[ تم حل المشكلة ]مشكلة في جهاز الكمبيوتر في الدي

هكر مبتدأ · 4 مايو 2009

سلام عليكم ورحمه الله وبركاته

كيفكون ؟

ندخل بالموضوع :

انا مشكلتي كمبيوتري ادخل على الدي تطلع لي هالصورة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

إذا ضغطت على عدم ارسال سكرت جهاز الكمبيوتر :no:

ياليت احد يساعدني في مشكلتي وله الشكر مقدما ً :b:

تحياتي لكم :hh:

أعتز بك · 4 مايو 2009

وعليكم السلام

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

OR

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على

Do a system scan and save log

لحظات .. ويظهر لك تقرير داخل المفكرة ==> انسخه والصقه بردك القادم

بالآآنتظآآر ,,

هكر مبتدأ · 4 مايو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:36 م, on 06/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWlan.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\LClock\LClock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\ReStart.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: RealtekUSB - Realtek - C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7723 bytes

أعتز بك · 4 مايو 2009

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

وبعدها هات تقرير هاي جاك جديد

أعتز بك · 4 مايو 2009

وتابع هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بالآآنتظآآر ,,

KoNaMi · 4 مايو 2009

حياك اخوي الحين اعمل الاتي

عطل جميع برامج الحمايه ,,

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة

KoNaMi · 4 مايو 2009

المعذرة اخوي اعتز بك

هكر مبتدأ · 4 مايو 2009

يالبى قلبك

تسلم يالغالي

وجاري التطبيق

أعتز بك · 4 مايو 2009

KoNaMi قال:
المعذرة اخوي اعتز بك

خذ راحتك

أطمر متى ما تبي :d:

لك الشكر

هكر مبتدأ · 4 مايو 2009

ComboFix 09-05-03.6 - user 05/06/2009 21:46.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.479.193 [GMT 3:00]
Running from: c:\documents and settings\user\سطح المكتب\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Outdated)
FW: McAfee Personal Firewall *enabled*
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\setup.exe
c:\windows\system32\kakle.dll
c:\windows\system32\swfDShare.dll
c:\windows\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2009-04-06 to 2009-05-06 )))))))))))))))))))))))))))))))
.
2009-05-06 18:27 . 2009-05-06 18:27 -------- d-----w c:\program files\Trend Micro
2009-05-05 15:24 . 2009-05-05 15:24 -------- d-----w c:\program files\WinSWF Extractor
2009-05-04 10:38 . 2009-05-04 10:38 -------- d-----w c:\program files\clue-by-4.org
2009-05-03 21:16 . 2009-05-03 21:16 -------- d-----w c:\documents and settings\user\Application Data\Kana Solution
2009-05-03 21:16 . 2009-05-03 21:16 -------- d-----w c:\program files\DynDNS Updater
2009-05-03 20:11 . 2009-05-03 20:11 -------- d-----w c:\program files\No-IP
2009-04-29 14:37 . 2006-08-30 03:24 5214208 ----a-w c:\windows\system32\vistaui.exe
2009-04-29 14:37 . 2005-09-21 02:42 382976 ----a-w c:\windows\system32\Vista.scr
2009-04-29 14:37 . 2005-12-10 22:53 720412 ----a-w c:\windows\system32\MGB_ScreenSaver.scr
2009-04-29 14:37 . 2009-04-29 14:37 -------- d-----w c:\program files\LClock
2009-04-29 14:37 . 2006-11-22 18:02 413518 ----a-w c:\windows\system32\vimc.exe
2009-04-29 14:33 . 2009-04-29 14:37 -------- d-----w c:\windows\system32\VITrans
2009-04-29 14:32 . 2004-12-19 20:00 111104 ----a-w c:\windows\system32\Uharc.exe
2009-04-29 14:32 . 2006-02-26 17:43 19968 ----a-w c:\windows\system32\reico.exe
2009-04-29 14:32 . 1999-12-10 21:45 8636 ----a-w c:\windows\system32\modifype.exe
2009-04-29 14:32 . 2001-10-01 11:51 69632 ----a-w c:\windows\system32\moveex.exe
2009-04-29 14:32 . 2005-05-18 08:43 81920 ----a-w c:\windows\system32\closeapp.exe
2009-04-29 14:32 . 2009-04-29 14:39 -------- d-----w C:\VTPFiles
2009-04-22 19:54 . 2009-04-30 15:22 -------- d-----w c:\documents and settings\user\Local Settings\Application Data\WMTools Downloaded Files
2009-04-22 19:27 . 2005-05-19 00:17 40960 ----a-w c:\windows\system32\osenxpsuite2005.dll
2009-04-22 19:27 . 2009-04-22 19:27 -------- d-----w c:\program files\Ozone
2009-04-22 10:23 . 2009-04-22 10:23 -------- d-----w c:\documents and settings\user\Local Settings\Application Data\Identities
2009-04-22 10:22 . 2009-04-22 12:34 -------- d-----w c:\program files\RegistryFix7
2009-04-21 09:27 . 2009-04-21 09:27 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-04-20 10:38 . 2009-04-20 10:38 -------- d-----w c:\windows\system32\LogFiles
2009-04-20 09:40 . 2009-04-20 09:40 21035 ----a-w c:\windows\system32\drivers\AegisP.sys
2009-04-20 09:40 . 2009-04-20 09:40 -------- d-----w c:\windows\OPTIONS
2009-04-20 09:40 . 2007-07-18 08:40 264576 ------r c:\windows\system\rtl8187B.sys
2009-04-20 09:39 . 2007-08-02 10:00 38144 ----a-w c:\windows\system32\drivers\EAPPkt.sys
2009-04-20 09:39 . 2009-04-20 09:39 -------- d-----w c:\windows\system32\REALTEK USB Wireless LAN Driver and Utility
2009-04-20 09:39 . 2009-04-20 09:39 -------- d-----w c:\program files\REALTEK
2009-04-20 09:39 . 2009-04-20 09:39 -------- d-----w c:\documents and settings\user\Application Data\InstallShield
2009-04-20 09:39 . 2007-07-18 08:40 264576 ----a-r c:\windows\system32\drivers\RTL8187B.sys
2009-04-19 15:49 . 2009-04-19 15:50 -------- d-----w c:\program files\TNT Lock computer
2009-04-18 19:46 . 2009-04-18 19:46 -------- d-----w c:\documents and settings\user\Application Data\CyberLink
2009-04-18 19:24 . 2009-04-18 19:24 -------- d-----w c:\program files\Common Files\PCSuite
2009-04-18 19:24 . 2009-04-18 19:24 -------- d-----w c:\program files\Common Files\Nokia
2009-04-18 18:06 . 2009-04-18 18:06 -------- d-----w c:\documents and settings\LocalService\Application Data\SACore
2009-04-18 18:06 . 2009-04-18 18:06 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\SACore
2009-04-17 18:20 . 2009-04-22 19:30 -------- d-----w c:\program files\hp deskjet 3320 series
2009-04-17 18:20 . 2002-12-18 19:29 184386 ----a-w c:\windows\system32\hpzsnt07.dll
2009-04-17 18:19 . 2009-04-17 18:19 -------- d-----w c:\program files\Hewlett-Packard
2009-04-17 18:10 . 2009-04-29 19:08 -------- d-----w c:\documents and settings\user\Application Data\U3
2009-04-17 18:03 . 2004-08-03 20:01 25856 ----a-w c:\windows\system32\drivers\usbprint.sys
2009-04-17 08:06 . 2004-08-03 19:58 5504 ----a-w c:\windows\system32\drivers\MSTEE.sys
2009-04-17 08:06 . 2004-08-03 20:10 10880 ----a-w c:\windows\system32\drivers\NdisIP.sys
2009-04-17 08:06 . 2004-08-03 20:10 15360 ----a-w c:\windows\system32\drivers\StreamIP.sys
2009-04-17 08:06 . 2004-08-03 20:10 11136 ----a-w c:\windows\system32\drivers\SLIP.sys
2009-04-17 08:06 . 2004-08-03 20:10 19328 ----a-w c:\windows\system32\drivers\WSTCODEC.SYS
2009-04-17 08:06 . 2004-08-03 20:10 85376 ----a-w c:\windows\system32\drivers\NABTSFEC.sys
2009-04-17 08:06 . 2004-08-03 20:10 17024 ----a-w c:\windows\system32\drivers\CCDECODE.sys
2009-04-17 08:06 . 2004-08-03 21:55 53760 ----a-w c:\windows\system32\vfwwdm32.dll
2009-04-17 08:06 . 2009-04-17 08:06 13824 ----a-w c:\windows\system32\drivers\splitcam.sys
2009-04-16 20:08 . 2004-08-03 20:08 25600 ----a-w c:\windows\system32\drivers\usbser.sys
2009-04-16 20:08 . 2006-10-08 18:51 23856 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-16 17:47 . 2009-04-16 17:47 -------- d-s---w c:\documents and settings\user\UserData
2009-04-16 17:43 . 2009-04-16 17:43 -------- d-----w c:\documents and settings\user\Application Data\Media Player Classic
2009-04-16 17:40 . 2009-04-16 17:40 -------- d-----w c:\program files\Crazy Browser
2009-04-16 17:23 . 2009-04-16 20:09 -------- d-----w c:\documents and settings\user\Application Data\PC Suite
2009-04-16 17:22 . 2009-04-16 17:22 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-04-16 17:22 . 2009-04-18 19:25 -------- d-----w c:\documents and settings\user\Application Data\Nokia
2009-04-16 17:18 . 2007-09-17 12:53 21632 ----a-w c:\windows\system32\drivers\pccsmcfd.sys
2009-04-16 17:18 . 2009-04-16 17:18 -------- d-----w c:\program files\PC Connectivity Solution
2009-04-16 17:18 . 2008-05-07 04:38 8064 ----a-w c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-04-16 17:18 . 2008-06-06 06:24 8064 ----a-w c:\windows\system32\drivers\usbser_lowerflt.sys
2009-04-16 17:18 . 2008-05-07 04:38 20864 ----a-w c:\windows\system32\drivers\ccdcmbo.sys
2009-04-16 17:18 . 2008-05-07 04:38 17536 ----a-w c:\windows\system32\drivers\ccdcmb.sys
2009-04-16 17:18 . 2008-05-07 04:38 659968 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-04-16 17:18 . 2008-05-07 04:39 1419232 ----a-w c:\windows\system32\wdfcoinstaller01005.dll
2009-04-16 17:18 . 2008-05-07 04:38 90624 ----a-w c:\windows\system32\nmwcdcls.dll
2009-04-16 17:18 . 2009-04-18 19:24 -------- d-----w c:\program files\Nokia
2009-04-16 17:17 . 2009-04-16 17:17 -------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-04-16 16:50 . 2009-04-16 16:50 -------- d-----w c:\program files\iColorFolder
2009-04-16 16:47 . 2009-04-26 16:42 -------- d-----w c:\documents and settings\user\Application Data\Paltalk
2009-04-16 16:47 . 2009-04-16 16:47 -------- d-----w c:\windows\PaltalkScene
2009-04-16 16:47 . 2009-04-16 16:48 -------- d-----w c:\program files\Paltalk Messenger
2009-04-16 16:02 . 2009-04-22 17:41 -------- d-----w c:\documents and settings\user\Contacts
2009-04-16 15:40 . 2009-04-16 15:40 -------- d-----w C:\Fraps
2009-04-16 15:37 . 2005-05-31 19:34 114688 ------w c:\windows\system32\fppr232.dll
2009-04-16 15:37 . 2005-05-31 19:32 286720 ------w c:\windows\system32\fppmon2.dll
2009-04-16 15:37 . 2002-10-25 02:17 65536 ----a-w c:\windows\system32\Crypserv.exe
2009-04-16 15:37 . 1999-06-18 21:49 165888 ----a-w c:\windows\Ckconfig.exe
2009-04-16 15:37 . 1995-07-04 18:33 11776 ----a-w c:\windows\Ckrfresh.exe
2009-04-16 15:37 . 1996-05-03 15:36 18432 ----a-w c:\windows\Setup_ck.dll
2009-04-16 15:37 . 1996-05-03 17:21 27648 ----a-r c:\windows\Setup_ck.exe
2009-04-16 15:36 . 2009-04-23 21:48 -------- d-----w c:\program files\Kelk 2000
2009-04-16 15:35 . 2009-05-05 21:53 -------- d-----w c:\program files\CamStudio
2009-04-16 15:35 . 2009-04-16 15:35 -------- d-----w c:\program files\SplitCam
2009-04-16 15:34 . 2009-05-01 20:58 -------- d-----w c:\documents and settings\user\Local Settings\Application Data\Google
2009-04-16 15:34 . 2009-05-06 14:40 -------- d-----w c:\program files\Youtube Downloader HD
2009-04-16 15:33 . 2009-04-16 15:33 -------- d-----w c:\program files\Common Files\xing shared
2009-04-16 15:32 . 2009-05-01 14:33 -------- d-----w c:\program files\Google
2009-04-16 15:27 . 2009-04-16 15:27 -------- d-----w c:\documents and settings\user\Application Data\AntsSoft
2009-04-16 15:27 . 2009-04-16 15:28 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-16 15:26 . 2009-04-16 15:27 -------- d-----w c:\program files\SWFText
2009-04-16 15:21 . 2001-08-17 11:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys
2009-04-16 14:48 . 2009-04-17 11:30 -------- d-----w c:\documents and settings\user\Application Data\BSplayer PRO
2009-04-16 14:48 . 2009-04-16 14:48 -------- d-----w c:\program files\Webteh
2009-04-16 14:43 . 2009-04-30 15:10 -------- d-----w c:\program files\SWiSHmax
2009-04-16 14:03 . 2009-04-16 14:03 -------- d-----w c:\documents and settings\LocalService\سطح المكتب
2009-04-16 14:03 . 2009-04-19 09:02 -------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor
2009-04-16 14:02 . 2007-11-22 03:44 33832 ----a-w c:\windows\system32\drivers\mferkdk.sys
2009-04-16 14:02 . 2007-12-02 09:51 40488 ----a-w c:\windows\system32\drivers\mfesmfk.sys
2009-04-16 14:02 . 2007-11-22 03:44 35240 ----a-w c:\windows\system32\drivers\mfebopk.sys
2009-04-16 14:02 . 2007-11-22 03:44 79304 ----a-w c:\windows\system32\drivers\mfeavfk.sys
2009-04-16 14:02 . 2007-11-22 03:44 201320 ----a-w c:\windows\system32\drivers\mfehidk.sys
2009-04-16 14:02 . 2007-07-13 06:20 113952 ----a-w c:\windows\system32\drivers\Mpfp.sys
2009-04-16 14:02 . 2009-04-16 14:02 -------- d-----w c:\program files\McAfee.com
2009-04-16 14:02 . 2009-04-16 14:02 -------- d-----w c:\program files\Common Files\McAfee
2009-04-16 14:01 . 2009-04-19 09:01 -------- d-----w c:\program files\McAfee
2009-04-16 14:01 . 2009-04-18 18:03 -------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2009-04-16 08:39 . 2009-04-16 08:39 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-04-16 08:37 . 2009-04-20 10:34 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-16 08:36 . 2009-04-16 08:36 -------- d-----w c:\windows\speech
2009-04-16 08:36 . 2009-04-16 08:36 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-04-16 08:36 . 2009-04-16 08:36 172032 ------w c:\windows\Setup1.exe
2009-04-16 08:36 . 2009-04-16 08:36 73216 ----a-w c:\windows\ST6UNST.EXE
2009-04-16 08:33 . 2009-04-17 07:26 -------- d-----w c:\program files\Circle Developement
2009-04-16 08:33 . 2009-04-17 08:03 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-16 08:33 . 2009-04-16 08:33 -------- d-----w c:\program files\Windows Live
2009-04-16 08:32 . 2007-09-04 14:56 164352 ----a-w c:\windows\system32\unrar.dll
2009-04-16 08:32 . 2004-01-25 14:18 217088 ----a-w c:\windows\system32\yv12vfw.dll
2009-04-16 08:32 . 2007-07-25 11:24 1559040 ----a-w c:\windows\system32\xvidcore.dll
2009-04-16 08:32 . 2007-03-10 09:51 282624 ----a-w c:\windows\system32\xvidvfw.dll
2009-04-16 08:32 . 2007-09-28 14:07 3596288 ----a-w c:\windows\system32\qt-dx331.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-01 20:59 . 2009-04-22 19:28 2846720 ----a-w c:\windows\system32\ALOAudioCompress3.dll
2009-05-01 20:59 . 2009-04-22 19:28 778240 ----a-w c:\windows\system32\ALOAudioCompress2.dll
2009-04-29 14:42 . 2009-04-15 19:02 333296 ----a-w c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-29 14:33 . 2004-08-04 07:55 218624 ----a-w c:\windows\system32\uxtheme.dll
2009-04-22 19:28 . 2009-04-22 19:28 344064 ----a-w c:\windows\system32\dkll.dll
2009-04-16 20:08 . 2009-04-16 20:08 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-04-16 20:08 . 2009-04-16 20:08 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-04-16 19:05 . 2009-04-15 18:56 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-16 17:18 . 2009-04-15 19:10 -------- d-----w c:\program files\DIFX
2009-04-16 08:35 . 2009-04-16 08:35 -------- d-----w c:\program files\مشغل الفلاش العربي
2009-04-16 08:35 . 2009-04-16 08:35 2232 ----a-w c:\windows\java\Packages\Data\VN7XJF3P.DAT
2009-04-16 08:35 . 2009-04-16 08:35 155995 ----a-w c:\windows\java\Packages\Y4TJFB33.ZIP
2009-04-16 08:35 . 2009-04-16 08:35 2678 ----a-w c:\windows\java\Packages\Data\GEZF77HB.DAT
2009-04-16 08:35 . 2009-04-16 08:35 2678 ----a-w c:\windows\java\Packages\Data\GANTJNNL.DAT
2009-04-16 08:35 . 2009-04-16 08:35 2678 ----a-w c:\windows\java\Packages\Data\UTBRZNZH.DAT
2009-04-16 08:35 . 2009-04-16 08:35 2678 ----a-w c:\windows\java\Packages\Data\I579VTBB.DAT
2009-04-16 08:35 . 2009-04-16 08:35 2678 ----a-w c:\windows\java\Packages\Data\1VDB5ZTB.DAT
2009-04-15 19:35 . 2009-04-15 19:35 -------- d-----w c:\program files\Microsoft.NET
2009-04-15 19:35 . 2009-04-15 19:35 -------- d-----w c:\program files\Microsoft Works
2009-04-15 19:20 . 2001-09-19 11:00 39982 ----a-w c:\windows\system32\perfc001.dat
2009-04-15 19:20 . 2001-09-19 11:00 251478 ----a-w c:\windows\system32\perfh001.dat
2009-04-15 19:14 . 2009-04-15 19:14 -------- d-----w c:\program files\Motorola
2009-04-15 18:57 . 2009-04-15 18:57 -------- d-----w c:\program files\microsoft frontpage
2009-04-15 18:56 . 2001-09-19 11:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-04-15 18:54 . 2009-04-15 18:54 22144 ----a-w c:\windows\system32\emptyregdb.dat
.
------- Sigcheck -------
[-] 2004-08-04 08:08 2017792 B08E5140B07732B12E0BC1CDBFECAE4A c:\windows\system32\ntkrnlpa.exe
[7] 2004-08-04 08:08 2016768 0CBE3942657196CB871738E5D4A9DA79 c:\windows\system32\VITrans\ntkrnlpa.exe
[-] 2004-08-04 07:48 2150912 E0B16155DB89EA3298AE21271AD1812F c:\windows\system32\ntoskrnl.exe
[7] 2004-08-04 07:48 2149888 10AC039A4734D143A84763AEBACBCD89 c:\windows\system32\VITrans\ntoskrnl.exe
[-] 2004-08-04 07:56 1244672 715C4CD7C417A3528D862402D04EA240 c:\windows\explorer.exe
[7] 2004-08-04 07:56 1029632 932F97B77F2625F7FF7DFC97552548F8 c:\windows\system32\VITrans\explorer.exe
[-] 2009-02-04 14:27 1547776 6E932D21E116B51ED9D5157E31C48E33 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-08-16 5728112]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-01 39408]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-29 638976]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-16 185896]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2005-05-31 483328]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-12-18 188416]
"LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-09-21 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2007-05-15 200704]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-16 113664]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-1-28 10950144]
REALTEK USB Wireless LAN Utility.lnk - c:\program files\REALTEK\USB Wireless LAN Utility\ReStart.exe [2009-4-20 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,00
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2007-08-02 38144]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-02-11 210216]
S2 RealtekUSB;RealtekUSB;c:\program files\REALTEK\USB Wireless LAN Utility\RtlService.exe [2007-07-27 36864]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-07-18 264576]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27ecda51-2a8e-11de-8cbf-0016ec7bb394}]
\Shell\AutoRun\command - F:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2dea5469-2b79-11de-8cc7-0016ec7bb394}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
2009-04-16 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-04-16 10:32]
2009-04-30 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-04-16 10:32]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: Microsoft XML Parser for Java
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-06 21:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\cscui.dll
.
Completion time: 2009-05-06 21:51
ComboFix-quarantined-files.txt 2009-05-06 18:51
Pre-Run: 33,665,482,752 bytes free
Post-Run: 34,437,419,008 bytes free
274

هكر مبتدأ · 4 مايو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:53:57 م, on 06/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
C:\Program Files\REALTEK\USB Wireless LAN Utility\RtWlan.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\LClock\LClock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK\USB Wireless LAN Utility\ReStart.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: RealtekUSB - Realtek - C:\Program Files\REALTEK\USB Wireless LAN Utility\RtlService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7750 bytes

أعتز بك · 4 مايو 2009

من الهايجاك احذف التالي

O2 - BHO: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبي فقط

شرح الاستخدام ,,,,,,

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

وبعدها عطني أوضاع الجهاز

بالآآنتظآآر ,,

هكر مبتدأ · 4 مايو 2009

بيض الله وجهك يااعتز بك

وجاري تطبيق المطلوب

أعتز بك · 4 مايو 2009

لا تنسى تابع هذا الموضوع يا الغلا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

هكر مبتدأ · 4 مايو 2009

يالغالي مازالت المشكلة موجوده

ادخل على الدي يقول نفس الكلام

؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟

أعتز بك · 4 مايو 2009

حمل الاداة التالية

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وأغلق جميع البرامج

شغلها فتظهر لك واجهة الاداة

اختر خيار التنظيف فتظهر شاشة الدوس للفحص

اتركها حتى تنتهي ويظهر التقرير

انسخه والصقه بمشاركتك القادمة

هكر مبتدأ · 5 مايو 2009

يالغالي اسف على التأخير لظروف الانترنت

وانا حاولت ادخل ودخلت وصفحه التعذر مفتوحه وحذفت مقطع انا محملة امس العصر

وبعد الحذف عاد الجهاز كما هو لكـن ابي افصحه بالبرنامج الاخير وارد لك النتائج

والله يجزاك بالخير

:: تحياتي لك ::

هكر مبتدأ · 5 مايو 2009

Engine Version : 5301.4018
Engine Load Time : 26265 milliseconds
AV DAT Version : 5585.0000 526752 detections Built 20 ربيع الثاني, 1430
Extra DAT : 0 detections

Memory : Clean
Please wait ... building list of critical files to scan
Critical : Clean
Scanning the computer's cookie directories
Cookies : Clean
c:\pagefile.sys : Scan Failed
c:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR2.tmp : Scan Failed
c:\Documents and Settings\LocalService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\LocalService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\NTUSER.DAT : Scan Failed
c:\Documents and Settings\NetworkService\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\user\NTUSER.DAT : Scan Failed
c:\Documents and Settings\user\ntuser.dat.LOG : Scan Failed
c:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat : Scan Failed
c:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG : Scan Failed
c:\Documents and Settings\user\Local Settings\Temp\Perflib_Perfdata_5cc.dat : Scan Failed
c:\WINDOWS\system32\config\default : Scan Failed
c:\WINDOWS\system32\config\default.LOG : Scan Failed
c:\WINDOWS\system32\config\SAM : Scan Failed
c:\WINDOWS\system32\config\SAM.LOG : Scan Failed
c:\WINDOWS\system32\config\SECURITY : Scan Failed
c:\WINDOWS\system32\config\SECURITY.LOG : Scan Failed
c:\WINDOWS\system32\config\software : Scan Failed
c:\WINDOWS\system32\config\software.LOG : Scan Failed
c:\WINDOWS\system32\config\system : Scan Failed
c:\WINDOWS\system32\config\system.LOG : Scan Failed
c:\WINDOWS\Temp\mcafee_tCAT02gXOLsLr8V : Scan Failed
c:\WINDOWS\Temp\mcmsc_fcnCVZWsaO04gk7 : Scan Failed
c:\WINDOWS\Temp\mcmsc_PurOwQdZxIn9Com : Scan Failed
c:\WINDOWS\Temp\sqlite_cMR0DskDq4cJGVS : Scan Failed
c:\WINDOWS\Temp\sqlite_Jx2zhpLTJLsTasW : Scan Failed
c:\WINDOWS\Temp\sqlite_OYvdKI7g00MIDHd : Scan Failed
Scanning the registry
Registry : Clean

Summary :-
FilesFound : 57133
FilesScanned : 28199
FilesNotScanned : 28934

ObjectsFound : 94946
ObjectsInfected : 0
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 0
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 12:12:38 م 13 جمادى الأولى, 1430
Ended at : 12:40:14 م 13 جمادى الأولى, 1430
Duration : 27 minutes 36 seconds
4423 MB scanned in 1656 seconds = 2 MB/s
Engine Version : 5301.4018
Engine Load Time : 26094 milliseconds
AV DAT Version : 5585.0000 526752 detections Built 20 ربيع الثاني, 1430
Extra DAT : 0 detections

Summary :-
FilesFound : 26280
FilesScanned : 10624
FilesNotScanned : 15656

ObjectsFound : 27332
ObjectsInfected : 0
ObjectsCleaned : 0
ObjectsDeleted : 0

FilesInfected : 0
FilesCleaned : 0
FilesMoved : 0
FilesDeleted : 0

Started at : 12:40:44 م 13 جمادى الأولى, 1430
Ended at : 12:46:01 م 13 جمادى الأولى, 1430
Duration : 5 minutes 16 seconds
1050 MB scanned in 316 seconds = 3 MB/s

أعتز بك · 5 مايو 2009

طيب يا الغلا هل من مشكله الآن

هكر مبتدأ · 5 مايو 2009

لا مافيه الا العافية

يالله لك الحمد والشكر

يعطيك الف الف الف عافية يالذيب

تحياتي لكم يالاشناب

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومى محترف

توقيع : أعتز بك

زيزوومى فضى

توقيع : KoNaMi

زيزوومى فضى

توقيع : KoNaMi

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد

زيزوومي جديد

زيزوومى محترف

توقيع : أعتز بك

زيزوومي جديد