اريد الحل وهذه صورة التقرير

ملوكي1382

ملوكي1382

زيزوومى مميز
إنضم
11 ديسمبر 2008
المشاركات
535
مستوى التفاعل
15
النقاط
530
الإقامة
السعوديه
غير متصل
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:59:55 م, on 11/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\igfxext.exe
C:\DOCUME~1\personal\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\personal\سطح المكتب\Zyzoom_HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\WINDOWS\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 8060 bytes
 

توقيع : ملوكي1382
ترتيب حسب التاريخ ترتيب حسب الأصوات
ايش المشكله ؟؟
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
الكمبيوتر ثقيل والكاسبر لايعمل ويعلق
 
توقيع : ملوكي1382
تأييد 0
يااخوان لي اكثر من ساعتين ونا انتظر الرد ماجاني
 
توقيع : ملوكي1382
تأييد 0
اخي الكريم لديك قيميتن لابد من حذفها وهي

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)

طريقة الحذف

mg%20%283%29.png






mg%20%284%29.png





أتمنى الإستفادة من الموضوع التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بالتوفيق


 
التعديل الأخير بواسطة المشرف:
توقيع : البتال
تأييد 0
سلام عليكم

اعمل التالي

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
كيف اعطل برنامج الحمايه النود
 
توقيع : ملوكي1382
تأييد 0
يا زينك يالكاسبر .. :y:​


من جانب الساعة كلك يمين واختر خروج
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
ComboFix 09-04-13.03 - personal 04/12/2009 22:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.956.580 [GMT 3:00]
Running from: c:\documents and settings\personal\سطح المكتب\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\IE4 Error Log.txt
c:\windows\system32\x64
c:\windows\system32\x64\csnp2uvc.dll
c:\windows\system32\x64\rsnpvc64.dll
c:\windows\system32\x64\sncduvc.sys
c:\windows\system32\x64\snp2uvc.sys
c:\windows\system32\x64\vsnpvc64.dll
.
((((((((((((((((((((((((( Files Created from 2009-03-13 to 2009-04-13 )))))))))))))))))))))))))))))))
.
2009-04-12 14:28 . 2007-11-14 07:18 553 ------r c:\windows\USetup.iss
2009-04-12 13:40 . 2009-04-12 13:40 -------- d-----w c:\documents and settings\personal\Application Data\GrabPro
2009-04-12 13:40 . 2009-04-12 13:40 -------- d-----w C:\downloads
2009-04-12 13:40 . 2009-04-12 14:33 -------- d-----w c:\documents and settings\personal\Application Data\Orbit
2009-04-11 18:35 . 2009-04-11 18:35 -------- d-----w c:\windows\Ela-Salaty
2009-04-11 18:35 . 2009-04-11 18:36 -------- d-----w c:\program files\Ela-Salaty
2009-04-11 15:03 . 2009-04-11 15:03 -------- d-----w c:\documents and settings\personal\DoctorWeb
2009-04-10 09:31 . 2009-04-11 04:11 -------- d-----w c:\windows\system32\CatRoot_bak
2009-04-08 22:06 . 2009-04-11 19:54 69 ----a-w c:\windows\NeroDigital.ini
2009-04-08 15:28 . 2009-04-08 15:28 0 ----a-w c:\windows\nsreg.dat
2009-04-02 23:12 . 2009-04-02 23:12 -------- d-s---w c:\documents and settings\personal\UserData
2009-04-02 22:06 . 2009-04-06 18:06 151 ----a-w c:\windows\PhotoSnapViewer.INI
2009-04-02 09:25 . 2004-08-03 21:55 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-02 09:24 . 2009-04-02 09:24 -------- d-----w c:\documents and settings\personal\Application Data\Apple Computer
2009-04-01 22:23 . 2009-04-01 22:23 -------- d-----w c:\windows\system32\LogFiles
2009-03-31 18:38 . 2001-08-17 11:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys
2009-03-31 16:27 . 2004-08-03 19:58 100992 ----a-w c:\windows\system32\drivers\bthpan.sys
2009-03-31 16:27 . 2004-08-03 20:10 59648 ----a-w c:\windows\system32\drivers\rfcomm.sys
2009-03-31 16:27 . 2004-08-03 20:10 17024 ----a-w c:\windows\system32\drivers\BthEnum.sys
2009-03-31 16:27 . 2004-08-03 21:56 152064 ----a-w c:\windows\system32\irftp.exe
2009-03-31 16:27 . 2004-08-03 21:56 8192 ----a-w c:\windows\system32\wshirda.dll
2009-03-31 16:27 . 2004-08-03 21:55 26624 ----a-w c:\windows\system32\irmon.dll
2009-03-31 16:27 . 2008-06-14 17:59 271616 ----a-w c:\windows\system32\drivers\bthport.sys
2009-03-31 16:27 . 2004-08-03 20:10 18944 ----a-w c:\windows\system32\drivers\BTHUSB.SYS
2009-03-29 23:23 . 2009-04-11 15:44 -------- d-----w c:\documents and settings\personal\Contacts
2009-03-29 17:54 . 2009-03-29 17:54 230 ----a-w c:\windows\system32\spupdsvc.inf
2009-03-29 17:45 . 2009-03-29 17:45 -------- d-----w c:\windows\system32\ar-sa
2009-03-29 17:42 . 2009-04-11 03:48 -------- d--h--w c:\windows\$hf_mig$
2009-03-28 14:30 . 2009-03-28 14:30 268 ---ha-w C:\sqmdata03.sqm
2009-03-28 14:30 . 2009-03-28 14:30 244 ---ha-w C:\sqmnoopt03.sqm
2009-03-28 03:56 . 2009-03-28 03:56 -------- d-----w c:\windows\Sun
2009-03-26 20:14 . 2004-03-29 12:23 90112 ----a-w c:\windows\unvise32.exe
2009-03-26 20:14 . 2009-03-26 20:14 -------- d-----w c:\program files\SWiSHmax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-12 18:59 . 2001-09-19 12:00 41160 ----a-w c:\windows\system32\perfc001.dat
2009-04-12 18:59 . 2001-09-19 12:00 254850 ----a-w c:\windows\system32\perfh001.dat
2009-04-12 14:27 . 2009-04-12 14:27 -------- d-----w c:\program files\Realtek
2009-04-12 14:27 . 2008-11-24 12:18 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-24 00:37 . 2009-01-21 13:42 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-03-24 00:33 . 2009-01-21 13:44 -------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-02-09 14:15 . 2004-08-03 21:46 1846144 ----a-w c:\windows\system32\win32k.sys
2009-01-21 13:50 . 2008-11-24 14:12 27262976 ----a-w C:\VIRTPART.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [11/24/2008 04:15 PM 120320]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [01/15/2007 04:14 PM 147456]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [03/28/2009 05:07 PM 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [06/17/2008 05:34 AM 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [06/17/2008 05:33 AM 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [06/17/2008 05:34 AM 141848]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [07/02/2008 06:36 AM 850440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 03:40 PM 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [11/24/2008 04:55 PM 185896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [10/06/2005 06:03 PM 278528]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM 83608]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [11/24/2008 05:01 PM 155648]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [07/17/2006 05:40 PM 53248]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 12:56 AM 110592 c:\windows\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [05/26/2008 09:16 AM 16862720 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
c:\documents and settings\personal\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Ela-Salaty.lnk - c:\program files\Ela-Salaty\Salaty.exe [2007-03-05 5205504]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-24 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-11-01 576104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [05/30/2008 02:17 PM 93968]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-PLFSetI - c:\windows\PLFSetI.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-12 22:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 04/12/2009 22:10
ComboFix-quarantined-files.txt 2009-04-12 19:10
Pre-Run: 46,183,022,592 bytes free
Post-Run: 46,239,981,568 bytes free
136 --- E O F --- 2009-04-11 03:48
 
توقيع : ملوكي1382
تأييد 0
اعمل التالي

عطل استعادة النظام وابقها معطلة حسب الشرح التالي

dis_sys_xp.jpg


ثم

حمل الاداة التالية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها فتظهر لك واجهة الاداة
احتر خيار التنظيف فتظهر شاشة الدوس للفحص
اتركها حتى تنتهي ويظهر التقرير
انسخه والصقه بمشاركتك القادمة​
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
ComboFix 09-04-13.03 - personal 04/12/2009 22:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1025.18.956.580 [GMT 3:00]
Running from: c:\documents and settings\personal\سطح المكتب\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\IE4 Error Log.txt
c:\windows\system32\x64
c:\windows\system32\x64\csnp2uvc.dll
c:\windows\system32\x64\rsnpvc64.dll
c:\windows\system32\x64\sncduvc.sys
c:\windows\system32\x64\snp2uvc.sys
c:\windows\system32\x64\vsnpvc64.dll
.
((((((((((((((((((((((((( Files Created from 2009-03-13 to 2009-04-13 )))))))))))))))))))))))))))))))
.
2009-04-12 14:28 . 2007-11-14 07:18 553 ------r c:\windows\USetup.iss
2009-04-12 13:40 . 2009-04-12 13:40 -------- d-----w c:\documents and settings\personal\Application Data\GrabPro
2009-04-12 13:40 . 2009-04-12 13:40 -------- d-----w C:\downloads
2009-04-12 13:40 . 2009-04-12 14:33 -------- d-----w c:\documents and settings\personal\Application Data\Orbit
2009-04-11 18:35 . 2009-04-11 18:35 -------- d-----w c:\windows\Ela-Salaty
2009-04-11 18:35 . 2009-04-11 18:36 -------- d-----w c:\program files\Ela-Salaty
2009-04-11 15:03 . 2009-04-11 15:03 -------- d-----w c:\documents and settings\personal\DoctorWeb
2009-04-10 09:31 . 2009-04-11 04:11 -------- d-----w c:\windows\system32\CatRoot_bak
2009-04-08 22:06 . 2009-04-11 19:54 69 ----a-w c:\windows\NeroDigital.ini
2009-04-08 15:28 . 2009-04-08 15:28 0 ----a-w c:\windows\nsreg.dat
2009-04-02 23:12 . 2009-04-02 23:12 -------- d-s---w c:\documents and settings\personal\UserData
2009-04-02 22:06 . 2009-04-06 18:06 151 ----a-w c:\windows\PhotoSnapViewer.INI
2009-04-02 09:25 . 2004-08-03 21:55 221184 ----a-w c:\windows\system32\wmpns.dll
2009-04-02 09:24 . 2009-04-02 09:24 -------- d-----w c:\documents and settings\personal\Application Data\Apple Computer
2009-04-01 22:23 . 2009-04-01 22:23 -------- d-----w c:\windows\system32\LogFiles
2009-03-31 18:38 . 2001-08-17 11:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys
2009-03-31 16:27 . 2004-08-03 19:58 100992 ----a-w c:\windows\system32\drivers\bthpan.sys
2009-03-31 16:27 . 2004-08-03 20:10 59648 ----a-w c:\windows\system32\drivers\rfcomm.sys
2009-03-31 16:27 . 2004-08-03 20:10 17024 ----a-w c:\windows\system32\drivers\BthEnum.sys
2009-03-31 16:27 . 2004-08-03 21:56 152064 ----a-w c:\windows\system32\irftp.exe
2009-03-31 16:27 . 2004-08-03 21:56 8192 ----a-w c:\windows\system32\wshirda.dll
2009-03-31 16:27 . 2004-08-03 21:55 26624 ----a-w c:\windows\system32\irmon.dll
2009-03-31 16:27 . 2008-06-14 17:59 271616 ----a-w c:\windows\system32\drivers\bthport.sys
2009-03-31 16:27 . 2004-08-03 20:10 18944 ----a-w c:\windows\system32\drivers\BTHUSB.SYS
2009-03-29 23:23 . 2009-04-11 15:44 -------- d-----w c:\documents and settings\personal\Contacts
2009-03-29 17:54 . 2009-03-29 17:54 230 ----a-w c:\windows\system32\spupdsvc.inf
2009-03-29 17:45 . 2009-03-29 17:45 -------- d-----w c:\windows\system32\ar-sa
2009-03-29 17:42 . 2009-04-11 03:48 -------- d--h--w c:\windows\$hf_mig$
2009-03-28 14:30 . 2009-03-28 14:30 268 ---ha-w C:\sqmdata03.sqm
2009-03-28 14:30 . 2009-03-28 14:30 244 ---ha-w C:\sqmnoopt03.sqm
2009-03-28 03:56 . 2009-03-28 03:56 -------- d-----w c:\windows\Sun
2009-03-26 20:14 . 2004-03-29 12:23 90112 ----a-w c:\windows\unvise32.exe
2009-03-26 20:14 . 2009-03-26 20:14 -------- d-----w c:\program files\SWiSHmax
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-12 18:59 . 2001-09-19 12:00 41160 ----a-w c:\windows\system32\perfc001.dat
2009-04-12 18:59 . 2001-09-19 12:00 254850 ----a-w c:\windows\system32\perfh001.dat
2009-04-12 14:27 . 2009-04-12 14:27 -------- d-----w c:\program files\Realtek
2009-04-12 14:27 . 2008-11-24 12:18 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-24 00:37 . 2009-01-21 13:42 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-03-24 00:33 . 2009-01-21 13:44 -------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-02-09 14:15 . 2004-08-03 21:46 1846144 ----a-w c:\windows\system32\win32k.sys
2009-01-21 13:50 . 2008-11-24 14:12 27262976 ----a-w C:\VIRTPART.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [11/24/2008 04:15 PM 120320]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [01/15/2007 04:14 PM 147456]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [03/28/2009 05:07 PM 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [06/17/2008 05:34 AM 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [06/17/2008 05:33 AM 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [06/17/2008 05:34 AM 141848]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [07/02/2008 06:36 AM 850440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [01/12/2006 03:40 PM 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [11/24/2008 04:55 PM 185896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [10/06/2005 06:03 PM 278528]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM 83608]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [11/24/2008 05:01 PM 155648]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [07/17/2006 05:40 PM 53248]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 12:56 AM 110592 c:\windows\system32\bthprops.cpl]
"RTHDCPL"="RTHDCPL.EXE" [05/26/2008 09:16 AM 16862720 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
c:\documents and settings\personal\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Ela-Salaty.lnk - c:\program files\Ela-Salaty\Salaty.exe [2007-03-05 5205504]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-24 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-11-01 576104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [05/30/2008 02:17 PM 93968]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-PLFSetI - c:\windows\PLFSetI.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-12 22:09
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 04/12/2009 22:10
ComboFix-quarantined-files.txt 2009-04-12 19:10
Pre-Run: 46,183,022,592 bytes free
Post-Run: 46,239,981,568 bytes free
136 --- E O F --- 2009-04-11 03:48
 
توقيع : ملوكي1382
تأييد 0
اخوي طبق اللى في الرد السابق​
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
رابطالاداه لايعمل مع الشكر للجميع
 
توقيع : ملوكي1382
تأييد 0
رابطالاداه لايعمل مع الشكر للجميع
 
توقيع : ملوكي1382
تأييد 0
توقيع : ابـــو عــبــد الــلــه
تأييد 0
رفض التحميل
 
توقيع : ملوكي1382
تأييد 0


حمل الاداة التالية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها فتظهر لك واجهة الاداة
احتر خيار التنظيف فتظهر شاشة الدوس للفحص
اتركها حتى تنتهي ويظهر التقرير
انسخه والصقه بمشاركتك القادمة​
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى