مشكلة : تعطل برنآمج BitDefender total 2009

mr.3bode · 5 يونيو 2009

بسم الله الرحمن الرحيم

السلام عليكم

هناك مشكلة في برنامج BitDefender total 2009

وتظهر هذه الرسالة :

BitDefender services are not responding

وتظهر ايقونة البرنامج رمادية بدلاً عن الحمراء

علماً باني تصفحت أحد المواضيع وصاحب الموضوع يعاني من نفس المشكلة فقام احد الاعضاء وقال للعضو ان فايروس اوتورون موجود في الجهآز

وانا عندما قمت بالبحث عنه وجدته في C تحديداً في برنامج النيرو

ووجدته في الـ E و D و F

وهذآ تقرير هايجاك اذا تحتاجون :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:56:57 م, on 05/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2009\bdwizreg.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\upgrepl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تحميل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 6933 bytes

mr.3bode · 6 يونيو 2009

الحين يالغالي اللي صاير كالتالي :

1- ( كنت ) < لاحظ قلت : كنت ! < كنت اعاني من مشكلة الفايروس هذآ اووتورن

2- الحين العضو كيمو اعطاني ادوات لمسح مخلفات واضرار هذا الفايروس < يعني مسح نتائج الفايروس

3- واجهت مشكلة في التحميل ! < لا استطيع التحميل < لاجهاز يعلق اذا اردت التحميل

mr.3bode · 6 يونيو 2009

الحمدلله انحلت مشكلة التحميل هع

mr.3bode · 6 يونيو 2009

طيب انا فتحت الاداة المرفوعة بالميديا فاير

وضغطت على تنظيف الجهاز من الفايروسات وسألني قال هل انت متأكد او مثل كذا ووضعت نعم

بعدها كتب لي تمتع بجهاز خالي من الفايروسات

وضغطت على قائمة بالفايروسات التي بجهازك وضغطت عليها وما طلع لي شي !

وش الوضع الحين ؟

وغيه قائمة على اليمين فيها اسماء ثلاث فايروسات اوتورن وكوبي وواحد نسيته

kemo_2009 · 6 يونيو 2009

بالنسبة لاداة الميديا فاير
مهم انك تضغط على ( حذف فيرورس svchost )
وبالنسبة لباقي الاداوت جاري الرفع >> لان عندي مشكلة بالابلود ما اعرف ليه يقطع

mr.3bode · 6 يونيو 2009

بانتظآرك

mr.3bode · 6 يونيو 2009

اخواني المشكلة رجعت

البت فندر رجع رمآدي !!!!

mr.3bode · 6 يونيو 2009

ساعدوووووووني

mr.3bode · 7 يونيو 2009

البرنآمج غير طبيعي ابداً

مره تكون الايقونة حمراء ومره رماديه !

ويطالب باعداة التشغيل حتى تكون الايقونة حمراء !

MMA_LORD_735 · 8 يونيو 2009

مرحباً ...

أخي مشكتلك هلأ بس البرنامج ؟ أقصد الأيقونة وبس ؟

و هل مفعل البرنامج بطريقة صحيحة ؟ << أنا ما سبق و تعاملت مع البت ديفندير

...

mr.3bode · 8 يونيو 2009

هلا بك

اخوي انا ماشي تمام التمام من شهر تقريباً

لكن الحين البت ديفندر ايقونته صارت رمادية مرتين ! < واذا اعدت التشغيل علطول يزين

KoNaMi · 8 يونيو 2009

زيادة على كلام الاخوان

يالغلاا احذف البتدفندر وبعدين استخدم اداة الكموفكس

mr.3bode · 8 يونيو 2009

تقرير الكمبو فيكس بعد حذف البت فيندر :

ComboFix 09-06-04.09 - ABS1 06/08/2009 19:04.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.1015.587 [GMT 3:00]
Running from: c:\documents and settings\ABS1\Desktop\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\Cache
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kakle.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2009-05-08 to 2009-06-08 )))))))))))))))))))))))))))))))
.

2009-06-08 16:02 . 2009-06-08 16:02 -------- d-----w- c:\windows\LastGood
2009-06-05 19:00 . 2009-06-05 19:00 28672 ----a-w- c:\documents and settings\ABS1\Application Data\IDM\DwnlData\ABS1\-28Virus+Killer-29+by+kemo_92\-28Virus+Killer-29+by+kemo.exe
2009-06-05 18:25 . 2009-06-05 18:25 28672 ----a-w- c:\documents and settings\ABS1\Application Data\IDM\DwnlData\ABS1\_Virus_Killer__by_kemo_91\_Virus_Killer__by_kemo.exe
2009-06-05 15:28 . 2009-06-05 18:58 6293536 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-04 08:22 . 2008-12-03 22:25 120832 ----a-w- c:\documents and settings\ABS1\Application Data\Mozilla\Firefox\Profiles\jut1ekyy.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2009-06-03 13:16 . 2009-06-03 13:16 -------- d-----w- c:\program files\SourceCop 3.0
2009-05-31 13:45 . 2009-05-31 13:45 -------- d-----w- c:\program files\DCETools
2009-05-31 13:15 . 2009-05-31 13:15 -------- d-----w- c:\program files\Super Color Picker
2009-05-30 16:02 . 2009-05-30 16:02 -------- d-----w- c:\program files\Microsoft Expression
2009-05-30 15:14 . 2006-06-29 10:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-05-30 15:11 . 2009-05-30 17:53 596720 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-30 15:09 . 2009-05-30 15:14 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-30 15:09 . 2009-05-30 15:09 -------- d-----w- c:\program files\MSBuild
2009-05-30 15:09 . 2009-05-30 15:09 -------- d-----w- c:\program files\Reference Assemblies
2009-05-30 15:07 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-30 15:07 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-30 15:07 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-30 15:07 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-30 15:07 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-30 15:07 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-05-30 15:07 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-30 13:29 . 2009-05-30 13:29 -------- d-----w- c:\documents and settings\ABS1\Application Data\Apple Computer
2009-05-30 12:35 . 2009-05-30 12:36 -------- d-----w- c:\program files\QuickTime
2009-05-30 12:35 . 2009-05-30 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-05-30 12:35 . 2009-05-30 12:35 -------- d-----w- c:\documents and settings\ABS1\Local Settings\Application Data\Apple
2009-05-30 12:35 . 2009-05-30 12:35 -------- d-----w- c:\program files\Apple Software Update
2009-05-30 12:35 . 2009-05-30 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-05-30 12:35 . 2009-05-30 12:35 -------- d-----w- c:\documents and settings\ABS1\Local Settings\Application Data\Apple Computer
2009-05-30 12:02 . 2009-05-30 12:02 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-29 18:41 . 2009-05-29 18:41 -------- d-----w- c:\documents and settings\ABS1\Application Data\CyberScrub
2009-05-29 12:37 . 2009-05-29 12:37 -------- d-----w- C:\GreetSoft
2009-05-29 12:37 . 2009-05-29 12:39 -------- d-----w- c:\program files\Desktop Clock
2009-05-28 14:17 . 2009-05-28 14:17 -------- d-----w- c:\program files\Trend Micro
2009-05-28 11:34 . 2009-05-28 20:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Hagel Technologies
2009-05-27 10:18 . 2009-05-27 10:18 198064 ----a-w- c:\documents and settings\ABS1\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-05-27 10:18 . 2009-06-08 16:03 -------- d-----w- c:\documents and settings\ABS1\Application Data\DMCache
2009-05-27 10:18 . 2009-06-06 10:43 -------- d-----w- c:\documents and settings\ABS1\Application Data\IDM
2009-05-27 10:18 . 2009-06-05 13:51 -------- d-----w- c:\program files\Internet Download Manager
2009-05-23 15:29 . 2009-06-05 15:50 -------- d-----w- C:\MSNCleaner
2009-05-22 13:29 . 2009-05-22 13:29 -------- d-----w- c:\documents and settings\ABS1\Local Settings\Application Data\Help
2009-05-22 12:27 . 2009-05-22 12:27 -------- d-----w- c:\documents and settings\ABS1\Local Settings\Application Data\Identities
2009-05-21 15:43 . 2009-05-21 15:43 -------- d-----w- c:\program files\VirusTotalUploader
2009-05-21 08:37 . 2009-06-08 16:02 81984 ----a-w- c:\windows\system32\bdod.bin
2009-05-21 08:25 . 2009-05-21 08:25 -------- d-----w- c:\windows\system32\logs
2009-05-21 08:25 . 2009-06-08 16:03 -------- d-----w- c:\program files\BitDefender
2009-05-21 08:25 . 2009-05-21 10:15 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-05-21 08:24 . 2009-05-21 08:24 -------- d-----w- c:\windows\system32\URTTemp
2009-05-19 14:27 . 2009-05-19 14:27 -------- d-----w- c:\program files\CCleaner
2009-05-19 14:26 . 2009-05-27 10:18 198064 ----a-w- c:\documents and settings\ABS1\Application Data\Mozilla\Firefox\Profiles\jut1ekyy.default\extensions\mozilla_cc@internetdownloadmanager.com\components\idmmzcc.dll
2009-05-19 13:51 . 2009-05-19 13:51 0 ----a-w- c:\windows\nsreg.dat
2009-05-19 13:51 . 2009-05-19 13:51 -------- d-----w- c:\documents and settings\ABS1\Local Settings\Application Data\Mozilla
2009-05-19 13:43 . 2009-05-19 13:43 -------- d-----w- C:\Downloads
2009-05-19 13:32 . 2008-04-14 18:29 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-05-19 13:32 . 2008-04-14 18:29 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-05-19 13:32 . 2008-04-14 18:10 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-05-19 13:32 . 2008-04-14 18:10 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-05-19 13:32 . 2008-04-13 21:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-05-19 13:32 . 2008-04-13 21:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-05-19 13:32 . 2008-04-13 21:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-05-19 13:32 . 2008-04-13 21:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-05-19 10:35 . 2009-03-26 15:35 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-05-18 18:42 . 2009-05-18 18:42 -------- d-----w- c:\program files\GetData
2009-05-18 17:42 . 2005-02-11 20:46 371712 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS
2009-05-18 17:11 . 2001-08-17 10:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2009-05-18 17:11 . 2001-08-17 10:57 16128 ----a-w- c:\windows\system32\drivers\MODEMCSA.sys
2009-05-18 17:11 . 2009-05-18 17:11 -------- d-----w- c:\program files\CONEXANT
2009-05-18 17:11 . 2003-11-17 19:59 212224 ----a-r- c:\windows\system32\drivers\HSFHWBS2.sys
2009-05-18 17:11 . 2003-11-17 19:58 680704 ----a-r- c:\windows\system32\drivers\HSF_CNXT.sys
2009-05-18 17:11 . 2003-11-17 19:56 1042432 ----a-r- c:\windows\system32\drivers\HSF_DP.sys
2009-05-18 17:11 . 2003-10-23 19:01 32218 ----a-r- c:\windows\system32\HSFCI008.dll
2009-05-18 17:11 . 2003-04-09 18:01 90112 ----a-r- c:\windows\system32\mdmxsdk.dll
2009-05-18 17:11 . 2003-04-09 17:48 11043 ----a-r- c:\windows\system32\drivers\mdmxsdk.sys
2009-05-18 17:06 . 2007-08-07 09:40 98944 ----a-r- c:\windows\system32\drivers\Rtenicxp.sys
2009-05-18 17:06 . 2009-05-18 17:06 -------- d-----w- c:\windows\OPTIONS
2009-05-18 17:05 . 2009-05-18 17:05 -------- d-----w- c:\documents and settings\ABS1\Application Data\InstallShield
2009-05-18 17:05 . 2009-05-18 17:05 -------- d-----w- c:\windows\system32\Lang
2009-05-18 17:05 . 2005-11-28 05:56 122880 ----a-r- c:\windows\system32\igfxres.dll
2009-05-18 17:03 . 2008-04-13 21:09 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys
2009-05-18 17:02 . 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
2009-05-18 17:02 . 2006-05-04 08:26 2808832 ------r- c:\windows\alcwzrd.exe
2009-05-18 17:02 . 2009-05-18 17:06 -------- d-----w- c:\program files\Realtek
2009-05-18 17:02 . 2009-05-18 17:02 315392 ----a-w- c:\windows\HideWin.exe
2009-05-18 17:02 . 2007-01-12 08:54 520192 ------r- c:\windows\RtlExUpd.dll
2009-05-18 16:53 . 2005-11-28 06:04 524288 ----a-r- c:\windows\system32\igldev32.dll
2009-05-18 16:51 . 2009-05-18 16:51 -------- d-----w- c:\program files\Intel

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-08 16:03 . 2009-05-21 08:22 -------- d-----w- c:\program files\Common Files\BitDefender
2009-06-08 15:57 . 2001-09-19 15:00 80602 ----a-w- c:\windows\system32\perfc001.dat
2009-06-08 15:57 . 2001-09-19 15:00 408430 ----a-w- c:\windows\system32\perfh001.dat
2009-06-05 18:58 . 2009-06-05 15:28 77960 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-30 16:42 . 2009-04-27 19:53 157216 ----a-w- c:\documents and settings\ABS1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-29 18:54 . 2009-04-27 21:58 -------- d---a-w- c:\documents and settings\All Users\Application Data\Temp
2009-05-29 18:41 . 2009-05-29 18:40 -------- d-----w- c:\documents and settings\ABS1\Application Data\cleaner
2009-05-26 18:56 . 2009-04-27 21:51 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-26 18:52 . 2009-04-27 20:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-21 08:22 . 2009-05-19 14:43 -------- d-----w- c:\documents and settings\ABS1\Application Data\Lavasoft
2009-05-21 01:39 . 2009-04-27 21:51 -------- d-----w- c:\documents and settings\ABS1\Application Data\Free Download Manager
2009-05-20 12:04 . 2009-05-19 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-05-19 13:33 . 2009-04-27 21:45 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-18 17:02 . 2009-04-27 20:19 -------- d-----w- c:\program files\Common Files\InstallShield
2009-04-28 12:41 . 2009-04-28 12:15 -------- d-----w- c:\documents and settings\ABS1\Application Data\Software Informer
2009-04-28 12:40 . 2009-04-28 12:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-28 12:38 . 2009-04-28 12:35 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-04-28 12:35 . 2009-04-28 12:35 172032 ------w- c:\windows\Setup1.exe
2009-04-28 12:35 . 2009-04-28 12:35 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-04-28 12:32 . 2009-04-28 12:32 -------- d-----w- c:\documents and settings\ABS1\Application Data\CyberLink
2009-04-28 12:32 . 2009-04-28 12:31 -------- d-----w- c:\program files\CyberLink
2009-04-28 12:32 . 2009-04-27 21:58 -------- d-----w- c:\program files\Common Files\CyberLink
2009-04-28 12:31 . 2009-04-27 21:58 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-04-28 12:29 . 2009-04-27 21:58 53319 ----a-w- c:\documents and settings\All Users\Application Data\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-04-28 12:28 . 2009-04-28 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-04-28 12:18 . 2009-04-28 12:17 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-04-28 12:16 . 2009-04-27 21:55 -------- d-----w- c:\documents and settings\ABS1\Application Data\Nero
2009-04-27 23:32 . 2009-04-27 21:58 -------- d-----w- c:\program files\FairStars Audio Converter
2009-04-27 21:55 . 2009-04-27 21:55 -------- d-----w- c:\program files\Common Files\Nero
2009-04-27 21:54 . 2009-04-27 21:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-04-27 21:54 . 2009-04-27 21:54 -------- d-----w- c:\program files\Nero
2009-04-27 21:51 . 2009-04-27 21:51 -------- d-----w- c:\program files\Free Download Manager
2009-04-27 21:51 . 2009-04-27 21:51 -------- d-----w- c:\program files\Software Informer
2009-04-27 21:51 . 2009-04-27 21:51 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG
2009-04-27 21:44 . 2009-04-27 21:44 -------- d-----w- c:\program files\Windows Live
2009-04-27 21:41 . 2009-04-27 21:41 -------- d-----w- c:\program files\DivX
2009-04-27 21:41 . 2009-04-27 21:41 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-04-27 21:34 . 2009-04-27 21:34 -------- d-----w- c:\program files\Windows Media Connect 2
2009-04-27 21:33 . 2009-04-27 21:33 -------- d-----w- c:\documents and settings\ABS1\Application Data\Nokia
2009-04-27 21:33 . 2009-04-27 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-04-27 21:33 . 2009-04-27 21:33 -------- d-----w- c:\documents and settings\ABS1\Application Data\PC Suite
2009-04-27 21:30 . 2009-04-27 21:30 -------- d-----w- c:\program files\Common Files\PCSuite
2009-04-27 21:30 . 2009-04-27 21:30 -------- d-----w- c:\program files\Common Files\Nokia
2009-04-27 21:30 . 2009-04-27 21:30 -------- d-----w- c:\program files\Nokia
2009-04-27 21:30 . 2009-04-27 21:30 -------- d-----w- c:\program files\DIFX
2009-04-27 21:30 . 2009-04-27 21:30 -------- d-----w- c:\program files\PC Connectivity Solution
2009-04-27 21:30 . 2009-04-27 21:30 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-27 21:30 . 2009-04-27 21:30 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-27 21:30 . 2009-04-27 21:30 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-27 21:18 . 2009-04-27 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-04-27 21:15 . 2009-04-27 21:15 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-27 21:15 . 2009-04-27 21:15 -------- d-----w- c:\program files\Java
2009-04-27 21:05 . 2009-05-29 18:54 181070 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1025.dat
2009-04-27 21:05 . 2009-04-27 21:05 2232 ----a-w- c:\windows\java\Packages\Data\NJ1NZLBR.DAT
2009-04-27 21:05 . 2009-04-27 21:05 155995 ----a-w- c:\windows\java\Packages\PRZXN57J.ZIP
2009-04-27 21:05 . 2009-04-27 21:05 2678 ----a-w- c:\windows\java\Packages\Data\DB5VTZBR.DAT
2009-04-27 21:05 . 2009-04-27 21:05 2678 ----a-w- c:\windows\java\Packages\Data\ISYD3F7J.DAT
2009-04-27 21:05 . 2009-04-27 21:05 2678 ----a-w- c:\windows\java\Packages\Data\I93Z9VVR.DAT
2009-04-27 21:05 . 2009-04-27 21:05 2678 ----a-w- c:\windows\java\Packages\Data\D7XNVJBB.DAT
2009-04-27 21:05 . 2009-04-27 21:05 2678 ----a-w- c:\windows\java\Packages\Data\ARTBNJRH.DAT
2009-04-27 21:05 . 2009-04-27 21:05 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-04-27 21:05 . 2009-04-27 21:07 38208 ----a-w- c:\documents and settings\ABS1\Application Data\Macromedia\Flash Player\

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

2009-04-27 21:04 . 2009-04-27 19:24 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-27 20:21 . 2009-04-27 20:21 720896 ----a-w- c:\windows\iun6002.exe
2009-04-27 20:20 . 2009-04-27 20:20 -------- d-----w- c:\program files\Macromedia
2009-04-27 20:01 . 2009-04-27 20:01 -------- d-----w- c:\program files\Microsoft.NET
2009-04-27 20:01 . 2009-04-27 20:01 -------- d-----w- c:\program files\Microsoft Works
2009-04-27 19:25 . 2009-04-27 19:25 -------- d-----w- c:\program files\microsoft frontpage
2009-04-27 19:21 . 2009-04-27 19:21 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-22 12:28 . 2009-04-27 21:30 33973608 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_ara_web.exe
2009-04-15 20:25 . 2009-04-27 21:41 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-04-15 20:25 . 2009-04-27 21:41 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-04-15 20:25 . 2009-04-27 21:41 43528 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-04-15 20:25 . 2009-04-27 21:41 129784 ------w- c:\windows\system32\pxafs.dll
2009-04-15 20:25 . 2009-04-27 21:41 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-04-15 20:25 . 2009-04-27 21:41 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2009-03-24 13:08 . 2009-04-28 12:33 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-03-05 15:08 . 2009-05-21 08:28 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.

------- Sigcheck -------

[-] 2009-01-30 23:53 1571328 CA1867A515E40A015BA6D9ADD83FB823 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-19 2815408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-04-27 5728112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-27 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-07-05 16380416]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-06-15 1826816]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-01-30 123904]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-26 113664]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [15/05/2008 12:07 م 61424]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - APPMGMT
.
Contents of the 'Scheduled Tasks' folder

2009-05-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الفيديو بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: تحميل الكل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل المحددة بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: تحميل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\ABS1\Application Data\Mozilla\Firefox\Profiles\jut1ekyy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa
FF - component: c:\documents and settings\ABS1\Application Data\Mozilla\Firefox\Profiles\jut1ekyy.default\extensions\mozilla_cc@internetdownloadmanager.com\components\idmmzcc.dll
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-08 19:06
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ab,0d,e8,67,55,69,d7,9e,6c,22,dc,8e,d8,3f,81,84,88,dc,bb,cd,4e,
e6,61,50,d2,1d,cc,e8,a0,fc,e1,fb,c6,21,31,65,cb,57,8d,9a,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{8bc02581-0706-48b5-89d8-8e191b475f8e}]
@Denied: (Full) (Everyone)
"Model"=dword:0000009e
"Therad"=dword:0000000d
.
Completion time: 2009-06-08 19:08
ComboFix-quarantined-files.txt 2009-06-08 16:08

Pre-Run: 29,637,083,136 bytes free
Post-Run: 29,666,873,344 bytes free

290

مشكلة : تعطل برنآمج BitDefender total 2009

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

kemo_2009

زيزوومى مميز

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

KoNaMi

زيزوومى فضى

توقيع : KoNaMi

mr.3bode

زيزوومى مميز

توقيع : mr.3bode

NTLite Business 2025.8.10552 X64