موضوع في جوجل

[Faisal1400]

السلام عليكم ورحمة الله وبركاته ​

اليوم صارتلي مشكله في موقع جوجل في الصفحه الرئيسيه الدخول عادي بس ​

اذا طلبت بحث عن شيئ معين يطلعلي تنبيه ان عندي فايروسات في الجهاز ويرسلني لموقع فحص ​

الفايروسات اليوم سويت فحص للجهاز ببرنامج الفايروسات ووجد حصون طرواده والتقرير تبع ​

البرنامج يقول في نظام الويندوز وانه حذفها واتفاجاء من جوجل بهذا الرد قمت بستعمال هذه الأداة ComboFix
وطلعتلي هذا التقرير​

ComboFix 08-11-11.01 - User 11/17/2008 22:47:24.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1025.18.129 [GMT 3:00]
Running from: e:\اداة لحذف الفايروسات\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-10-17 to 2008-11-17 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-17 19:48 --------- d-----w c:\program files\cFosSpeed
2008-11-17 19:08 --------- d-----w c:\program files\VerbAce
2008-11-17 19:06 --------- d-----w c:\documents and settings\User\Application Data\DMCache
2008-11-17 08:35 --------- d-----w c:\program files\Circle Developement
2008-11-17 08:33 --------- d-----w c:\documents and settings\User\Application Data\Exit Surf Name
2008-11-17 08:33 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\seek film amok web
2008-11-17 07:12 --------- d---a-w c:\docume~1\ALLUSE~1\APPLIC~1\TEMP
2008-11-17 07:08 --------- d-----w c:\program files\Hotspot_Shield
2008-11-16 21:06 --------- d-----w c:\program files\Conduit
2008-11-16 19:53 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-16 19:53 --------- d-----w c:\program files\JavaSoft
2008-11-16 17:12 --------- d-----w c:\documents and settings\User\Application Data\IDM
2008-11-14 20:46 --------- d-----w c:\documents and settings\User\Application Data\cleaner
2008-11-14 20:03 --------- d-----w c:\documents and settings\User\Application Data\GRETECH
2008-11-14 18:28 --------- d-----w c:\program files\Internet Download Manager
2008-11-14 18:26 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-14 16:48 --------- d-----w c:\program files\Smarty Uninstaller Pro
2008-11-13 18:29 1,773,568 ----a-w c:\windows\system32\msgdiplus.dll
2008-11-13 12:33 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-12 19:14 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\TechSmith
2008-11-12 19:13 --------- d-----w c:\program files\TechSmith
2008-11-12 10:44 --------- d-----w c:\program files\Windows Live Safety Center
2008-11-12 04:08 306,432 ----a-w c:\windows\system32\TuneUpDefragService.exe
2008-11-12 04:08 --------- d-----w c:\program files\TuneUp Utilities 2008
2008-11-12 04:04 --------- d-----w c:\documents and settings\User\Application Data\TuneUp Software
2008-11-12 04:04 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\TuneUp Software
2008-11-12 03:40 --------- d-----w c:\documents and settings\User\Application Data\CyberScrub
2008-11-11 19:08 --------- d-----w c:\documents and settings\User\Application Data\Orbit
2008-11-11 18:21 --------- d-----w c:\documents and settings\User\Application Data\GrabPro
2008-11-11 18:10 --------- d-----w c:\program files\Nitro Downloader 3.0
2008-11-11 17:25 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\BurstCopy Labs
2008-11-11 11:15 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-10 20:23 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\WLInstaller
2008-11-10 18:28 --------- d-----w c:\documents and settings\User\Application Data\SlipStream
2008-11-10 15:40 --------- d--h--w c:\program files\GLF17.tmp
2008-11-10 13:55 --------- d-----w c:\program files\Windows Doctor
2008-11-09 15:10 --------- d-----w c:\program files\Alwil Software
2008-11-09 13:33 --------- d-----w c:\program files\MSNTools
2008-11-09 10:01 --------- d-----w c:\program files\Microsoft Silverlight
2008-11-08 18:38 --------- d-----w c:\documents and settings\User\Application Data\Thinking Minds Budiling Bytes
2008-11-08 10:18 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\Messenger Plus!
2008-11-03 18:13 --------- d-----w c:\program files\FLV Player
2008-11-03 18:09 --------- d-----w c:\program files\Real
2008-11-03 18:09 --------- d-----w c:\program files\Common Files\xing shared
2008-11-03 18:09 --------- d-----w c:\program files\Common Files\Real
2008-11-03 18:09 --------- d-----w c:\documents and settings\User\Application Data\Media Player Classic
2008-11-03 18:07 --------- d-----w c:\program files\K-Lite Codec Pack
2008-11-03 18:06 --------- d-----w c:\program files\CyberLink
2008-11-03 17:47 --------- d-----w c:\program files\JetAudio
2008-11-03 17:47 --------- d-----w c:\program files\GRETECH
2008-11-03 17:47 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-03 17:47 --------- d-----w c:\program files\Common Files\COWON
2008-11-03 17:47 --------- d-----w c:\docume~1\ALLUSE~1\APPLIC~1\GRETECH
2008-11-03 17:46 --------- d-----w c:\program files\Java
2008-11-03 17:45 155,995 ----a-w c:\windows\java\Packages\BZHB5NB5.ZIP
2008-11-03 17:45 --------- d-----w c:\program files\Windows Live
2008-11-03 17:45 --------- d-----w c:\program files\Common Files\Java
2008-11-03 17:44 90,112 ----a-w c:\windows\system32\agsaami.dll
2008-11-03 17:44 610,304 ----a-w c:\windows\system32\agsaamg.dll
2008-11-03 17:44 372,736 ----a-w c:\windows\system32\agsaamc.dll
2008-11-03 17:44 2,535,424 ----a-w c:\windows\system32\agsaamj.dll
2008-11-03 17:44 196,608 ----a-w c:\windows\system32\maag.dll
2008-11-03 17:44 1,986,560 ----a-w c:\windows\system32\akll.dll
2008-11-03 17:44 1,245,184 ----a-w c:\windows\system32\bkll.dll
2008-11-03 17:44 1,212,416 ----a-w c:\windows\system32\ckll.dll
2008-11-03 17:44 --------- d-----w c:\program files\Real_SC
2008-11-03 17:30 --------- d-----w c:\program files\IrfanView
2008-11-03 17:30 --------- d-----w c:\program files\IObit
2008-11-03 17:30 --------- d-----w c:\program files\Common Files\Adobe
2008-11-03 17:28 --------- d-----w c:\program files\Microsoft.NET
2008-11-03 17:27 --------- d-----w c:\program files\Microsoft Works
2008-11-02 23:45 --------- d-----w c:\program files\Realtek
2008-11-02 23:44 315,392 ----a-w c:\windows\HideWin.exe
2008-11-02 23:42 --------- d-----w c:\program files\S3
2008-11-02 22:51 --------- d-----w c:\program files\microsoft frontpage
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-09-15 15:24 1,846,272 ----a-w c:\windows\system32\win32k.sys
2008-09-12 10:44 206,256 ----a-w c:\windows\system32\idmmbc.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 07:57 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((( snapshot@Wed 11-12-2008_13.57.24.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-10 01:11:11 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 12:39:01 17,784 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 12:39:01 231,288 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 12:39:01 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:03 752,504 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:04 380,792 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-09-04 17:12:05 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:18:09 17,784 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:18:09 231,288 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:18:09 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:03 752,504 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 10:04:32 380,792 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 12:58:08 17,784 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 12:58:09 231,288 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 12:58:08 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 12:58:12 752,504 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 12:58:19 380,792 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-04-14 15:59:39 1,306,624 -c----w c:\windows\$NtUninstallKB954459$\msxml6.dll
+ 2007-11-30 12:39:01 231,288 -c----w c:\windows\$NtUninstallKB954459$\spuninst\spuninst.exe
+ 2007-11-30 12:39:04 380,792 -c----w c:\windows\$NtUninstallKB954459$\spuninst\updspapi.dll
+ 2008-04-14 15:59:39 1,104,896 -c----w c:\windows\$NtUninstallKB955069$\msxml3.dll
+ 2007-11-30 11:18:09 231,288 -c----w c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2008-07-09 10:04:32 380,792 -c----w c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
+ 2008-04-13 19:17:01 456,576 -c----w c:\windows\$NtUninstallKB957097$\mrxsmb.sys
+ 2008-07-08 12:58:09 231,288 -c----w c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2008-07-08 12:58:19 380,792 -c----w c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
- 2008-11-10 09:32:54 1,257,472 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-11-12 21:11:27 1,265,664 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2008-11-10 09:32:56 1,224,704 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-11-12 21:11:27 1,232,896 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2008-11-12 21:11:38 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_721f384c\CustomMarshalers.dll
+ 2008-11-12 21:12:03 3,391,488 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_6917a6cd\mscorlib.dll
+ 2008-11-12 21:11:57 1,470,464 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_e2b71f70\System.Design.dll
+ 2008-11-12 21:11:39 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b57d0898\System.Drawing.Design.dll
+ 2008-11-12 21:11:59 835,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2f091c0b\System.Drawing.dll
+ 2008-11-12 21:11:44 3,018,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_35a1c070\System.Windows.Forms.dll
+ 2008-11-12 21:11:50 2,088,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_91058d41\System.Xml.dll
+ 2008-11-12 21:11:37 1,966,080 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_bb86c599\System.dll
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2005-10-20 17:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2008-11-10 09:34:04 593,920 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-11-12 21:10:23 593,920 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-11-10 09:34:04 12,288 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-11-12 21:10:23 12,288 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-11-10 09:34:04 86,016 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-11-12 21:10:23 86,016 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-11-10 09:34:04 135,168 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-11-12 21:10:22 135,168 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-11-10 09:34:04 11,264 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-11-12 21:10:23 11,264 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-11-10 09:34:04 27,136 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-11-12 21:10:23 27,136 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-11-10 09:34:04 4,096 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-11-12 21:10:23 4,096 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-11-10 09:34:04 794,624 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-11-12 21:10:23 794,624 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-11-10 09:34:04 249,856 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-11-12 21:10:23 249,856 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-11-10 09:34:04 61,440 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-11-12 21:10:22 61,440 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-11-10 09:34:04 23,040 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-11-12 21:10:23 23,040 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-11-10 09:34:03 286,720 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-11-12 21:10:22 286,720 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-11-10 09:34:03 409,600 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-11-12 21:10:22 409,600 ----a-r c:\windows\Installer\{90110401-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2004-07-14 22:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 18:30:52 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-14 22:49:22 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 18:30:52 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 21:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 17:57:52 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 16:09:14 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 17:57:58 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 21:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 17:56:30 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 21:33:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 17:58:00 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 11:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 17:50:46 2,142,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 16:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 17:58:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 21:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 17:57:00 2,523,136 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 21:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 17:57:28 2,514,944 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 13:20:00 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 13:11:26 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-14 22:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_aspnet_isapi.dll
+ 2004-07-14 21:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_CORPerfMonExt.dll
+ 2004-07-14 21:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_fusion.dll
+ 2004-07-14 21:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_mscorjit.dll
+ 2004-07-15 11:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_mscorlib.dll
+ 2003-02-20 16:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_mscorsn.dll
+ 2004-07-14 21:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_mscorsvr.dll
+ 2004-07-14 21:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_mscorwks.dll
+ 2003-02-21 01:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_msvcr71.dll
+ 2004-07-14 21:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1832\_PerfCounter.dll
- 2004-07-15 11:31:16 1,224,704 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 18:35:38 1,232,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-07-15 11:29:00 1,257,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 18:35:46 1,265,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2006-03-09 14:57:08 36,972 ------w c:\windows\system32\ActPanel.dll
- 2008-07-19 14:43:08 1,163,960 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-12 16:57:30 1,235,696 ----a-w c:\windows\system32\aswBoot.exe
- 2008-07-19 14:30:53 94,392 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-12 16:51:11 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-07-03 15:04:56 290,008 ----a-w c:\windows\system32\cfosspeed.dll
+ 2008-04-13 18:45:28 10,368 -c--a-w c:\windows\system32\dllcache\hidusb.sys
+ 2001-09-18 10:38:38 12,160 -c--a-w c:\windows\system32\dllcache\mouhid.sys
+ 2008-10-24 11:21:09 455,296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-09-04 17:15:18 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll
- 2008-04-14 15:59:39 1,306,624 -c--a-w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:14:30 1,307,648 -c--a-w c:\windows\system32\dllcache\msxml6.dll
+ 2008-04-14 15:59:43 218,624 -c--a-w c:\windows\system32\dllcache\uxtheme.dll
- 2008-07-19 14:32:15 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-12 16:51:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-07-19 14:37:42 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-12 16:53:27 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
- 2008-01-17 17:34:01 93,264 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-12 16:54:27 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
- 2008-07-19 14:37:21 94,416 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-12 16:54:19 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
- 2008-07-19 14:33:42 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-12 16:52:28 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
- 2008-07-19 14:35:18 78,416 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-12 16:53:38 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
- 2008-07-19 14:32:36 42,912 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-11-12 16:52:37 50,656 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-07-03 15:04:58 732,376 ----a-r c:\windows\system32\drivers\cfosspeed.sys
+ 2008-04-13 18:45:28 10,368 ----a-w c:\windows\system32\drivers\hidusb.sys
+ 2001-09-18 10:38:38 12,160 ----a-w c:\windows\system32\drivers\mouhid.sys
+ 2008-01-23 21:25:32 27,136 ----a-w c:\windows\system32\drivers\tapvpn.sys
+ 2007-03-15 10:25:08 13,312 ----a-w c:\windows\system32\mpnatapi.dll
- 2008-10-07 09:19:42 16,721,856 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
- 2005-09-23 04:28:52 270,848 ----a-w c:\windows\system32\mscoree.dll
+ 2006-12-22 09:28:14 271,360 ----a-w c:\windows\system32\mscoree.dll
- 2005-09-23 04:29:00 6,144 ----a-w c:\windows\system32\mui\0409\mscorees.dll
+ 2006-12-22 10:02:36 6,144 ----a-w c:\windows\system32\mui\0409\mscorees.dll
- 2007-11-30 12:39:01 17,784 ------w c:\windows\system32\spmsg.dll
+ 2008-07-08 12:58:08 17,784 ------w c:\windows\system32\spmsg.dll
+ 2007-08-15 10:09:08 40,960 ----a-w c:\windows\system32\ssubtmr6.dll
+ 1999-02-09 18:40:10 188,928 ----a-w c:\windows\system32\vbuzip10.DLL
+ 2007-08-15 10:09:10 159,744 ----a-w c:\windows\system32\wt_menu.dll
+ 2008-11-17 13:50:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_2b0.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2008\MemOptimizer.exe" [12/21/2007 03:17 PM 196864]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [11/16/2008 08:23 PM 2606512]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [08/16/2007 04:19 PM 5728112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [11/12/2008 07:54 PM 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [11/03/2008 09:09 PM 185896]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [07/03/2008 06:04 PM 867544]
"VerbAce"="c:\program files\VerbAce\VerbAce.exe" [11/17/2008 10:08 PM 139264]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 06:59 PM 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11/12/2008 07:53 PM 110160]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [03/16/2005 09:23 AM 13696]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [11/12/2008 07:53 PM 20560]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\System32\svchost.exe [04/14/2008 07:00 PM 14336]
R3 S3GIGP;S3GIGP;c:\windows\system32\DRIVERS\S3gIGPm.sys [07/11/2007 01:08 PM 714240]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.EXE [ ]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:\windows\System32\TuneUpDefragService.exe [11/12/2008 07:08 AM 306432]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
- - - - ORPHANS REMOVED - - - -
BHO-{c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\docume~1\User\APPLIC~1\Mozilla\Firefox\Profiles\ldcig1bh.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava11.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava12.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava131_18.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPJava32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npoji600.dll
FF -: plugin - c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-11-17 22:48:46
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 11/17/2008 22:49:23
ComboFix-quarantined-files.txt 2008-11-17 19:49:17
ComboFix2.txt 2008-11-12 10:57:45
Pre-Run: 30,394,167,296 bytes free
Post-Run: 30,423,953,408 bytes free

313 --- E O F --- 2008-11-16 05:11:26
ورجعت لمحرك البحث جوجل وسرت ابحث عادي دون الانذار السابق الي كان يطلعلي من جوجل
بس لما ادخل موقع الترجمه للجوجل بيجيني هذا الإ نذار​

هل يعني الآ الأن المشكله موجوده عندي رجو افادتي ​

اخوكم الصغير F

​

 

[ابـــو عــبــد الــلــه]

اتبع الشرح التالي ,, لتنظيف جهازك من هذه الدعايات ​

و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,​

رابط تحميل آخر تحديث للاداة​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

شرح الاستخدام ,,,,,,​

قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور​

 

[Faisal1400]

سم ابو ريما الله يحفطك ويرعاك هذا التقرير
تصدق قاعد احمل والاداه عندي

SmitFraudFix v2.374
Scan done at 23:53:20.20, Mon 11/17/2008
Run from E:\ں§ں، 饨ه ںéهںï©ي«ں¢\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: محول VIA Compatable Fast Ethernet - منفذ مصغر لجدولة الحزم
DNS Server Search Order: 192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\..\{82B0E00A-B369-4ABD-BCE8-209EF4FAB8F2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{82B0E00A-B369-4ABD-BCE8-209EF4FAB8F2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{82B0E00A-B369-4ABD-BCE8-209EF4FAB8F2}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

 

[ابـــو عــبــد الــلــه]

كيف الوضع معك الحين

 

[Faisal1400]

ابوريما موقع جوجل للترجمه نفس الي في الصوره عندك بس البحث عادي

يعني وش الواضح عندك من التقرير:y:​

 

[ابـــو عــبــد الــلــه]

ادخل على الرابط التالي ... وشف الوضع معك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[ابـــو عــبــد الــلــه]

ابوريما موقع جوجل للترجمه نفس الي في الصوره عندك بس البحث عادي ​

يعني وش الواضح عندك من التقرير:y:​

التقرير يقول ان جهازك فيه عنقز ... :q:​

 

[Faisal1400]

الله يسعدك ابو ريما الوضع عادي في الموقع الي اعطيتني اياه بس اسأل هل جهازي الحين

مافيه فايروسات بمعنى هل نضف الجهاز :?:​

 

[Faisal1400]

اما عنقز يبو ريما مطعمين من العنقز
img]http://www.zyzoom.net/vb_up/uploads/images/zyzoom-1598b93bcd.gif[/img]
:hh:​

 

[ابـــو عــبــد الــلــه]

الله يسعدك ابو ريما الوضع عادي في الموقع الي اعطيتني اياه بس اسأل هل جهازي الحين ​

مافيه فايروسات بمعنى هل نضف الجهاز :?:​

يعني فتح معك موقع الترجمة ..... واذا تبي تشيك على جهازك عطني تقرير للهايجاك​

 

[ابـــو عــبــد الــلــه]

اما عنقز يبو ريما مطعمين من العنقز

img]http://www.zyzoom.net/vb_up/uploads/images/zyzoom-1598b93bcd.gif[/img]

:hh:​

:hh::d::hh::d::hh:​

 

[Faisal1400]

ابو ريما وش سالفت العنقز اليوم شكل الكميوتر فيها قمل مو عنقز:cr:​

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:25:45, on 18/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
E:\اداة الهايجاك\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [VerbAce] C:\Program Files\VerbAce\VerbAce.exe -AutoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 4557 bytes

 

[ابـــو عــبــد الــلــه]

ربي يوفقك التقرير زين .... بس انت اعمل تحديث لبرنامج الحماية ...