program files\Common Files\xing shared
    2008-12-02 14:21 . 2008-12-13 23:46 154,751 --a------ c:\documents and settings\tazebama.dl_
    2008-12-02 14:21 . 2008-12-13 23:46 32,768 --a------ c:\documents and settings\tazebama.dll
    2008-12-01 13:14 . 2003-11-04 15:11 159,744 --a------ c:\windows\system32\lfpng13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 462,848 --a------ c:\windows\system32\ltkrn13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 450,560 --a------ c:\windows\system32\ltimg13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 401,408 --a------ c:\windows\system32\lfcmp13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 299,008 --a------ c:\windows\system32\ltdis13n.dll
    2008-12-01 13:13 . 2004-01-12 02:09 206,336 --a------ c:\windows\system32\ltefx13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 163,840 --a------ c:\windows\system32\ltfil13n.dll
    2008-12-01 13:13 . 2003-11-04 15:10 69,632 --a------ c:\windows\system32\lfgif13n.dll
    2008-12-01 13:13 . 2004-05-14 16:53 57,344 --a------ c:\windows\system32\lfbmp13n.dll
    2008-11-27 15:50 . 2008-11-27 17:25 <DIR> d-a------ c:\program files\Al Muhaddith
    2008-11-27 15:50 . 2008-11-27 17:25 <DIR> d-a------ C:\HAD
    2008-11-25 20:36 . 2008-11-25 20:37 <DIR> d-------- c:\windows\system32\REALTEK PCI&Cardbus Wireless LAN Driver and Utility
    2008-11-25 20:36 . 2008-11-25 20:50 <DIR> d-------- c:\program files\REALTEK PCI&Cardbus Wireless LAN Driver and Utility
    2008-11-25 20:36 . 2007-02-01 10:36 306,560 -r------- c:\windows\system32\drivers\rtl8185.sys
    2008-11-25 20:36 . 2006-11-15 16:23 38,144 --a------ c:\windows\system32\drivers\EAPPkt.sys
    2008-11-25 12:52 . 2008-11-25 12:52 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Media Player Classic
    2008-11-25 12:48 . 2008-11-25 12:48 <DIR> d-------- c:\program files\K-Lite Codec Pack
    2008-11-25 12:48 . 2008-11-25 12:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
    2008-11-25 12:48 . 2007-01-20 21:26 1,565,480 --a------ c:\windows\system32\wmv9vcm.dll
    2008-11-25 12:48 . 2006-11-01 14:52 765,952 --a------ c:\windows\system32\xvidcore.dll
    2008-11-25 12:48 . 2004-01-25 18:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
    2008-11-25 12:48 . 2006-11-01 14:54 180,224 --a------ c:\windows\system32\xvidvfw.dll
    2008-11-25 12:48 . 2006-05-13 23:16 118,784 --a------ c:\windows\system32\ac3acm.acm
    2008-11-25 12:48 . 2007-02-16 10:54 65,536 --a------ c:\windows\system32\QuickTimeVR.qtx
    2008-11-25 12:48 . 2007-02-16 10:54 49,152 --a------ c:\windows\system32\QuickTime.qts
    2008-11-25 12:48 . 2005-02-24 18:56 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
    2008-11-24 20:04 . 2008-11-24 20:04 <DIR> d-------- c:\documents and settings\wafaa\Application Data\Talkback
    2008-11-24 20:04 . 2008-11-24 20:04 0 --a------ c:\windows\nsreg.dat
    2008-11-22 13:40 . 2008-11-22 13:40 <DIR> d-------- c:\program files\h
    2008-11-22 00:18 . 2008-11-22 00:18 <DIR> d-------- c:\program files\tray download live
    2008-11-21 12:35 . 2008-11-21 12:35 268 --ah----- C:\sqmdata05.sqm
    2008-11-21 12:35 . 2008-11-21 12:35 244 --ah----- C:\sqmnoopt05.sqm
    2008-11-21 12:27 . 2008-11-21 12:27 <DIR> d-------- c:\documents and settings\wafaa\Application Data\dvdcss
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-12-13 20:43 --------- d-----w c:\documents and settings\wafaa\Application Data\DMCache
    2008-12-13 14:29 --------- d-----w c:\documents and settings\All Users\Application Data\AlawarWrapper
    2008-12-11 23:49 --------- d-----w c:\documents and settings\All Users\Application Data\MumboJumbo
    2008-12-11 20:41 --------- d-----w c:\program files\Alawar
    2008-12-11 15:41 --------- d-----w c:\documents and settings\wafaa\Application Data\Playfirst
    2008-12-11 11:30 --------- d-----w c:\program files\Golden Al-Wafi Translator
    2008-12-10 13:12 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
    2008-12-08 19:45 --------- d-----w c:\program files\REALTEK RTL8187 Wireless LAN Driver and Utility
    2008-12-08 19:45 --------- d-----w c:\program files\Common Files\InstallShield
    2008-12-06 23:51 925,039 ----a-w c:\windows\pchealth\helpctr\binaries\helpctr.exe
    2008-12-06 23:51 314,735 ----a-w c:\windows\pchealth\helpctr\binaries\msconfig.exe
    2008-12-06 20:45 --------- d-----w c:\program files\Smiley Arcade
    2008-12-06 20:39 --------- d--h--w c:\program files\InstallShield Installation Information
    2008-12-03 20:16 --------- d-----w c:\documents and settings\All Users\Application Data\Alawar Stargaze
    2008-12-02 13:47 --------- d-----w c:\program files\Yahoo!
    2008-12-02 13:16 229,743 -c--a-w c:\windows\ST6UNST.EXE
    2008-12-02 12:24 --------- d-----w c:\program files\Common Files\Real
    2008-12-02 11:51 --------- d-----w c:\documents and settings\wafaa\Application Data\IDM
    2008-12-02 10:41 499,712 ----a-w c:\windows\system32\msvcp71.dll
    2008-12-02 10:41 348,160 ----a-w c:\windows\system32\msvcr71.dll
    2008-11-28 10:47 --------- d-----w c:\documents and settings\wafaa\Application Data\vlc
    2008-11-27 12:43 155,995 ----a-w c:\windows\java\Packages\TN1VBF5Z.ZIP
    2008-11-25 17:41 --------- d-----w c:\program files\Atheros
    2008-11-21 21:20 --------- d-----w c:\documents and settings\wafaa\Application Data\tray download live
    2008-11-21 21:19 --------- d-----w c:\documents and settings\All Users\Application Data\Trans Once Mess Frag
    2008-11-08 20:53 --------- d-----w c:\program files\VideoLAN
    2008-11-07 18:24 --------- d-----w c:\program files\eTeSoft Video Converter
    2008-10-31 00:06 --------- d-----w c:\program files\DivX
    2008-10-31 00:02 --------- d-----w c:\documents and settings\wafaa\Application Data\Yahoo!
    2008-10-26 10:05 --------- d-----w c:\program files\Internet Download Manager
    2008-10-25 00:49 --------- d-----w c:\program files\BitComet
    2008-10-24 00:17 --------- d-----w c:\program files\MSN Messenger
    2008-10-24 00:17 --------- d-----w c:\program files\Messenger Plus! Live
    2008-10-23 23:51 --------- d-----w c:\program files\Kaspersky Lab
    2008-10-23 21:44 --------- d-----w c:\documents and settings\wafaa\Application Data\Nokia Multimedia Player
    2008-10-23 21:42 --------- d-----w c:\documents and settings\wafaa\Application Data\PC Suite
    2008-10-22 20:26 --------- d-----w c:\program files\Turtix
    2008-10-22 15:20 --------- d-----w c:\program files\MessengerDiscovery
    2008-10-15 11:24 --------- d-----w c:\documents and settings\wafaa\Application Data\PetShowCraze
    2008-10-15 11:22 --------- d-----w c:\program files\Mobily Connect Card
    2008-09-16 00:12 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IDMan"="e:\important program c?? c?e?c??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMan.exe" [?]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
    "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2008-12-06 5830879]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-12-02 1824111]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-19 68856]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-12-02 1393519]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-30 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-30 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-30 137752]
    "KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
    "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2008-12-02 427887]
    "ACU"="c:\program files\Atheros\ACU.exe" [2008-12-02 459631]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-02 185896]
    "SigmatelSysTrayApp"="stsystra.exe" [2007-05-06 c:\windows\stsystra.exe]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 c:\windows\system32\bthprops.cpl]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
    "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-12-06 1397615]
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-09-11 270191]
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-05-17 724703]
    Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-09-11 207215]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\MSN Messenger\\livecall.exe"=
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "25075:TCP"= 25075:TCP:BitComet 25075 TCP
    "25075:UDP"= 25075:UDP:BitComet 25075 UDP
    "23044:TCP"= 23044:TCP:BitComet 23044 TCP
    "23044:UDP"= 23044:UDP:BitComet 23044 UDP
    R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2008-11-25 38144]
    S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys [2008-10-05 194304]
    S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys []
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c9c6d62-9715-11dd-8206-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c9c6d66-9715-11dd-8206-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{773c9df6-9723-11dd-8209-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{773c9df7-9723-11dd-8209-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47706-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47707-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99a47708-9741-11dd-820b-001e4ce17834}]
    \Shell\AutoRun\command - G:\AutoRun.exe
    .
    s of the 'Scheduled Tasks' folder
    2008-12-13 c:\windows\Tasks\A20DA4A7918A5A63.job
    - c:\docume~1\wafaa\applic~1\traydo~1\Wait Soft Curb.exe [2008-12-02 14:44]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.ae/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    mStart Page = hxxp://www.yahoo.com
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
    IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
    IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
    IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Download all links with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetAll.htm
    IE: Download FLV video with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetVL.htm
    IE: Download with IDM - e:\important program çهم çلèٌçمى\Internet النت\Internet Download Manager 5.12\IDM5.12Final-Crack\IEExt.htm
    IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
    .
    **************************************************************************
    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-13 23:46:21
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files: 0
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    - - - - - - - > 'winlogon.exe'(968)
    c:\windows\system32\athgina.dll
    c:\windows\system32\athcfg11.dll
    c:\windows\system32\athcfg11Res.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\windows\system32\acs.exe
    c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
    c:\documents and settings\tazebama.dl_
    c:\windows\system32\igfxsrvc.exe
    c:\windows\system32\rundll32.exe
    c:\program files\WIDCOMM\Bluetooth Software\BTStackServer.exe
    c:\program files\PC Connectivity Solution\ServiceLayer.exe
    c:\program files\PC Connectivity Solution\NclBTHandler.exe
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2008-12-13 23:48:20 - machine was rebooted [wafaa]
    ComboFix-quarantined-files.txt 2008-12-13 20:48:17
    ComboFix2.txt 2008-12-13 19:39:42
    Pre-Run: 29,716,070,400 bytes free
    Post-Run: 33,310,130,176 bytes free
    285
     
  11. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    هذا رقم (2)
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:03:34 AM, on 12/14/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Documents and Settings\tazebama.dl_
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\dwwin.exe
    D:\Downloads\Programs\Zyzoom_HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ae/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMIECC.dll (file missing)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [IDMan] E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IDMan.exe /onboot
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Download all links with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - E:\important Program C?? C?E?C??\Internet C??E\Internet Download Manager 5.12\IDM5.12Final-Crack\IEExt.htm
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: E?E - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    --
    End of file - 7293 bytes
     
  12. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    وش اسوي الحين
     
  13. صمت السكوت

    صمت السكوت زيزوومى محترف

    إنضم إلينا في:
    ‏ابريل 3, 2008
    المشاركات:
    5,058
    الإعجابات :
    53
    نقاط الجائزة:
    830
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
  14. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    مشكوررره اختي
    خلود على هذه
    المعلومات
    بس انا
    بديت مع فارس الملاك
    وابغى امشي معه الخطوات اللي جاي
    خطوه بخطوه لاني ماني خبيره بهذه الموضيع
    وانا اولآ وخيرآ شاكره لك وللأخ فارس الملاك
    لي تعونكم معي في حل المشكله
    ما دام بديت معه
     
  15. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7

    يعطيك الف عافية استاذتي خلوود

    اختي طبقي مشاركة الاخت خلوود

     
  16. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    نزلي الاداة الي في هذا الموضوع

    أداة حذف وتنظيف فيروسات الفلااش ميموري. الاصدار 2 ( 11 - 1429 هـ )

    وهذي كماان

    اداة الكاسبر .. آخر اصدار وبالعربي كمان

    وهذا ايضا

    3 في 1 ==> فحص و تنظيف و تقرير بـ اقوى انتي سباي وير .


    وهذا اهم برنااامج

    شرح حذف البرنامج الدعائي الخبيث windows antivirus 2008

    نزليهم كلهم واعملي فحص لجهازك

    واذا الموضوع فيه تقرير ياليت ترفقيه في مشاركتك القادمة

    في انتظارك

    وعذرا على التاخير
     
  17. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    [​IMG]

    [​IMG]

    [​IMG]

    هذا اللي طلع لي الحين هل اشغل استعادة النظام او احمل اللي قلت من برامج اول
     
  18. حسووونه

    حسووونه زيزوومي نشيط

    إنضم إلينا في:
    ‏أغسطس 24, 2008
    المشاركات:
    167
    الإعجابات :
    0
    نقاط الجائزة:
    200
    الإقامة:
    القصيم
    برامج الحماية:
    Avira
    نظام التشغيل:
    Windows 7
    على فكره اخوي
    ماعندي اي برنامج
    للي مكافح الفيروسات
    وبعد جدار الحمايه ومركز
    الامان موقف عندي من شهر رمضان
    هذا للعلم فقط وحولت احمل الكاسبر
    بس لما يصل عند طلب المفتاح ماالقاه
    مع العلم اني محمله مفتاح مادري وش السبب
    ولما مااقدر اثبته ارجع ازيله من على الجهاز
     
  19. براتيسلافا

    براتيسلافا زيزوومي جديد

    إنضم إلينا في:
    ‏ديسمبر 14, 2008
    المشاركات:
    72
    الإعجابات :
    0
    نقاط الجائزة:
    80
    يا إخوان الفزعة أنا عضو جديد معاكم وكنت من يومين على النت وفجأة طلع لي فيروس خبيث ماصادة برنامج الأفاست وصار كل ما يفتح لي كثير من المواقع وبالذات أي موقع مختص بعمل سكان أو لاين مايفتحه مرة
    أرجو الرد من اهل الاختصاص والخبرة فهذه أول مشاركة لي وضعتها هنا لأني لا أعرف كيف افتح مشاركة جديدة .. لاتلوموني أرجوكم وإن كان أحد من الإدارة يراسلني على بريدي ويشرح لي كيف أعمل مشاركة جديدة يكون ازين
     
  20. فارس الملاك

    فارس الملاك زيزوومى محترف

    إنضم إلينا في:
    ‏ديسمبر 17, 2007
    المشاركات:
    5,514
    الإعجابات :
    37
    نقاط الجائزة:
    830
    الإقامة:
    زيزووم
    برامج الحماية:
    Kaspersky
    نظام التشغيل:
    Windows 7
    عزيزي ادخل على القسم واضط على ايقونة موضوع جديد واكتب مشكلتك

    فهذا الموضوع خاص في صاحبه

    تحياتي
     

مشاركة هذه الصفحة

جاري تحميل الصفحة...