- بادئ الموضوع النحرير
- تاريخ البدء
- 1,135
Demo-dash
داعم للمنتدى،(خبراء زيزووم )
داعــــم للمنتـــــدى
★★ نجم المنتدى ★★
كبار الشخصيات
فريق دعم البرامج العامة
غير متصل
اشبك الهارد في الكمبيوتر وخله مشبوك واستخدم هذي الاداه نشوف
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
توقيع : Demo-dash
تأييد
0
ComboFix 08-08-23.03 - Administrator 08/24/2008 23:18:41.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.638 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-07-24 to 2008-08-24 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 20:22 9,988,640 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-24 20:22 618,784 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-08-24 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-24 19:31 66,152 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-08-24 19:31 153,896 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-24 13:09 --------- d-----w C:\Program Files\موسوعة الحديث
2008-08-24 13:08 286,720 ----a-w C:\WINDOWS\iun506.exe
2008-08-23 16:55 --------- d-----w C:\Program Files\AlbaniV2
2008-08-23 09:29 --------- d-----w C:\Program Files\Library
2008-08-22 17:51 --------- d-----w C:\Program Files\DAEMON Tools Toolbar
2008-08-22 17:51 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-08-22 15:50 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-22 15:50 --------- d-----w C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
2008-08-20 20:16 --------- d-----w C:\Program Files\ScanSpyware v3.8
2008-08-20 13:20 --------- d-----w C:\Documents and Settings\Administrator\Application Data\cleaner
2008-08-19 17:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 00:18 --------- d-----w C:\Documents and Settings\Administrator\Application Data\CyberScrub
2008-08-17 13:46 --------- d-----w C:\Program Files\MSXML 6.0
2008-08-15 12:27 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-08-15 12:18 --------- d-----w C:\Program Files\MSBuild
2008-08-15 12:09 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-13 11:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-13 08:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\shamela
2008-08-13 08:24 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-08-13 08:24 --------- d-----w C:\Program Files\shamela library
2008-08-13 08:23 --------- d-----w C:\Program Files\المكتبة الشاملة
2008-08-10 20:47 --------- d-----w C:\Program Files\أحكام التجويد
2008-08-10 09:09 --------- d-----w C:\Program Files\CCleaner
2008-08-10 01:37 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-08-10 01:10 --------- d-----w C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2008-08-10 01:09 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-08-10 01:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-08-10 01:06 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-10 00:41 --------- d-----w C:\Program Files\Microsoft Works
2008-08-07 17:29 --------- d-----w C:\Program Files\Gabest
2008-08-06 16:38 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-04 17:54 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-04 02:14 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ACD Systems
2008-08-03 19:45 --------- d-----w C:\Program Files\Adobe(2)
2008-08-02 08:37 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-08-02 03:38 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-08-02 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-08-02 02:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-02 02:27 --------- d-----w C:\Program Files\IVT Corporation
2008-08-02 02:27 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-02 02:16 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-02 02:14 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-08-02 02:14 --------- d-----w C:\Program Files\ACD Systems
2008-08-02 02:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-08-02 02:03 --------- d-----w C:\Program Files\The KMPlayer
2008-08-02 02:03 --------- d-----w C:\Program Files\Crystal Player
2008-08-02 01:51 203,776 ----a-w C:\WINDOWS\system32\clrviddc.dll
2008-08-02 01:50 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-02 01:50 --------- d-----w C:\Program Files\Common Files\Real
2008-08-02 01:49 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-08-02 01:49 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-08-02 01:37 --------- d-----w C:\Program Files\Bit Che
2008-08-02 01:37 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Convivea
2008-08-02 01:36 --------- d-----w C:\Program Files\BitComet
2008-08-02 01:31 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-08-02 01:27 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-08-02 01:14 --------- d-----w C:\Program Files\Kaspersky Lab
2008-08-02 01:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-08-02 00:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-01 22:07 --------- d-----w C:\Program Files\Windows Live
2008-08-01 22:07 --------- d-----w C:\Program Files\MSN Messenger
2008-08-01 22:07 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-01 22:01 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-08-01 21:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\URSoft
2008-08-01 21:56 --------- d-----w C:\Program Files\Real
2008-08-01 21:54 --------- d-----w C:\Program Files\Mass Downloader
2008-08-01 21:53 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Products
2008-08-01 21:51 --------- d-----w C:\Program Files\URUSoft
2008-08-01 21:28 155,995 ----a-w C:\WINDOWS\java\Packages\TJLBJD35.ZIP
2008-08-01 21:21 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-01 21:15 --------- d-----w C:\Program Files\Realtek AC97
2008-08-01 21:15 --------- d-----w C:\Program Files\AvRack
2008-08-01 21:11 --------- d-----w C:\Program Files\S3
2008-08-01 21:07 --------- d-----w C:\Program Files\VIA
2008-08-01 21:01 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-07 20:30 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:22 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:40 657,920 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:39 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\divx.dll
.
------- Sigcheck -------
08/04/2004 12:56 AM 14336 0ecd0853cadb84ae5df7da9bd1731cc7 C:\WINDOWS\system32\svchost.exe
03/02/2005 09:19 PM 576512 c287c8218dac8ee3aef1fb2018064699 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
03/08/2007 06:48 PM 577536 adc5a589d00030f03fc315f18eacf05f C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
08/04/2004 12:55 AM 576512 ede1d5f29b2752953f3d5d11004154c1 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
03/02/2005 09:09 PM 576512 48a5a51ebcd5056a245397e1ea1f78ee C:\WINDOWS\$NtUninstallKB925902$\user32.dll
03/08/2007 06:36 PM 577024 9a432140628841a7d5b489a4ac2eb154 C:\WINDOWS\system32\user32.dll
08/04/2004 12:56 AM 82944 c3b9fd7b0d0824fc224684b73302a0fd C:\WINDOWS\system32\ws2_32.dll
06/20/2008 01:44 PM 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
06/20/2008 02:51 PM 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
06/20/2008 02:59 PM 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
08/03/2004 11:14 PM 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
06/20/2008 01:45 PM 360320 2a5554fc5b1e04e131230e3ce035c3f9 C:\WINDOWS\system32\drivers\tcpip.sys
08/04/2004 12:56 AM 501248 ba4e08425b62be257ae4557da058f1aa C:\WINDOWS\system32\winlogon.exe
08/03/2004 11:14 PM 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys
08/03/2004 11:00 PM 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys
03/02/2005 09:12 PM 2058496 d4bd251b437e841ce93c4afa19b9b788 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
02/28/2007 07:05 PM 2060928 07ec56eb800a64228a42157d2ff161f3 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
08/04/2004 01:08 AM 2058368 144fa719cd380dcaed316fd12b998ca0 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
03/02/2005 09:06 PM 2058368 0af9cc70ee796f6fa4b074c1c3a22e1e C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
02/28/2007 07:01 PM 2059136 086984cd8336845b0c249e256acb3b00 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
02/28/2007 07:01 PM 2059136 086984cd8336845b0c249e256acb3b00 C:\WINDOWS\system32\ntkrnlpa.exe
03/02/2005 09:12 PM 2181120 c7d8db9c1f072d6e22d9a2b354cce5b2 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
02/28/2007 07:05 PM 2183680 bd6dea71816e48de42adab538296f596 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
08/04/2004 12:49 AM 2182528 3d1fa51e54cd9685a7e7795a267ca62c C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
03/02/2005 09:06 PM 2180864 26797c3db913d1048a447df5394f67a5 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
02/28/2007 07:01 PM 2181888 7ec6346d7aa038fb8879a0dcbdf2b320 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
02/28/2007 07:01 PM 2181888 7ec6346d7aa038fb8879a0dcbdf2b320 C:\WINDOWS\system32\ntoskrnl.exe
06/13/2007 04:22 PM 1030656 4e877303248a09847fb303ee173fbd70 C:\WINDOWS\explorer.exe
06/13/2007 04:10 PM 1030656 d0dc9258122f39129966649085f45880 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
08/04/2004 12:56 AM 1029632 932f97b77f2625f7ff7dfc97552548f8 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
08/04/2004 12:56 AM 108032 706b1ed77d90dfafc71ac86afcc1cc03 C:\WINDOWS\system32\services.exe
08/04/2004 12:56 AM 13312 e0c58b25fa2a8ac9ea18a0a5abb8a932 C:\WINDOWS\system32\lsass.exe
08/04/2004 12:56 AM 15360 b87d2319441038f62bddaeeb6bce156d C:\WINDOWS\system32\ctfmon.exe
06/11/2005 03:17 AM 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
08/04/2004 12:56 AM 57856 5917ef4b63693507c1be9d1986d2e1db C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
06/11/2005 02:53 AM 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\spoolsv.exe
08/04/2004 12:56 AM 24576 e5b1bafac265460493b1a12b65c1cf52 C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:55 PM 5674352]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [07/04/2008 06:01 PM 486856]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoUserNameInStartMenu"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 08/04/2004 12:56 AM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 01/19/2007 12:55 PM 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--------- 08/02/2008 04:49 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 01/08/2008 01:31 PM 196864 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
-r------- 08/03/2006 12:12 AM 577536 C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 03/07/2005 10:33 PM 53248 C:\WINDOWS\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
-ra------ 04/11/2006 11:06 AM 176128 C:\WINDOWS\system32\VTTrayp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27662:TCP"= 27662:TCP:BitComet 27662 TCP
"27662:UDP"= 27662:UDP:BitComet 27662 UDP
"62626:TCP"= 62626:TCP:BitComet 62626 TCP
"62626:UDP"= 62626:UDP:BitComet 62626 UDP
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [02/23/2006 06:38 AM]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [02/23/2006 06:39 AM]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [08/04/2004 12:56 AM]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/04/2007 02:58 PM]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [08/10/2008 04:09 AM]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
s of the 'Scheduled Tasks' folder
2008-08-22 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe [01/08/2008 01:31 PM]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com/
R1 -: HKCU-Internet Settings,ProxyOverride = local
O8 -: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 -: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 -: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 -: &إنزال الكل باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_All.htm
O8 -: &إنزال باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_Url.htm
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 -: {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O16 -: Microsoft XML Parser for Java -
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-08-24 23:23:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 08/24/2008 23:25:37
ComboFix-quarantined-files.txt 2008-08-24 20:25:17
ComboFix2.txt 2008-08-24 18:38:34
ComboFix3.txt 2008-08-20 13:11:32
Pre-Run: 27,605,209,088 bytes free
Post-Run: 27,589,058,560 bytes free
237 --- E O F --- 2008-08-20 13:50:41
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.638 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-07-24 to 2008-08-24 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-24 20:22 9,988,640 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-08-24 20:22 618,784 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-08-24 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-08-24 19:31 66,152 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-08-24 19:31 153,896 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-08-24 13:09 --------- d-----w C:\Program Files\موسوعة الحديث
2008-08-24 13:08 286,720 ----a-w C:\WINDOWS\iun506.exe
2008-08-23 16:55 --------- d-----w C:\Program Files\AlbaniV2
2008-08-23 09:29 --------- d-----w C:\Program Files\Library
2008-08-22 17:51 --------- d-----w C:\Program Files\DAEMON Tools Toolbar
2008-08-22 17:51 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-08-22 15:50 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-08-22 15:50 --------- d-----w C:\Documents and Settings\Administrator\Application Data\DAEMON Tools
2008-08-20 20:16 --------- d-----w C:\Program Files\ScanSpyware v3.8
2008-08-20 13:20 --------- d-----w C:\Documents and Settings\Administrator\Application Data\cleaner
2008-08-19 17:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 00:18 --------- d-----w C:\Documents and Settings\Administrator\Application Data\CyberScrub
2008-08-17 13:46 --------- d-----w C:\Program Files\MSXML 6.0
2008-08-15 12:27 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-08-15 12:18 --------- d-----w C:\Program Files\MSBuild
2008-08-15 12:09 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-13 11:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-13 08:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\shamela
2008-08-13 08:24 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-08-13 08:24 --------- d-----w C:\Program Files\shamela library
2008-08-13 08:23 --------- d-----w C:\Program Files\المكتبة الشاملة
2008-08-10 20:47 --------- d-----w C:\Program Files\أحكام التجويد
2008-08-10 09:09 --------- d-----w C:\Program Files\CCleaner
2008-08-10 01:37 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-08-10 01:10 --------- d-----w C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2008-08-10 01:09 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-08-10 01:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-08-10 01:06 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-08-10 00:41 --------- d-----w C:\Program Files\Microsoft Works
2008-08-07 17:29 --------- d-----w C:\Program Files\Gabest
2008-08-06 16:38 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-04 17:54 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-04 02:14 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ACD Systems
2008-08-03 19:45 --------- d-----w C:\Program Files\Adobe(2)
2008-08-02 08:37 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-08-02 03:38 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2008-08-02 02:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-08-02 02:27 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-02 02:27 --------- d-----w C:\Program Files\IVT Corporation
2008-08-02 02:27 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-08-02 02:16 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-08-02 02:14 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-08-02 02:14 --------- d-----w C:\Program Files\ACD Systems
2008-08-02 02:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-08-02 02:03 --------- d-----w C:\Program Files\The KMPlayer
2008-08-02 02:03 --------- d-----w C:\Program Files\Crystal Player
2008-08-02 01:51 203,776 ----a-w C:\WINDOWS\system32\clrviddc.dll
2008-08-02 01:50 --------- d-----w C:\Program Files\Common Files\xing shared
2008-08-02 01:50 --------- d-----w C:\Program Files\Common Files\Real
2008-08-02 01:49 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-08-02 01:49 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2008-08-02 01:37 --------- d-----w C:\Program Files\Bit Che
2008-08-02 01:37 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Convivea
2008-08-02 01:36 --------- d-----w C:\Program Files\BitComet
2008-08-02 01:31 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-08-02 01:27 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-08-02 01:14 --------- d-----w C:\Program Files\Kaspersky Lab
2008-08-02 01:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-08-02 00:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-08-01 22:07 --------- d-----w C:\Program Files\Windows Live
2008-08-01 22:07 --------- d-----w C:\Program Files\MSN Messenger
2008-08-01 22:07 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-01 22:01 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-08-01 21:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\URSoft
2008-08-01 21:56 --------- d-----w C:\Program Files\Real
2008-08-01 21:54 --------- d-----w C:\Program Files\Mass Downloader
2008-08-01 21:53 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Products
2008-08-01 21:51 --------- d-----w C:\Program Files\URUSoft
2008-08-01 21:28 155,995 ----a-w C:\WINDOWS\java\Packages\TJLBJD35.ZIP
2008-08-01 21:21 --------- d-----w C:\Program Files\Microsoft.NET
2008-08-01 21:15 --------- d-----w C:\Program Files\Realtek AC97
2008-08-01 21:15 --------- d-----w C:\Program Files\AvRack
2008-08-01 21:11 --------- d-----w C:\Program Files\S3
2008-08-01 21:07 --------- d-----w C:\Program Files\VIA
2008-08-01 21:01 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-07 20:30 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:22 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:40 657,920 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:39 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\divx.dll
.
------- Sigcheck -------
08/04/2004 12:56 AM 14336 0ecd0853cadb84ae5df7da9bd1731cc7 C:\WINDOWS\system32\svchost.exe
03/02/2005 09:19 PM 576512 c287c8218dac8ee3aef1fb2018064699 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
03/08/2007 06:48 PM 577536 adc5a589d00030f03fc315f18eacf05f C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
08/04/2004 12:55 AM 576512 ede1d5f29b2752953f3d5d11004154c1 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
03/02/2005 09:09 PM 576512 48a5a51ebcd5056a245397e1ea1f78ee C:\WINDOWS\$NtUninstallKB925902$\user32.dll
03/08/2007 06:36 PM 577024 9a432140628841a7d5b489a4ac2eb154 C:\WINDOWS\system32\user32.dll
08/04/2004 12:56 AM 82944 c3b9fd7b0d0824fc224684b73302a0fd C:\WINDOWS\system32\ws2_32.dll
06/20/2008 01:44 PM 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
06/20/2008 02:51 PM 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
06/20/2008 02:59 PM 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
08/03/2004 11:14 PM 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
06/20/2008 01:45 PM 360320 2a5554fc5b1e04e131230e3ce035c3f9 C:\WINDOWS\system32\drivers\tcpip.sys
08/04/2004 12:56 AM 501248 ba4e08425b62be257ae4557da058f1aa C:\WINDOWS\system32\winlogon.exe
08/03/2004 11:14 PM 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys
08/03/2004 11:00 PM 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys
03/02/2005 09:12 PM 2058496 d4bd251b437e841ce93c4afa19b9b788 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
02/28/2007 07:05 PM 2060928 07ec56eb800a64228a42157d2ff161f3 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
08/04/2004 01:08 AM 2058368 144fa719cd380dcaed316fd12b998ca0 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
03/02/2005 09:06 PM 2058368 0af9cc70ee796f6fa4b074c1c3a22e1e C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
02/28/2007 07:01 PM 2059136 086984cd8336845b0c249e256acb3b00 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
02/28/2007 07:01 PM 2059136 086984cd8336845b0c249e256acb3b00 C:\WINDOWS\system32\ntkrnlpa.exe
03/02/2005 09:12 PM 2181120 c7d8db9c1f072d6e22d9a2b354cce5b2 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
02/28/2007 07:05 PM 2183680 bd6dea71816e48de42adab538296f596 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
08/04/2004 12:49 AM 2182528 3d1fa51e54cd9685a7e7795a267ca62c C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
03/02/2005 09:06 PM 2180864 26797c3db913d1048a447df5394f67a5 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
02/28/2007 07:01 PM 2181888 7ec6346d7aa038fb8879a0dcbdf2b320 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
02/28/2007 07:01 PM 2181888 7ec6346d7aa038fb8879a0dcbdf2b320 C:\WINDOWS\system32\ntoskrnl.exe
06/13/2007 04:22 PM 1030656 4e877303248a09847fb303ee173fbd70 C:\WINDOWS\explorer.exe
06/13/2007 04:10 PM 1030656 d0dc9258122f39129966649085f45880 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
08/04/2004 12:56 AM 1029632 932f97b77f2625f7ff7dfc97552548f8 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
08/04/2004 12:56 AM 108032 706b1ed77d90dfafc71ac86afcc1cc03 C:\WINDOWS\system32\services.exe
08/04/2004 12:56 AM 13312 e0c58b25fa2a8ac9ea18a0a5abb8a932 C:\WINDOWS\system32\lsass.exe
08/04/2004 12:56 AM 15360 b87d2319441038f62bddaeeb6bce156d C:\WINDOWS\system32\ctfmon.exe
06/11/2005 03:17 AM 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
08/04/2004 12:56 AM 57856 5917ef4b63693507c1be9d1986d2e1db C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe
06/11/2005 02:53 AM 57856 da81ec57acd4cdc3d4c51cf3d409af9f C:\WINDOWS\system32\spoolsv.exe
08/04/2004 12:56 AM 24576 e5b1bafac265460493b1a12b65c1cf52 C:\WINDOWS\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:55 PM 5674352]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [07/04/2008 06:01 PM 486856]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoUserNameInStartMenu"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"msacm.l3codec"= l3codecp.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^BlueSoleil.lnk]
path=C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\BlueSoleil.lnk
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 08/04/2004 12:56 AM 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 01/19/2007 12:55 PM 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--------- 08/02/2008 04:49 AM 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]
--a------ 01/08/2008 01:31 PM 196864 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
-r------- 08/03/2006 12:12 AM 577536 C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 03/07/2005 10:33 PM 53248 C:\WINDOWS\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]
-ra------ 04/11/2006 11:06 AM 176128 C:\WINDOWS\system32\VTTrayp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27662:TCP"= 27662:TCP:BitComet 27662 TCP
"27662:UDP"= 27662:UDP:BitComet 27662 UDP
"62626:TCP"= 62626:TCP:BitComet 62626 TCP
"62626:UDP"= 62626:UDP:BitComet 62626 UDP
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [02/23/2006 06:38 AM]
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys [02/23/2006 06:39 AM]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [08/04/2004 12:56 AM]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/04/2007 02:58 PM]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [08/10/2008 04:09 AM]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
s of the 'Scheduled Tasks' folder
2008-08-22 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe [01/08/2008 01:31 PM]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com/
R1 -: HKCU-Internet Settings,ProxyOverride = local
O8 -: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 -: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 -: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 -: &إنزال الكل باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_All.htm
O8 -: &إنزال باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_Url.htm
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 -: {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O16 -: Microsoft XML Parser for Java -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-08-24 23:23:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 08/24/2008 23:25:37
ComboFix-quarantined-files.txt 2008-08-24 20:25:17
ComboFix2.txt 2008-08-24 18:38:34
ComboFix3.txt 2008-08-20 13:11:32
Pre-Run: 27,605,209,088 bytes free
Post-Run: 27,589,058,560 bytes free
237 --- E O F --- 2008-08-20 13:50:41
تأييد
0
Demo-dash
داعم للمنتدى،(خبراء زيزووم )
داعــــم للمنتـــــدى
★★ نجم المنتدى ★★
كبار الشخصيات
فريق دعم البرامج العامة
غير متصل
سليم
------------
وجرب عطل برامج الحمايه وشوف هل هو يعلق بالجهاز او لا
ثم جرب تشبكه في منفذ اخر يكون عالي السرعه وشوف
اعمل تقرير للهايجاك
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم
------------
وجرب عطل برامج الحمايه وشوف هل هو يعلق بالجهاز او لا
ثم جرب تشبكه في منفذ اخر يكون عالي السرعه وشوف
توقيع : Demo-dash
تأييد
0
ابشر بسعدك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39:58 م, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Mass Downloader\massdown.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\explorer.exe
K:\برامج عامة\كشف بأخطاء الجهاز.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IECatcher Class - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - C:\PROGRA~1\MASSDO~1\MDHELPER.DLL
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &إنزال الكل باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: &إنزال باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=www.alahsa.net
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5355 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39:58 م, on 24/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Mass Downloader\massdown.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\explorer.exe
K:\برامج عامة\كشف بأخطاء الجهاز.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IECatcher Class - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - C:\PROGRA~1\MASSDO~1\MDHELPER.DLL
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &إنزال الكل باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: &إنزال باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - C:\Program Files\Mass Downloader\massdown.exe
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=www.alahsa.net
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 5355 bytes
تأييد
0
Demo-dash
داعم للمنتدى،(خبراء زيزووم )
داعــــم للمنتـــــدى
★★ نجم المنتدى ★★
كبار الشخصيات
فريق دعم البرامج العامة
غير متصل
اعمل التالي ضروري
ركب ملف الأعدادت للبرنامج الكاسبر
اعدادات الكاسبر انتي فايروس ( 7 )
شرح التركيب
ركب ملف الأعدادت للبرنامج الكاسبر
اعدادات الكاسبر انتي فايروس ( 7 )
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شرح التركيب
توقيع : Demo-dash
تأييد
0