برنامج الحماية حجب أكثر البرامج

  • بادئ الموضوع بادئ الموضوع king_3sool
  • تاريخ البدء تاريخ البدء
  • المشاهدات 841
K

king_3sool

زيزوومي نشيط
إنضم
11 ديسمبر 2007
المشاركات
188
مستوى التفاعل
7
النقاط
230
الإقامة
r
غير متصل
السلام عليكم ورحمه الله وبركاته


أخواني

برنامج الحماية NOD32

حجب أكثر البرامج

أذا جيت أشتغل عليها يفتح الدوس ويسكر

وهذي هي البرانج
Media Player Classic
Kelk 2000
GOM Player
CyberLink PowerDVD
محول الصوتيات
Nero StartSmart
Mozilla Firefox​
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
تأييد 0
حمل هذا الآداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
 
توقيع : algnral
تأييد 0
Logfile of HijackThis v1.99.1
Scan saved at 01:19:01 ص, on 08/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avant Browser\avant.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\nasser\Local Settings\Temporary Internet Files\Content.IE5\CC8XSFIH\HijackThis[1].exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 
تأييد 0
اول شي عطل برنامج الحمايه<< سوى له خروج من شريط المهام
حمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

يجب ان تكون جميع النوافذ مغلقة تماما
 
توقيع : algnral
تأييد 0
ComboFix 09-06-07.03 - nasser 06/08/2009 1:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1014.679 [GMT 3:00]
Running from: c:\documents and settings\nasser\سطح المكتب\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kakle.dll
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2009-05-07 to 2009-06-07 )))))))))))))))))))))))))))))))
.
2009-06-07 22:28 . 2009-06-07 22:28 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-06-07 21:19 . 2009-06-07 21:19 -------- d-----w- c:\documents and settings\nasser\Local Settings\Application Data\ESET
2009-06-07 20:34 . 2009-06-07 20:34 -------- d-----w- c:\documents and settings\nasser\.java
2009-06-07 19:36 . 2009-06-07 19:36 -------- d-----w- c:\windows\system32\????????????
2009-06-07 10:29 . 2003-11-10 20:07 249856 ------w- c:\windows\system32\fppmon2.dll
2009-06-07 10:29 . 2003-11-02 13:16 114688 ------w- c:\windows\system32\fppr232.dll
2009-06-07 10:13 . 2002-10-25 02:17 65536 ----a-w- c:\windows\system32\Crypserv.exe
2009-06-07 10:13 . 1999-06-18 21:49 165888 ----a-w- c:\windows\Ckconfig.exe
2009-06-07 10:13 . 1996-05-03 17:21 27648 ----a-r- c:\windows\Setup_ck.exe
2009-06-07 10:13 . 1996-05-03 15:36 18432 ----a-w- c:\windows\Setup_ck.dll
2009-06-07 10:13 . 1995-07-04 18:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2009-06-07 10:11 . 2009-06-07 21:25 -------- d-----w- c:\program files\Kelk 2000
2009-06-07 08:47 . 2009-06-07 08:47 -------- d-----w- c:\documents and settings\nasser\Application Data\Avant Profiles
2009-06-07 08:46 . 2009-06-07 21:21 -------- d-----w- c:\program files\Avant Browser
2009-06-06 19:33 . 2009-06-06 19:33 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-06-06 18:42 . 2009-06-06 18:42 -------- d-----w- c:\documents and settings\nasser\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-06-06 18:42 . 2009-06-07 21:19 38232 ----a-w- c:\documents and settings\nasser\Application Data\Macromedia\Flash Player\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

2009-06-06 18:36 . 2009-06-06 18:36 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-06-06 18:35 . 2001-03-08 15:30 24064 ------w- c:\windows\system32\msxml3a.dll
2009-06-06 18:35 . 2009-06-06 18:35 -------- d-----w- c:\program files\CyberLink
2009-06-06 18:34 . 2009-06-06 18:34 -------- d-----w- c:\documents and settings\nasser\Application Data\Ahead
2009-06-06 18:33 . 2003-03-29 13:45 89184 ----a-w- c:\windows\system32\drivers\imagedrv.sys
2009-06-06 18:33 . 2001-07-06 15:24 283920 ----a-w- c:\windows\system32\ImagXpr5.dll
2009-06-06 18:33 . 2001-07-06 11:41 569344 ----a-w- c:\windows\system32\imagr5.dll
2009-06-06 18:33 . 2001-07-06 09:44 544768 ----a-w- c:\windows\system32\imagx5.dll
2009-06-06 18:33 . 2001-06-26 05:15 38912 ----a-w- c:\windows\system32\picn20.dll
2009-06-06 18:33 . 2009-06-06 18:33 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-06 18:33 . 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-06-06 18:33 . 2009-06-06 18:33 -------- d-----w- c:\program files\Ahead
2009-06-06 18:32 . 2009-06-06 18:32 -------- d-----w- c:\program files\GRETECH
2009-06-06 18:30 . 2009-06-06 18:30 -------- d-----w- c:\program files\ESET
2009-06-06 18:30 . 2009-06-06 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-06 18:30 . 2009-06-06 18:30 1986560 ----a-w- c:\windows\system32\akll.dll
2009-06-06 18:30 . 2009-06-06 18:30 196608 ----a-w- c:\windows\system32\maag.dll
2009-06-06 18:30 . 2009-06-06 18:30 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-06-06 18:30 . 2009-06-06 18:30 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-06-06 18:30 . 2009-06-06 18:30 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-06-06 18:30 . 2009-06-06 18:30 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-06-06 18:30 . 2009-06-06 18:30 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-06-06 18:30 . 2009-06-06 18:30 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-06-06 18:30 . 2009-06-06 18:30 53760 ----a-w- c:\windows\system\ppacklib.dll
2009-06-06 18:29 . 2009-06-06 18:30 -------- d-----w- c:\windows\system32\RMBin
2009-06-06 18:29 . 2009-06-07 21:27 -------- d-----w- c:\program files\Real_SC
2009-06-06 18:27 . 2003-06-18 14:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-06-06 18:26 . 2009-06-06 18:26 -------- d-----w- c:\program files\Microsoft.NET
2009-06-06 18:26 . 2009-06-06 18:26 -------- d-----w- c:\program files\Microsoft Works
2009-06-06 18:25 . 2009-06-06 18:26 -------- d-----w- c:\windows\SHELLNEW
2009-06-06 18:19 . 2009-06-06 18:19 -------- d-----w- c:\documents and settings\nasser\Local Settings\Application Data\Toshiba
2009-06-06 18:17 . 2008-04-23 14:15 131712 ----a-w- c:\windows\system32\drivers\tosrfbd.sys
2009-06-06 18:17 . 2008-03-19 08:38 74112 ----a-w- c:\windows\system32\drivers\Tosrfhid.sys
2009-06-06 18:17 . 2007-11-29 06:45 36608 ----a-w- c:\windows\system32\drivers\tosrfbnp.sys
2009-06-06 18:17 . 2005-01-07 02:42 18612 ----a-w- c:\windows\system32\drivers\tosrfnds.sys
2009-06-06 18:17 . 2008-05-13 13:16 64000 ----a-w- c:\windows\system32\drivers\tosrfcom.sys
2009-06-06 18:17 . 2008-03-25 10:54 41472 ----a-w- c:\windows\system32\drivers\tosporte.sys
2009-06-06 18:16 . 2009-06-06 18:16 -------- d-----w- c:\program files\Toshiba
2009-06-06 18:16 . 2009-06-06 18:16 -------- d-----w- C:\dell
2009-06-06 18:13 . 2006-11-03 00:47 989696 ----a-r- c:\windows\system32\drivers\HSF_DPV.sys
2009-06-06 18:13 . 2006-06-19 20:26 12672 ----a-r- c:\windows\system32\drivers\mdmxsdk.sys
2009-06-06 18:13 . 2006-06-19 20:26 94208 ----a-r- c:\windows\system32\mdmxsdk.dll
2009-06-06 18:13 . 2006-11-03 00:47 209152 ----a-r- c:\windows\system32\drivers\HSFHWAZL.sys
2009-06-06 18:13 . 2006-11-03 00:46 730112 ----a-r- c:\windows\system32\drivers\HSF_CNXT.sys
2009-06-06 16:23 . 2005-01-08 00:07 138752 ----a-r- c:\windows\system32\drivers\hdaudbus.sys
2009-06-06 13:09 . 2009-06-06 19:33 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-06-06 12:12 . 2008-04-14 15:59 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-06 11:57 . 2009-06-06 13:06 -------- d-----w- c:\windows\system32\ar-sa
2009-06-06 11:57 . 2009-06-06 12:58 -------- d-----w- c:\windows\system32\ar
2009-06-06 11:57 . 2009-06-06 12:57 -------- d-----w- c:\windows\l2schemas
2009-06-06 11:57 . 2009-06-06 12:58 -------- d-----w- c:\windows\system32\bits
2009-06-06 11:51 . 2004-08-03 21:56 164864 ----a-w- c:\windows\system32\dllcache\wuauclt1.exe
2009-06-06 11:17 . 2009-06-06 11:17 -------- d-----w- c:\documents and settings\nasser\Local Settings\Application Data\Identities
2009-06-06 10:44 . 2009-06-06 18:37 -------- d-----w- c:\documents and settings\nasser\Local Settings\Application Data\Adobe
2009-06-06 10:40 . 2009-06-06 10:56 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-06-06 10:00 . 2009-06-07 22:44 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-06 09:51 . 2009-06-06 09:51 27848 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-06 02:18 . 2009-06-06 02:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 22:41 . 2009-06-06 00:28 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-07 22:39 . 2009-06-07 22:39 -------- d-----w- c:\documents and settings\nasser\Application Data\CyberScrub
2009-06-07 22:39 . 2009-06-07 22:39 -------- d-----w- c:\documents and settings\nasser\Application Data\cleaner
2009-06-07 22:31 . 2009-06-06 00:30 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-07 22:31 . 2009-06-06 00:29 -------- d-----w- c:\program files\mpegable
2009-06-07 21:58 . 2001-09-19 11:00 41138 ----a-w- c:\windows\system32\perfc001.dat
2009-06-07 21:58 . 2001-09-19 11:00 254402 ----a-w- c:\windows\system32\perfh001.dat
2009-06-07 21:25 . 2009-06-06 00:13 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-07 10:16 . 2009-06-05 23:23 120416 ----a-w- c:\documents and settings\nasser\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-07 09:36 . 2009-06-06 00:29 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-06 18:11 . 2009-06-06 18:11 -------- d-----w- c:\program files\CONEXANT
2009-06-06 12:56 . 2009-06-05 22:55 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-06 02:20 . 2009-06-06 02:20 2678 ----a-w- c:\windows\java\Packages\Data\6u35rpr9.dat
2009-06-06 02:19 . 2009-06-06 02:19 2678 ----a-w- c:\windows\java\Packages\Data\p7lb9blv.dat
2009-06-06 02:19 . 2009-06-06 02:19 2678 ----a-w- c:\windows\java\Packages\Data\yqd7r5nn.dat
2009-06-06 02:19 . 2009-06-06 02:19 2678 ----a-w- c:\windows\java\Packages\Data\pf5jnfdb.dat
2009-06-06 02:19 . 2009-06-06 02:19 2678 ----a-w- c:\windows\java\Packages\Data\o9zbr9rd.dat
2009-06-06 00:55 . 2009-06-06 00:55 -------- d-----w- c:\documents and settings\nasser\Application Data\Media Player Classic
2009-06-06 00:37 . 2009-06-06 00:37 -------- d-----w- c:\program files\JavaSoft
2009-06-06 00:29 . 2009-06-06 00:29 47104 ------w- c:\windows\AKDeInstall.exe
2009-06-06 00:26 . 2009-06-06 00:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-06 00:24 . 2009-06-06 00:13 -------- d-----w- c:\program files\Circle Developement
2009-06-06 00:21 . 2009-06-06 00:21 2232 ----a-w- c:\windows\java\Packages\Data\fb9zn97z.dat
2009-06-06 00:21 . 2009-06-06 00:21 155995 ----a-w- c:\windows\java\Packages\klb3h7h7.zip
2009-06-06 00:11 . 2009-06-06 00:11 -------- d-----w- c:\program files\Windows Live
2009-06-06 00:11 . 2009-06-06 00:11 -------- d-----w- c:\program files\Microsoft
2009-06-06 00:10 . 2009-06-06 00:10 0 ----a-w- c:\windows\nsreg.dat
2009-06-06 00:06 . 2009-06-06 00:06 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-06 00:04 . 2009-06-06 00:04 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-06 00:04 . 2009-06-06 00:04 -------- d-----w- c:\program files\Common Files\Real
2009-06-06 00:04 . 2009-06-06 00:04 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-06 00:04 . 2009-06-06 00:04 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-06 00:04 . 2009-06-06 00:04 -------- d-----w- c:\program files\Real
2009-06-05 23:38 . 2009-06-05 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-05 22:56 . 2009-06-05 22:56 -------- d-----w- c:\program files\microsoft frontpage
2009-06-05 22:53 . 2009-06-05 22:53 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-08 06:15 . 2009-05-08 06:15 76384 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\STC Kaspersky Internet Security 2009\Arabic\setup.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-04-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-04-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-04-17 141848]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-06 185872]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2003-11-10 385024]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-8 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-4-14 2979144]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21/12/2007 08:21 ص 33800]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21/12/2007 08:21 ص 468224]
.
- - - - ORPHANS REMOVED - - - -
Notify-dimsntfy - (no file)
Notify-WgaLogon - (no file)
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - c:\documents and settings\nasser\Application Data\Mozilla\Firefox\Profiles\82sddibv.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\JavaSoft\JRE\1.3.1_04\bin\NPJava11.dll
FF - plugin: c:\program files\JavaSoft\JRE\1.3.1_04\bin\NPJava12.dll
FF - plugin: c:\program files\JavaSoft\JRE\1.3.1_04\bin\NPJava131_04.dll
FF - plugin: c:\program files\JavaSoft\JRE\1.3.1_04\bin\NPJava32.dll
FF - plugin: c:\program files\JavaSoft\JRE\1.3.1_04\bin\NPOJI600.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava11.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava12.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava131_04.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJava32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOJI600.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-08 01:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3284)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\igfxsrvc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
c:\windows\system32\Crypserv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
.
**************************************************************************
.
Completion time: 2009-06-07 1:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-07 22:53
Pre-Run: 49,875,283,968 bytes free
Post-Run: 49,816,973,312 bytes free
219 --- E O F --- 2009-06-06 11:02
 
تأييد 0
عندك فايروسين وين النود عنهم
طيب الحين الحجب موجود ولا
 
توقيع : algnral
تأييد 0
يس موجود

طيب وش البرنامج الافضل للحماية​
 
تأييد 0
avg
 
توقيع : algnral
تأييد 0
ياليت الطريقة الصحيحه لتخلص من الفايرس و وأستعادة البرامج المحجوبة
 
تأييد 0
توقيع : algnral
تأييد 0
طيب ماختلفنا


بس البرامج المحجوبة عندي وش اسوي عليها
 
تأييد 0
احذف النود طيب
 
توقيع : algnral
تأييد 0
أخوي انا حذفت البرنامج الاول وركبت

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بس باقي البرامج محجوبه​
 
تأييد 0
ياشباب حتى ماقدر أحذف البرامج الي ماتشتغل لا من الحساب العادي ولا من السيف مود​
 
تأييد 0
شباب مافيه حل للبرامج
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى