تنصيب كاسبر 506 بدل من 454

[rewad]

اخوانى السلام عليكم جميعا
اتمنى من الله ان تكونوا بصحه وعافيه
عندى استفسار محيرنى شويه
انا كنت مثبت برنامج كاسبر انترنت سكيورتى 454 وحبيت اثبت 506
وفعلا ثبت 506 فوق 454
السؤال
هل فى خطوره فى الموضوع دا
وهل لو كان فى فيرس محجوب او الكاسبر غير قارد عليه وقتها هل هينتقل للجهاز
ارجو الافاده افادكم الله
ودمتم بكامل الصحه والعافيه
اخوكم

 

[virus and spyware]

هل هناك كاسبرين قرب الساعة
اذا واحد ما في اي مشكلة

 

[MAAX]

عذرا بنقل الموضوع للقسم المناسب

 

[MAAX]

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

 

[rewad]

حضرتك تقصد دا


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:34 ص, on 04/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ColorSoft\AntiARP\AntiARP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ping.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AntiARPStandalone] C:\Program Files\ColorSoft\AntiARP\AntiARP.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{363789BA-0AC8-428F-AE69-8C8F8E65470D}: NameServer = 213.131.65.20,213.131.66.246
O17 - HKLM\System\CS1\Services\Tcpip\..\{363789BA-0AC8-428F-AE69-8C8F8E65470D}: NameServer = 213.131.65.20,213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{363789BA-0AC8-428F-AE69-8C8F8E65470D}: NameServer = 213.131.65.20,213.131.66.246
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: AntiARP Client Loader (AntiARPClientLoader) - Unknown owner - C:\Program Files\ColorSoft\AntiARP\AntiARPClientLoader.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 7209 bytes


دا التقرير النهائى
شكرا لك
متابع !!

 

[MAAX]

نعم هو
الان اعمل التالي

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة​

 

[rewad]

ComboFix 09-06-03.01 - TeaRs !! 06/04/2009 0:38.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.20.1033.18.1013.540 [GMT 3:00]
Running from: c:\documents and settings\TeaRs !!\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kakle.dll
c:\windows\system32\mfc45.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-03 to 2009-06-03 )))))))))))))))))))))))))))))))
.
2009-06-03 21:14 . 2009-06-03 21:14 -------- d-----w- c:\program files\Trend Micro
2009-06-03 16:44 . 2009-06-03 16:44 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\HiYo
2009-06-02 15:34 . 2009-06-02 15:45 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-02 15:34 . 2009-06-02 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-06-02 15:34 . 2009-06-02 15:34 -------- d-----w- c:\program files\Nero
2009-06-02 14:49 . 2009-06-02 14:49 -------- d--h--w- c:\windows\PIF
2009-06-02 08:46 . 2009-06-02 13:22 -------- d-----w- c:\program files\IP Address Shield
2009-06-02 08:09 . 2009-06-02 08:11 -------- d-----w- c:\documents and settings\TeaRs !!\amsn
2009-06-01 10:59 . 2009-06-01 10:59 -------- d-----w- c:\program files\Total Video Converter
2009-06-01 09:47 . 2009-06-01 09:47 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-01 09:44 . 2009-06-01 09:44 -------- d-----w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\Adobe
2009-05-31 22:38 . 2009-05-31 22:38 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-31 22:38 . 2009-05-31 22:38 -------- d-----w- c:\program files\MSBuild
2009-05-31 22:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-31 22:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-31 22:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-31 22:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-31 22:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-31 22:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-31 22:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-31 22:32 . 2009-05-31 22:32 -------- d-----w- c:\program files\MSXML 4.0
2009-05-30 22:00 . 2009-05-30 23:15 743543 ----a-w- c:\documents and settings\TeaRs !!\Application Data\IDM\DwnlData\TeaRs !!\dotNetFx40_Full_x86_231\dotNetFx40_Full_x86.exe
2009-05-30 08:47 . 2009-06-01 13:37 176656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\x64\scrchpg.dll
2009-05-30 08:46 . 2009-06-01 13:21 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-05-30 08:46 . 2009-06-01 13:37 38416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\x64\klbg.sys
2009-05-30 08:46 . 2009-06-01 13:21 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-30 08:46 . 2009-06-01 13:37 247312 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\Vista64\klif.sys
2009-05-30 08:46 . 2009-06-01 13:37 239120 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\Vista\klif.sys
2009-05-30 08:45 . 2009-06-01 13:37 218640 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP64\klif.sys
2009-05-30 08:45 . 2009-06-01 13:21 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-30 08:45 . 2009-06-01 13:37 230032 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\w2000\klif.sys
2009-05-30 08:43 . 2009-06-01 13:34 176656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\x64\scrchpg.dll
2009-05-30 08:41 . 2009-06-01 13:33 38416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\x64\klbg.sys
2009-05-30 08:41 . 2009-06-01 13:32 227856 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\Vista64\klif.sys
2009-05-30 08:41 . 2009-06-01 13:32 224272 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\Vista\klif.sys
2009-05-30 08:41 . 2009-06-01 13:32 202768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP64\klif.sys
2009-05-30 08:40 . 2009-06-01 13:32 215824 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\w2000\klif.sys
2009-05-30 08:40 . 2009-06-01 13:32 38416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\klbg.sys
2009-05-30 08:40 . 2009-06-01 13:32 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys
2009-05-30 08:40 . 2009-06-01 13:32 227856 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\Vista64\klif.sys
2009-05-30 08:40 . 2009-06-01 13:31 224272 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\Vista\klif.sys
2009-05-30 08:40 . 2009-06-01 13:31 202768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP64\klif.sys
2009-05-30 08:40 . 2009-06-01 13:31 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys
2009-05-30 08:40 . 2009-06-01 13:31 215824 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\w2000\klif.sys
2009-05-29 23:14 . 2009-06-01 13:29 22792 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\vkbd64.dll
2009-05-29 23:14 . 2009-06-01 13:29 176656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\scrchpg.dll
2009-05-29 23:14 . 2009-06-01 13:29 60168 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\ievkbd.dll
2009-05-29 23:14 . 2009-06-01 13:29 21256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-05-29 23:12 . 2009-06-01 13:28 861448 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-05-29 23:09 . 2009-06-01 13:26 83208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-05-29 23:09 . 2009-06-01 13:26 62728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-05-29 23:09 . 2009-06-01 13:26 43784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-05-29 23:08 . 2009-06-01 13:26 365832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-05-29 23:05 . 2009-06-01 13:23 201992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-05-29 22:31 . 2008-04-13 21:09 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys
2009-05-29 22:31 . 2008-04-13 21:09 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2009-05-29 22:13 . 2009-05-29 22:14 536422 ----a-w- c:\documents and settings\TeaRs !!\Application Data\IDM\DwnlData\TeaRs !!\kis8.0.0.506en_212\kis8.0.0.506en.exe
2009-05-29 18:25 . 2009-05-29 18:25 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\CyberScrub
2009-05-29 18:22 . 2009-05-29 18:22 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\Malwarebytes
2009-05-29 18:22 . 2009-05-29 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-29 17:28 . 2009-05-29 22:31 -------- d-----w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\Ahead
2009-05-29 17:14 . 2009-05-29 17:31 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\Ahead
2009-05-29 17:13 . 2009-05-29 17:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-05-29 12:10 . 2009-05-29 12:10 -------- d-----w- c:\windows\system32\RMBin
2009-05-29 10:50 . 2009-05-29 10:50 -------- d-----w- c:\documents and settings\TeaRs !!\ErrorLogs
2009-05-29 08:26 . 2009-05-29 08:37 -------- d-----w- c:\program files\Windows Live Safety Center
2009-05-29 08:03 . 2009-05-29 08:03 -------- d-----w- c:\program files\Uniblue
2009-05-29 07:59 . 2009-05-29 07:59 -------- d-----w- c:\program files\Reference Assemblies
2009-05-28 23:27 . 2009-05-28 23:27 -------- d--h--r- C:\AHCache
2009-05-28 23:19 . 2009-05-29 08:03 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\Uniblue
2009-05-28 15:27 . 2009-05-28 15:27 -------- d-----w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\G DATA
2009-05-26 22:36 . 2008-04-13 21:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-05-25 14:11 . 2008-10-16 11:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-05-25 14:09 . 2009-05-25 14:11 200903 ----a-w- c:\documents and settings\TeaRs !!\Application Data\IDM\DwnlData\TeaRs !!\dotnetfx_64\dotnetfx.exe
2009-05-25 11:56 . 2009-05-25 11:56 -------- d-----w- c:\program files\ColorSoft
2009-05-25 11:27 . 2009-02-20 18:09 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-05-25 11:27 . 2009-02-20 18:09 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-05-25 11:27 . 2009-02-20 18:09 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-05-25 11:27 . 2009-02-20 18:09 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-05-25 11:27 . 2009-02-20 10:20 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-05-25 11:27 . 2009-02-20 18:09 383488 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-05-25 11:27 . 2008-07-09 14:25 2455488 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-05-25 11:27 . 2009-02-20 18:09 6066176 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-05-25 09:04 . 2009-05-25 09:04 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\TuneUp Software
2009-05-25 09:04 . 2009-05-25 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-05-25 09:04 . 2009-06-01 10:40 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-05-25 09:04 . 2009-05-25 09:04 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-24 16:29 . 2009-02-06 11:06 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-24 16:29 . 2009-02-06 11:08 2189056 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-24 16:29 . 2009-02-06 10:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-24 16:26 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-05-24 16:16 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-05-24 16:10 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-05-24 16:10 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-05-24 14:48 . 2009-05-24 14:48 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-24 14:45 . 2009-05-24 14:45 -------- d-sh--w- c:\documents and settings\TeaRs !!\PrivacIE
2009-05-24 14:44 . 2009-05-24 14:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-05-24 14:44 . 2009-05-24 14:44 -------- d-sh--w- c:\documents and settings\TeaRs !!\IETldCache
2009-05-24 14:41 . 2009-05-25 15:33 -------- d--h--w- c:\windows\$hf_mig$
2009-05-24 14:41 . 2009-05-25 10:47 -------- d-----w- c:\windows\ie8updates
2009-05-24 14:39 . 2009-02-20 18:09 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll
2009-05-24 14:39 . 2009-02-20 18:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-24 14:38 . 2009-05-24 14:41 -------- d--h--w- c:\windows\msdownld.tmp
2009-05-24 14:35 . 2009-04-25 05:30 102400 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-05-23 15:12 . 2009-05-23 15:12 0 ----a-w- c:\windows\nsreg.dat
2009-05-23 15:12 . 2009-05-23 15:12 -------- d-----w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\Mozilla
2009-05-23 15:10 . 2009-06-01 08:03 -------- d-----w- c:\program files\Antbar
2009-05-22 21:36 . 2009-05-22 21:36 -------- d-----w- c:\program files\CCleaner
2009-05-22 21:15 . 2009-05-22 21:15 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-22 21:14 . 2009-05-23 20:00 -------- d-----w- c:\program files\Anti Tracks
2009-05-22 21:14 . 2000-01-31 06:00 25600 ----a-w- c:\windows\system32\BORLNDMM.DLL
2009-05-22 21:14 . 2000-01-31 05:00 1496064 ----a-w- c:\windows\system32\cc3250mt.dll
2009-05-22 17:51 . 2009-06-01 22:13 -------- d-----w- c:\program files\netcut
2009-05-22 17:37 . 2009-05-08 11:57 457064 ----a-w- c:\documents and settings\All Users\Application Data\iolo\IRestartStub.exe
2009-05-22 17:36 . 2009-05-22 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-05-22 17:36 . 2009-05-22 17:36 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\iolo
2009-05-22 17:33 . 2009-06-03 21:42 -------- d-----w- c:\documents and settings\TeaRs !!\Tracing
2009-05-22 17:31 . 2009-05-22 17:31 -------- d-----w- c:\program files\Microsoft
2009-05-22 17:30 . 2009-05-22 17:30 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-22 17:27 . 2009-05-22 17:27 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-22 17:23 . 2008-10-16 11:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-05-22 15:27 . 2009-05-22 15:27 -------- d-----w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\Identities
2009-05-22 15:20 . 2009-05-22 15:20 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\Media Player Classic
2009-05-22 15:17 . 2009-05-22 15:17 -------- d-sh--w- c:\documents and settings\TeaRs !!\UserData
2009-05-22 15:16 . 2009-05-22 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-03 21:42 . 2009-05-22 11:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-03 21:41 . 2009-05-22 11:39 4520 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-03 21:41 . 2009-05-22 11:39 393248 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-03 21:41 . 2009-05-22 11:39 30304 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-03 21:41 . 2009-05-22 11:39 3204128 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-02 08:34 . 2009-05-22 11:30 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-01 13:38 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-01 13:38 . 2009-05-22 11:40 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-01 13:38 . 2009-05-22 11:40 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-01 13:33 . 2009-05-22 13:46 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-06-01 13:33 . 2009-05-22 13:46 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-06-01 13:32 . 2009-05-22 13:46 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-06-01 13:32 . 2009-05-22 13:46 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-06-01 11:00 . 2009-05-22 14:05 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\Winamp
2009-05-31 22:41 . 2009-05-22 13:24 27848 ----a-w- c:\documents and settings\TeaRs !!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-29 18:24 . 2009-05-29 18:24 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\cleaner
2009-05-29 12:11 . 2009-05-29 12:11 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-05-29 12:11 . 2009-05-29 12:11 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-05-29 12:11 . 2009-05-29 12:11 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-05-29 12:11 . 2009-05-29 12:11 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-05-29 12:11 . 2009-05-29 12:11 1986560 ----a-w- c:\windows\system32\akll.dll
2009-05-29 12:11 . 2009-05-29 12:11 196608 ----a-w- c:\windows\system32\maag.dll
2009-05-29 12:11 . 2009-05-29 12:11 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-05-29 12:11 . 2009-05-29 12:11 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-05-29 12:11 . 2009-05-29 12:10 -------- d-----w- c:\program files\Real_SC
2009-05-24 13:52 . 2009-05-22 14:32 -------- d-----w- c:\program files\XArp
2009-05-22 17:31 . 2009-05-22 14:10 -------- d-----w- c:\program files\MSN Messenger
2009-05-22 17:31 . 2009-05-22 14:12 -------- d-----w- c:\program files\Windows Live
2009-05-22 14:34 . 2009-05-22 14:34 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\XArp
2009-05-22 14:32 . 2009-05-22 14:32 -------- d-----w- c:\program files\WinPcap
2009-05-22 14:14 . 2009-05-22 14:05 -------- d-----w- c:\program files\Winamp
2009-05-22 14:12 . 2009-05-22 14:12 -------- d-----w- c:\program files\Circle Deelopement
2009-05-22 14:12 . 2009-05-22 14:12 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-22 14:12 . 2009-05-22 14:12 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-22 14:06 . 2009-05-22 14:06 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-22 14:06 . 2009-05-22 14:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-05-22 14:05 . 2009-05-22 14:04 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-22 14:04 . 2009-05-22 14:04 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-22 14:04 . 2009-05-22 14:04 -------- d-----w- c:\program files\Yahoo!
2009-05-22 14:01 . 2009-05-22 14:00 -------- d-----w- c:\program files\Power Mp3 Cutter(Mp3 Sound Cutter)
2009-05-22 13:25 . 2009-05-22 11:21 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-22 11:39 . 2009-05-22 11:39 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-22 11:38 . 2009-05-22 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-22 11:33 . 2009-05-22 11:30 -------- d-----w- c:\program files\Realtek
2009-05-22 11:33 . 2009-05-22 11:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-22 11:33 . 2009-05-22 11:33 -------- d-----w- c:\documents and settings\TeaRs !!\Application Data\InstallShield
2009-05-22 11:32 . 2009-05-22 11:27 16608 ----a-w- c:\windows\gdrv.sys
2009-05-22 11:30 . 2009-05-22 11:30 315392 ----a-w- c:\windows\HideWin.exe
2009-05-22 11:28 . 2009-05-22 11:28 -------- d-----w- c:\program files\Intel
2009-05-22 11:22 . 2009-05-22 11:22 -------- d-----w- c:\program files\microsoft frontpage
2009-05-22 11:19 . 2009-05-22 11:19 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-03-06 14:22 . 2008-04-14 02:42 284160 ----a-w- c:\windows\system32\pdh.dll
.
------- Sigcheck -------
[-] 2008-05-03 08:09 1614848 9F42478360E9B053A6703DEF39B4CE33 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-13 4351216]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-09-12 2606512]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-06-01 206088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-04-10 37888]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"AntiARPStandalone"="c:\program files\ColorSoft\AntiARP\AntiARP.exe" [2009-02-19 8089600]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-13 16857600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 06:29 م 33808]
R2 AntiARPClientLoader;AntiARP Client Loader;c:\program files\ColorSoft\AntiARP\AntiARPClientLoader.exe [17/10/2007 04:25 م 40960]
R2 AntiArpNdisProt;AntiARP NDIS Protocol Driver;c:\windows\system32\drivers\AntiArpNdisProt.sys [17/10/2007 01:33 م 21120]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 07:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 06:06 م 24592]
R3 xAntiArp;xAntiArpSpoof Service;c:\windows\system32\drivers\xAntiArp.sys [22/11/2008 11:52 ص 311040]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [29/06/2007 03:01 ص 42512]
S3 utqwndez;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\utqwndez.sys --> c:\windows\system32\Drivers\utqwndez.sys [?]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.codecguide.com/
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {363789BA-0AC8-428F-AE69-8C8F8E65470D} = 213.131.65.20,213.131.66.246
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-04 00:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-299502267-606747145-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E3412E22-28A8-58A1-7A35-8F7F0C3B1611}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nafhoheiokonmdodjbedjmepccna"=hex:6a,61,6a,6d,68,6c,68,65,64,63,64,61,6e,6f,
6b,64,6c,6b,68,70,00,e0
"mahigcjjbfeafhokmedkemihmk"=hex:6a,61,6a,6d,6e,6c,6a,66,6e,64,6b,66,67,69,6a,
67,66,6f,70,62,00,50
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):2a,7e,d0,c6,1b,4f,6c,7b,92,b8,6e,84,f8,e6,e8,1b,d5,c6,86,ad,ee,
83,33,55,5c,a6,ca,19,aa,ae,7c,81,5d,e2,5b,29,7a,7a,2d,ba,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7660d49a-0861-4de6-bb60-2d2fd6f64f87}]
@Denied: (Full) (Everyone)
"Model"=dword:00000099
"Therad"=dword:0000000d
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3816)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2009-06-03 0:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-03 21:44
Pre-Run: 484,966,400 bytes free
Post-Run: 467,144,704 bytes free
302 --- E O F --- 2009-06-01 10:30


اخى الكريم هذا هو التقرير
ارجوك فهمنى الوضع بالتحديد
ولك كامل الشكر
متابع !!

 

[MAAX]

ما عندك اي مشكلة
فقط فحص وتنظيف

باستخدام اداة الهايجاك احذف هذه القيمة

R3 - URLSearchHook: (no name) - - (no file

طريقة الحذف

​

​

بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود​

ثم نزل هذه الاداة واتبع الشرح التالي​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط ​

شرح الاستخدام ,,,,,,
دبل كلك على الاداة واصبر حتى تنتهي جميع النوافذ وتقف عند هذه النافذة​

​

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))​

 

[rewad]

اخى
لم اجد اى قيمه مصابه نهائى
هل معنى ذلك ان جهازى سليم تماما وخالى من اى مشاكل او فيروسات !!

 

[rewad]

اخى الله يكرمك قولى هل الجهاز فيه اى مشكله او فيروسات
منتظرك من وقت امس
متابع !!

 

[MAAX]

عذرا على التاخير
مافي اي مشاكل اخي
الجهاز سليم بحول الله