( تم حل المشكلة ) المرجوا المساعدة : جهازي بطئ و ضغط شديد على مستوى الداكرة

[achraf0metal]

يعيش جهازي بطئ شديد على مستوى الداكرة

إليكم الصورة :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:10:45, on 31/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RaUI.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\zyzoom_mcafee.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX1\1.com
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\init.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: ????ê?.?à? - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [AnVir Task Manager] "C:\Program Files\AnVir Task Manager\AnVir.exe" Minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B0067CA5-2C37-4C6B-AAEC-5E2CE8635061} (FontDown Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: pcverru - pcverru.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 5846 bytes


تحياتي

​

 

[MAAX]

اخي اعد عمل تقرير والصقه بدون اقتباس او اكواد

 

[achraf0metal]

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

تم التعديل و سبب هذا المشكل هو يأتي عندما شغلت ملف إسمه keymaker.exe

 

[MAAX]

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة​

 

[achraf0metal]

ComboFix 09-05-31.02 - Administrateur 31/05/2009 22:11.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.212.1036.18.510.193 [GMT 0:00]
Running from: c:\documents and settings\Administrateur\Mes documents\Downloads\Programs\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090531-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrateur\Application Data\.#
c:\windows\system32\certstore.dat
c:\windows\system32\FInstall.sys
c:\windows\system32\kungsfsbavhkwk.dat
c:\windows\system32\MyDIT_GenClassCoInst.dll
c:\windows\system32\tpsaxyd.exe
c:\windows\system32\wtukd32.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_dhcpsrv
-------\Legacy_ias
-------\Legacy_KUNGSFTLWBWTMO
-------\Legacy_NPF
-------\Service_kungsftlwbwtmo


((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-31 )))))))))))))))))))))))))))))))
.

2009-05-31 21:00 . 2009-05-31 21:00 7168 ----a-w- C:\ysjmlii.exe
2009-05-31 21:00 . 2009-05-31 21:00 125952 ----a-w- C:\jufnp.exe
2009-05-31 21:00 . 2009-05-31 21:00 61440 ----a-w- C:\kgexvh.exe
2009-05-31 20:44 . 2009-05-31 20:44 -------- d-----w- c:\documents and settings\Invité
2009-05-31 19:50 . 2009-05-31 19:50 -------- d-----w- c:\program files\Trend Micro
2009-05-29 18:49 . 2009-05-31 20:58 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Yandex
2009-05-29 18:49 . 2009-05-29 18:49 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Yandex
2009-05-29 18:49 . 2009-05-31 20:58 -------- d-----w- c:\program files\Yandex
2009-05-29 18:49 . 2009-05-31 20:58 -------- d-----w- c:\program files\AnVir Task Manager
2009-05-29 18:48 . 2009-05-29 18:51 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\AnVir
2009-05-28 18:52 . 2009-05-31 22:15 117760 ----a-w- c:\documents and settings\Administrateur\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-28 18:51 . 2009-05-28 18:51 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-05-28 18:51 . 2009-05-28 18:52 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-28 18:51 . 2009-05-28 18:51 -------- d-----w- c:\documents and settings\Administrateur\Application Data\SUPERAntiSpyware.com
2009-05-28 13:15 . 2009-05-28 14:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-28 13:15 . 2009-05-28 13:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-27 14:48 . 2009-05-27 14:48 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-05-27 12:45 . 2009-05-27 12:45 -------- d-----w- c:\program files\Zards software
2009-05-27 07:42 . 2009-05-27 07:42 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2009-05-26 23:45 . 2009-05-26 23:45 -------- d-----w- c:\program files\Alfa Autorun Killer 2
2009-05-26 22:07 . 2009-02-05 21:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-05-26 22:07 . 2009-02-05 21:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-05-26 22:07 . 2009-02-05 21:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-05-26 22:07 . 2009-02-05 21:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-05-26 22:07 . 2009-02-05 21:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-05-26 22:07 . 2009-02-05 21:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-05-26 22:07 . 2009-02-05 21:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-05-26 22:07 . 2009-02-05 21:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-05-26 22:07 . 2009-02-05 21:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-05-26 22:07 . 2009-05-26 22:07 -------- d-----w- c:\program files\Alwil Software
2009-05-26 19:19 . 2009-05-26 19:19 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-26 17:07 . 2009-05-26 17:07 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-05-26 17:06 . 2009-05-26 22:44 -------- d-----w- c:\windows\dhcp
2009-05-26 17:03 . 2009-05-31 20:59 -------- d-----w- c:\program files\RegistryFix7
2009-05-26 14:21 . 2009-05-26 14:21 -------- d-----w- c:\program files\RapidShare Mass Downloader
2009-05-26 07:16 . 2009-05-26 07:16 -------- d-----w- c:\program files\MSXML 4.0
2009-05-25 22:29 . 2007-09-20 03:59 156392 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2009-05-25 22:29 . 2009-05-25 22:29 -------- d-----w- c:\program files\WIDCOMM
2009-05-25 22:14 . 2008-04-13 19:33 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-05-25 22:14 . 2008-04-13 19:33 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-05-25 22:13 . 2008-03-27 02:17 89896 ----a-w- c:\windows\system32\drivers\btwsecfl.sys
2009-05-25 22:11 . 2005-07-20 17:44 598016 ----a-w- c:\windows\RaUI.exe
2009-05-25 22:11 . 2005-07-15 09:20 1417307 ----a-w- c:\windows\AegisE5.dll
2009-05-25 22:10 . 2005-07-15 18:11 81920 ----a-w- c:\windows\system32\Install6x.dll
2009-05-25 22:10 . 2005-07-13 16:25 8192 ----a-w- c:\windows\system32\drivers\RT2661.bin
2009-05-25 22:10 . 2005-07-13 16:25 8192 ----a-w- c:\windows\system32\drivers\RT2561s.bin
2009-05-25 22:10 . 2005-07-13 16:25 8192 ----a-w- c:\windows\system32\drivers\RT2561.bin
2009-05-25 22:10 . 2005-06-17 19:19 242048 ----a-w- c:\windows\system32\drivers\RT2500.SYS
2009-05-25 22:10 . 2005-05-17 16:24 311296 ----a-w- c:\windows\system32\AegisI5.exe
2009-05-25 22:10 . 2009-05-25 22:10 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-05-25 13:33 . 2009-05-25 13:33 -------- d-----w- c:\program files\SlySoft
2009-05-25 07:18 . 2009-05-27 14:53 -------- d-----w- c:\program files\Folder Lock 6
2009-05-24 21:31 . 2009-05-27 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2009-05-24 21:31 . 2009-05-27 14:53 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MAGIX
2009-05-24 21:31 . 2009-05-24 21:31 -------- d-----w- c:\program files\WMV9_VCM
2009-05-24 21:31 . 2009-05-24 21:31 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Xara
2009-05-24 21:31 . 2009-05-24 21:31 -------- d-----w- c:\program files\Fichiers communs\xara
2009-05-24 21:31 . 2003-04-18 16:29 82432 ----a-w- c:\windows\system32\msxml4r.dll
2009-05-24 21:31 . 2003-04-18 16:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2009-05-24 21:30 . 2009-05-27 14:53 -------- d-----w- c:\program files\Xara
2009-05-24 21:30 . 2009-05-27 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Xara
2009-05-24 21:30 . 2007-04-27 10:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2009-05-24 21:30 . 2009-05-27 14:53 -------- d-----w- c:\windows\system32\MAGIX
2009-05-24 21:30 . 2008-04-15 16:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2009-05-24 10:07 . 2009-05-24 10:07 -------- d-----w- c:\windows\system32\wbem\Repository
2009-05-23 09:44 . 2009-05-24 10:07 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Google
2009-05-23 09:25 . 2009-05-24 10:07 -------- d-----w- c:\program files\Bluetooth Remote Control
2009-05-19 10:35 . 2009-03-26 15:35 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-05-17 12:07 . 2008-03-21 13:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-05-17 12:05 . 2008-09-24 11:45 22368 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-05-17 12:05 . 2008-09-24 11:45 1107296 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2009-05-17 12:05 . 2008-09-24 11:45 10976 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-05-17 10:27 . 2009-05-17 10:27 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2009-05-17 10:27 . 2009-05-17 10:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Sony Ericsson
2009-05-17 10:22 . 2008-05-16 12:33 115752 ----a-w- c:\windows\system32\drivers\s0016unic.sys
2009-05-17 10:22 . 2008-05-16 12:33 10792 ----a-w- c:\windows\system32\drivers\s0016cr.sys
2009-05-17 10:22 . 2008-05-16 12:33 25512 ----a-w- c:\windows\system32\drivers\s0016nd5.sys
2009-05-17 10:22 . 2008-05-16 12:33 15016 ----a-w- c:\windows\system32\drivers\s0016mdfl.sys
2009-05-17 10:22 . 2008-05-16 12:33 12200 ----a-w- c:\windows\system32\drivers\s0016cmnt.sys
2009-05-17 10:22 . 2008-05-16 12:33 12200 ----a-w- c:\windows\system32\drivers\s0016cm.sys
2009-05-17 10:22 . 2008-05-16 12:33 120744 ----a-w- c:\windows\system32\drivers\s0016mdm.sys
2009-05-17 10:22 . 2008-05-16 12:33 114216 ----a-w- c:\windows\system32\drivers\s0016mgmt.sys
2009-05-17 10:22 . 2008-05-16 12:33 110632 ----a-w- c:\windows\system32\drivers\s0016obex.sys
2009-05-17 10:22 . 2008-05-16 12:33 89256 ----a-w- c:\windows\system32\drivers\s0016bus.sys
2009-05-17 10:22 . 2008-05-16 12:33 12200 ----a-w- c:\windows\system32\drivers\s0016whnt.sys
2009-05-17 10:22 . 2008-05-16 12:33 12200 ----a-w- c:\windows\system32\drivers\s0016wh.sys
2009-05-17 10:21 . 2009-05-19 12:38 -------- d-----w- c:\program files\Sony Ericsson
2009-05-17 10:21 . 2009-05-17 10:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-05-17 10:17 . 2009-05-17 11:48 -------- d-----w- c:\documents and settings\Administrateur\Application Data\MyPhoneExplorer
2009-05-17 10:17 . 2009-05-17 10:17 -------- d-----w- c:\program files\MyPhoneExplorer
2009-05-17 10:09 . 2008-04-13 19:05 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-05-17 10:09 . 2008-04-13 19:05 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-05-16 14:33 . 2001-08-17 21:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-05-16 14:33 . 2001-08-17 21:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-05-15 08:12 . 2009-05-15 08:12 -------- d-----w- c:\program files\HSDPA USB MODEM
2009-05-11 09:33 . 2009-05-11 09:33 -------- d-----w- c:\program files\Faronics
2009-05-11 08:57 . 2009-05-11 08:57 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-05-11 08:57 . 2009-05-24 08:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\skypePM
2009-05-11 08:56 . 2009-05-24 08:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Skype
2009-05-11 08:56 . 2009-05-11 08:56 -------- d-----w- c:\program files\Fichiers communs\Skype
2009-05-11 08:56 . 2009-05-11 08:56 -------- d-----r- c:\program files\Skype
2009-05-11 08:55 . 2009-05-11 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-05-03 13:44 . 2008-04-13 11:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-05-03 13:44 . 2008-04-13 11:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-05-03 13:43 . 2007-10-16 11:40 97408 ----a-w- c:\windows\system32\drivers\cmusbser.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 22:17 . 2009-04-03 15:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\DMCache
2009-05-31 20:57 . 2009-04-03 15:41 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-05-31 20:57 . 2009-04-03 15:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-28 18:29 . 2009-04-03 16:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-28 18:11 . 2008-04-14 12:00 71216 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-28 18:11 . 2008-04-14 12:00 458160 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-26 17:06 . 2008-04-14 12:00 212224 ----a-w- c:\windows\system32\drivers\ndis.sys
2009-05-25 22:26 . 2009-04-03 15:54 -------- d-----w- c:\program files\Internet Download Manager
2009-05-25 22:10 . 2009-04-03 15:46 -------- d-----w- c:\program files\RALINK
2009-05-24 21:34 . 2009-04-03 16:01 39936 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-19 20:12 . 2009-04-05 23:37 198064 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-05-17 12:08 . 2009-05-17 12:08 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ggsemc_01007.Wdf
2009-05-17 12:08 . 2009-05-17 12:08 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-05-02 23:51 . 2009-04-13 17:59 -------- d-----w- c:\documents and settings\Administrateur\Application Data\uTorrent
2009-04-29 12:31 . 2009-04-29 12:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\TeamViewer
2009-04-27 18:19 . 2009-04-27 18:19 -------- d-----w- c:\program files\Network Stumbler
2009-04-20 00:23 . 2009-04-20 00:23 668 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\login_336\login.exe
2009-04-19 16:40 . 2009-04-19 16:40 -------- d-----w- c:\program files\Easy GIF Animator
2009-04-19 14:02 . 2009-04-19 14:02 -------- d-----w- c:\documents and settings\Administrateur\Application Data\ESET
2009-04-19 14:00 . 2009-04-12 19:50 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-04-19 12:52 . 2009-04-18 08:47 -------- d-----w- c:\program files\MyFreeWeather
2009-04-19 02:59 . 2009-04-19 02:59 102464 ----a-w- c:\windows\HarfDeleteFont.exe
2009-04-19 02:59 . 2009-04-19 02:59 -------- d-----w- c:\program files\Harf
2009-04-19 02:53 . 2009-04-19 02:53 -------- d-----w- c:\program files\Quran-web 3.7.0.2
2009-04-18 21:26 . 2009-04-03 15:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\IDM
2009-04-17 18:27 . 2009-04-17 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Pure Networks
2009-04-16 15:18 . 2009-04-09 13:42 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Thinstall
2009-04-15 18:03 . 2009-04-15 18:03 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-04-15 18:03 . 2009-04-15 18:03 -------- d-----w- c:\program files\TechSmith
2009-04-15 17:57 . 2009-04-15 17:57 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-04-15 00:17 . 2009-04-15 00:17 -------- d-----w- c:\program files\Realtek AC97
2009-04-15 00:16 . 2009-04-15 00:12 -------- d-----w- c:\program files\Intel
2009-04-13 17:59 . 2009-04-13 17:59 -------- d-----w- c:\program files\uTorrent
2009-04-12 19:24 . 2009-04-12 19:24 -------- d-----w- c:\program files\UltraUXThemePatcher
2009-04-12 19:24 . 2008-04-14 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-04-12 18:40 . 2009-04-12 18:39 -------- d-----w- c:\program files\UxTheme Multipatcher Fr
2009-04-12 17:35 . 2009-04-12 17:35 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Media Player Classic
2009-04-12 17:34 . 2009-04-12 17:34 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-04-09 17:38 . 2009-04-09 17:38 -------- d-----w- c:\program files\Fichiers communs\Diskeeper Corporation
2009-04-09 17:38 . 2009-04-09 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Diskeeper Corporation
2009-04-09 17:38 . 2009-04-09 17:38 -------- d-----w- c:\program files\Diskeeper Corporation
2009-04-09 13:42 . 2009-04-09 13:42 7680 ----a-w- c:\documents and settings\Administrateur\Application Data\Thinstall\Neuview\4000001900002i\qoupdate.exe
2009-04-07 13:17 . 2009-04-07 13:17 -------- d-----w- c:\program files\UltraISO
2009-04-07 13:17 . 2009-04-07 13:17 -------- d-----w- c:\program files\Fichiers communs\EZB Systems
2009-04-06 17:43 . 2009-04-06 17:43 -------- d-----w- c:\program files\CCleaner
2009-04-04 13:33 . 2009-04-04 13:33 15240 ----a-w- c:\documents and settings\Administrateur\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
2009-04-04 09:05 . 2009-04-04 09:04 -------- d-----w- c:\documents and settings\Administrateur\Application Data\PhotoFiltre Studio X
2009-04-04 09:03 . 2009-04-04 09:03 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-04-03 23:45 . 2009-04-03 23:45 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Radmin
2009-04-03 17:00 . 2009-04-03 15:31 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-03 16:42 . 2009-04-03 16:42 -------- d-----w- c:\program files\Windows Media Connect 2
2009-04-03 16:12 . 2009-04-03 16:12 0 ----a-w- c:\windows\nsreg.dat
2009-04-03 16:08 . 2009-04-03 16:08 -------- d-----w- c:\documents and settings\Administrateur\Application Data\URSoft
2009-04-03 16:01 . 2009-04-03 16:01 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-04-03 15:56 . 2009-04-03 15:56 2813608 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmupdt.exe
2009-04-03 15:54 . 2009-04-03 15:54 198064 ----a-w- c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-04-03 15:48 . 2009-04-03 15:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-03 15:41 . 2009-04-03 15:41 -------- d-----w- c:\program files\Analog Devices
2009-04-03 15:32 . 2009-04-03 15:32 -------- d-----w- c:\program files\microsoft frontpage
2009-04-03 15:30 . 2009-04-03 15:30 -------- d-----w- c:\program files\Services en ligne
2009-04-03 15:28 . 2009-04-03 15:28 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-03-19 15:08 . 2009-03-19 15:08 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-03-08 04:34 . 2008-04-14 12:00 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 04:34 . 2008-04-14 12:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 04:33 . 2008-04-14 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 04:32 . 2008-04-14 12:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 04:32 . 2008-04-14 12:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 04:31 . 2008-04-14 12:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 04:31 . 2008-04-14 12:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 . 2008-04-14 12:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 04:22 . 2008-04-14 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2008-04-14 12:00 286720 ----a-w- c:\windows\system32\pdh.dll
2009-03-06 13:54 . 2009-03-06 13:54 180224 ----a-w- c:\windows\system32\Ncs2Setp.dll
2009-03-04 15:42 . 2009-03-04 15:42 760368 ----a-w- c:\windows\system32\ncs2dmix.dll
2009-03-04 15:41 . 2009-03-04 15:41 530992 ----a-w- c:\windows\system32\accesor.dll
2009-03-04 15:26 . 2009-03-04 15:26 141872 ----a-w- c:\windows\system32\ncs2instutility.dll
2009-03-04 15:17 . 2009-03-04 15:17 1522224 ----a-w- c:\windows\system32\ncscolib.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-19 2815408]
"AnVir Task Manager"="c:\program files\AnVir Task Manager\AnVir.exe" [2009-03-09 2667744]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Ralink Wireless Utility.lnk - c:\windows\RaUI.exe [2009-5-25 598016]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 12:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"\\"= c:\\WINDOWS\\system\\svchost.exe

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [26/05/2009 22:07 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28/04/2009 11:33 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28/04/2009 11:33 72944]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [26/05/2009 22:07 20560]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [17/05/2009 12:05 10976]
S3 MaplomL;MaplomL; [x]
S3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [01/11/2006 06:01 3328]
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\drivers\cmusbser.sys [03/05/2009 13:43 97408]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [17/05/2009 10:22 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [17/05/2009 10:22 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [17/05/2009 10:22 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [17/05/2009 10:22 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [17/05/2009 10:22 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [17/05/2009 10:22 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [17/05/2009 10:22 115752]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28/04/2009 11:33 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-05-31 c:\windows\Tasks\User_Feed_Synchronization-{CC6928F5-9E9C-4F10-BD88-F652C2792D99}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 04:31]
.
- - - - ORPHANS REMOVED - - - -

Notify-pcverru - pcverru.dll
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yandex.ru/?clid=46126
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
DPF: {B0067CA5-2C37-4C6B-AAEC-5E2CE8635061} - hxxp://www.qurancomplex.org/Downloads/FontSmooth.cab
FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\9r1pa1rw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yandex.ru/?clid=46126FF - component: c:\documents and settings\Administrateur\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-31 22:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\TEMP\_avast4_\unp240707899.tmp 7574 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\user preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,53,84,e2,3e,33,a0,20,49,bd,29,e6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,53,84,e2,3e,33,a0,20,49,bd,29,e6,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,53,84,e2,3e,33,a0,20,49,bd,29,e6,\

[HKEY_USERS\S-1-5-21-1960408961-299502267-1606980848-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f4,45,a4,29,8f,28,0a,46,80,86,1f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f4,45,a4,29,8f,28,0a,46,80,86,1f,\

[HKEY_USERS\S-1-5-21-1960408961-299502267-1606980848-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):58,37,b9,0f,67,08,22,a6,51,0e,0f,d1,1d,52,51,50,10,47,9e,4f,f8,
41,05,ea,c6,46,c6,17,56,fb,a4,e4,53,5e,e3,f3,be,6f,ce,54,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{be4ea2a3-3e14-485b-a581-05d4c0d5a4a8}]
@Denied: (Full) (Everyone)
"Model"=dword:00000093
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,04,e6,51,4f,9d,73,73,b3,de,97,34,fa,65,db,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(532)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\Administrateur\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

- - - - - - - > 'explorer.exe'(5220)
c:\program files\AnVir Task Manager\AnvirHook55.dll
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\scardsvr.exe
c:\windows\system32\vssvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2009-05-31 22:21 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-31 22:21

Pre-Run: 9 395 531 776 octets libres
Post-Run: 9 470 189 568 octets libres

348 --- E O F --- 2009-05-26 07:16

​

 

[AbOdy]

ارفع تقرير هايجاك جديد لاهنت

 

[achraf0metal]

uppppppppppppppp
​

 

[السّاجد لله]

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log

لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​

 

[achraf0metal]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:58:05, on 02/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\3361\SVCHOST.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\RaUI.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\vssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe"
O4 - HKLM\..\RunOnce: [svchost.exe] "C:\WINDOWS\system32\3361\SVCHOST.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\WINDOWS\RaUI.exe
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {B0067CA5-2C37-4C6B-AAEC-5E2CE8635061} (FontDown Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 5082 bytes

​

 

[أعتز بك]

بعد أذن الأخوان ..

أعمل كما في المشاركة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

 

[achraf0metal]

لقد تمكنت من تخلص من الفيروس مع آدات zyzoom-Macafe في Safe Mode ..

رجع جهازي إلى الحالة الطبييعية ..

جزاكم الله كل خير اخواني وفقكم الله تعالى
​

 

[السّاجد لله]

الحمد لله على انتهاء المشكلة عزيزي
​