تعذر عند تصفح اي موقع

  • بادئ الموضوع بادئ الموضوع Thief heart
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,263
T

Thief heart

زيزوومى متألق
إنضم
6 مارس 2008
المشاركات
341
مستوى التفاعل
0
النقاط
420
الإقامة
Perth,Australia
غير متصل
السلام عليكم

كيف الحال ان شاء الله بخير

فيه مشكله وهوا انني لا استطيع التصفح

ويأتيني تعذر

راح ارفق لكم صوره يمكن تفيدكم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهآذي وانا شغآل على الهوت سبوت

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يعني اعتقد انو هذا السبب الي مو مخليني اتصفح

وانا حاليا مشغل الهوت سبوت شيلد عشان اقدر احط لكم مشكلتي :d:

يآ ليت تقدرو تسآعدوني
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
هل تستخدم المتصفح اكسبلور ؟؟
 
توقيع : king_man
تأييد 0
ايه نعم اخوي
 
تأييد 0
وللعلم استخدم كافة المتصفحات

والمشكله في كل شي حتى الماسجر لا يعمل

اي شي يعمل عن طريق الإنترنت لا يعمل
 
تأييد 0

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​
 
توقيع : king_man
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:00:36 م, on 09/06/09
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Program Files\BearShare Applications\BearShare\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Azkary] C:\Program Files\Azkary\Azkary
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: GIGABYTE Gamer HUD.lnk = C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mfevtp - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 7594 bytes
 
تأييد 0
التقرير سليم


عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

بعد ذلك راجع هذا الموضوع :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بالتوفيق
 
التعديل الأخير بواسطة المشرف:
توقيع : king_man
تأييد 0
ComboFix 09-06-08.05 - Hp 06/09/2009 19:18.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1256.966.1033.18.2303.1141 [GMT 3:00]
Running from: c:\users\Hp\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-05-09 to 2009-06-09 )))))))))))))))))))))))))))))))
.

2009-06-09 16:17 . 2009-06-09 16:24 -------- d-s---w- \ComboFix
2009-06-08 08:42 . 2009-06-08 08:42 -------- d-----w- c:\users\Hp\AppData\Roaming\Crystal Art Software
2009-06-08 08:41 . 2009-06-08 08:41 -------- d-----w- c:\program files\Crystal FTP Pro
2009-06-07 21:04 . 2009-06-07 21:04 -------- d-----w- c:\program files\LtUcx
2009-06-06 16:41 . 2009-06-06 16:41 0 ----a-w- c:\windows\nsreg.dat
2009-06-06 16:41 . 2009-06-06 16:41 -------- d-----w- c:\users\Hp\AppData\Local\Mozilla
2009-06-04 19:45 . 2009-06-04 19:45 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-06-04 19:45 . 2009-06-04 19:45 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-06-04 19:45 . 2009-06-04 19:45 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-06-04 19:45 . 2009-06-04 19:45 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-06-04 19:45 . 2009-06-04 19:45 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-06-04 19:33 . 2009-06-04 19:33 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-06-04 19:28 . 2009-06-04 19:28 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-04 19:28 . 2009-06-04 19:28 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-04 19:27 . 2009-06-09 12:46 -------- d-----w- c:\programdata\Kaspersky Lab
2009-06-04 19:27 . 2009-06-04 19:27 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-04 19:17 . 2009-06-04 19:17 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-06-04 16:26 . 2009-06-04 16:26 390664 ----a-w- c:\users\Hp\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
2009-06-01 09:34 . 2009-06-01 09:37 -------- d-----w- c:\users\Hp\AppData\Local\Microsoft Games
2009-06-01 06:21 . 2009-06-01 06:24 -------- d-----w- c:\windows\system32\Adobe
2009-05-30 13:08 . 2009-05-30 19:48 -------- d-----w- c:\program files\MTA San Andreas
2009-05-29 21:57 . 2009-06-09 12:45 2415403008 --sha-w- \hiberfil.sys
2009-05-29 20:45 . 2009-05-29 20:45 -------- d-----w- c:\program files\AceLogix
2009-05-29 20:28 . 2009-05-29 20:32 -------- d-----w- c:\program files\RegCleaner
2009-05-29 15:37 . 2009-06-09 16:24 -------- d-----w- c:\users\Hp\AppData\Local\temp
2009-05-29 15:29 . 2009-06-09 16:17 -------- d---a-w- \Qoobox
2009-05-29 13:25 . 2009-05-29 13:25 3371383 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-29 13:22 . 2009-05-29 13:22 -------- d-----w- c:\users\Hp\AppData\Roaming\Malwarebytes
2009-05-29 13:21 . 2009-05-26 10:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-29 13:21 . 2009-05-26 10:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-29 13:21 . 2009-05-29 13:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-29 13:21 . 2009-05-29 13:21 -------- d-----w- c:\programdata\Malwarebytes
2009-05-29 07:31 . 2009-05-29 07:31 -------- d-----w- c:\program files\Trend Micro
2009-05-28 18:39 . 2009-05-28 18:39 -------- d-----w- c:\programdata\BA1
2009-05-28 15:31 . 2009-05-28 15:32 -------- d-----w- c:\users\Hp\AppData\Local\BearShare
2009-05-28 15:30 . 2009-05-28 15:31 -------- d-----w- c:\program files\BearShare Applications
2009-05-28 10:41 . 2009-05-28 10:41 -------- d-----w- c:\users\Hp\AppData\Local\Opera
2009-05-28 10:40 . 2009-05-28 10:41 -------- d-----w- c:\program files\Opera
2009-05-28 10:09 . 2009-05-28 10:10 -------- d-----w- c:\users\Hp\AppData\Roaming\Media Player Classic
2009-05-28 08:19 . 2009-05-28 08:19 8854 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\UNINST_Uninstall_Gam_84FB24B099734370B1077C38DDF20ABC.exe
2009-05-28 08:19 . 2009-05-28 08:19 40960 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\NewShortcut1_84FB24B099734370B1077C38DDF20ABC.exe
2009-05-28 08:19 . 2009-05-28 08:19 40960 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\HUD.exe_84FB24B099734370B1077C38DDF20ABC.exe
2009-05-28 08:19 . 2009-05-28 08:19 1150 ----a-r- c:\users\Hp\AppData\Roaming\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\ARPPRODUCTICON.exe
2009-05-28 08:19 . 2009-05-28 08:19 -------- d-----w- c:\program files\GIGABYTE
2009-05-28 08:18 . 2009-05-28 08:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-27 18:06 . 2009-03-24 13:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-05-27 16:48 . 2009-05-27 16:48 0 ----a-w- c:\windows\system32\cd.dat
2009-05-27 16:39 . 2009-06-04 18:13 -------- d-----w- c:\programdata\Avira
2009-05-26 22:11 . 2009-05-26 22:11 -------- d-----w- C:\Hotspot Shield
2009-05-26 22:11 . 2009-05-26 22:11 -------- d-----w- \Hotspot Shield
2009-05-26 18:21 . 2009-05-26 18:21 -------- d-----w- c:\users\Hp\AppData\Local\PunkBuster
2009-05-26 11:54 . 2009-06-08 16:32 138168 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-26 11:54 . 2009-05-26 11:54 139152 ----a-w- c:\users\Hp\AppData\Roaming\PnkBstrK.sys
2009-05-26 11:54 . 2009-06-08 16:32 189472 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-05-26 11:54 . 2009-05-26 11:54 794408 ----a-w- c:\windows\system32\pbsvc.exe
2009-05-26 11:54 . 2009-05-26 11:54 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-05-26 10:29 . 2009-05-26 10:29 -------- d-----w- c:\program files\Common Files\EasyInfo
2009-05-26 10:27 . 2009-05-26 10:27 -------- d-----w- c:\program files\GameSpy Arcade
2009-05-26 10:21 . 2009-05-26 10:21 -------- d-----w- c:\program files\EA GAMES
2009-05-25 22:20 . 2009-05-25 21:19 4152184 ----a-w- c:\windows\system32\wgaer_m.exe
2009-05-25 22:16 . 2009-05-25 22:16 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-05-25 22:16 . 2009-05-25 22:16 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-05-25 22:16 . 2009-05-25 22:16 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-05-25 22:16 . 2009-05-25 22:16 272896 ----a-w- c:\windows\system32\polstore.dll
2009-05-25 22:14 . 2009-05-25 22:14 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-05-25 22:14 . 2009-05-25 22:14 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-05-25 22:14 . 2009-05-25 22:14 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-05-25 22:12 . 2009-05-25 22:12 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-05-25 22:12 . 2009-05-25 22:12 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-05-25 22:11 . 2009-05-25 22:11 49664 ----a-w- c:\windows\system32\csrsrv.dll
2009-05-25 22:11 . 2009-05-25 22:11 376320 ----a-w- c:\windows\system32\winsrv.dll
2009-05-25 22:04 . 2009-05-25 22:04 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-05-25 22:02 . 2009-05-25 22:02 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-05-25 21:59 . 2009-05-25 21:59 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-05-25 21:57 . 2009-05-25 21:57 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2009-05-25 21:56 . 2009-05-25 21:56 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-05-25 21:56 . 2009-05-25 21:56 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-05-25 21:54 . 2009-05-25 21:54 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-05-25 21:54 . 2009-05-25 21:54 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-25 21:54 . 2009-05-25 21:54 1687040 ----a-w- c:\windows\system32\gameux.dll
2009-05-25 21:52 . 2009-05-25 21:52 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-05-25 21:51 . 2009-05-25 21:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-05-25 21:51 . 2009-05-25 21:51 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-05-25 21:49 . 2009-05-25 21:49 414208 ----a-w- c:\windows\system32\msscp.dll
2009-05-25 21:47 . 2009-06-02 22:13 -------- d-----w- c:\program files\Hotspot Shield
2009-05-25 21:47 . 2009-05-25 21:47 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-05-25 21:47 . 2009-05-25 21:47 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-05-25 21:47 . 2009-05-25 21:47 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-05-25 21:47 . 2009-05-25 21:47 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-05-25 21:47 . 2009-05-25 21:47 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-05-25 21:47 . 2009-05-25 21:47 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-05-25 21:47 . 2009-05-25 21:47 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-05-25 21:47 . 2009-05-25 21:47 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-05-25 21:47 . 2009-05-25 21:47 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-05-25 21:43 . 2009-05-25 21:43 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-25 21:43 . 2009-06-01 20:48 -------- d-----w- c:\users\Hp\AppData\Roaming\CyberLink
2009-05-25 21:43 . 2009-05-28 14:22 -------- d-----w- c:\programdata\CyberLink
2009-05-25 21:41 . 2009-05-25 21:41 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-05-25 21:41 . 2009-05-25 21:41 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-05-25 21:41 . 2009-05-25 21:41 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-05-25 21:34 . 2009-05-25 21:34 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2009-05-25 21:33 . 2009-05-25 21:33 2923520 ----a-w- c:\windows\explorer.exe
2009-05-25 21:29 . 2009-05-25 21:29 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-05-25 21:29 . 2009-05-25 21:29 216632 ----a-w- c:\windows\system32\drivers\netio.sys
2009-05-25 21:29 . 2009-05-25 21:29 803328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-05-25 21:29 . 2009-05-25 21:29 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-05-25 21:29 . 2009-05-25 21:29 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-05-25 21:25 . 2009-05-25 21:25 4493312 ----a-w- c:\windows\system32\NlsData0010.dll
2009-05-25 21:16 . 2009-05-25 21:16 549888 ----a-w- c:\windows\system32\rpcss.dll
2009-05-25 21:16 . 2009-05-25 21:16 3503584 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-05-25 21:16 . 2009-05-25 21:16 3469280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-05-25 21:16 . 2009-05-25 21:16 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-05-25 21:16 . 2009-05-25 21:16 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-05-25 21:16 . 2009-05-25 21:16 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-05-25 21:16 . 2009-05-25 21:16 130560 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-05-25 21:16 . 2009-05-25 21:16 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-05-25 21:16 . 2009-05-25 21:16 501760 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-05-25 21:16 . 2009-05-25 21:16 53248 ----a-w- c:\windows\system32\iasads.dll
2009-05-25 21:16 . 2009-05-25 21:16 97280 ----a-w- c:\windows\system32\iasrecst.dll
2009-05-25 21:16 . 2009-05-25 21:16 37888 ----a-w- c:\windows\system32\iasdatastore.dll
2009-05-25 21:16 . 2009-05-25 21:16 158720 ----a-w- c:\windows\system32\sdohlp.dll
2009-05-25 21:11 . 2009-05-25 21:11 9728 ----a-w- c:\windows\system32\LAPRXY.DLL
2009-05-25 21:11 . 2009-05-25 21:11 223232 ----a-w- c:\windows\system32\WMASF.DLL
2009-05-25 21:11 . 2009-05-25 21:11 2048 ----a-w- c:\windows\system32\asferror.dll
2009-05-25 21:09 . 2009-05-25 21:09 7680 ----a-w- c:\windows\system32\lsass.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-09 12:45 . 2009-05-29 21:57 2415403008 --sha-w- \hiberfil.sys
2009-06-09 12:45 . 2009-05-24 20:28 2729328640 --sha-w- \pagefile.sys
2009-05-25 22:20 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-25 22:20 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-05-25 22:20 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-05-25 21:25 . 2009-05-25 21:25 2655232 ----a-w- c:\windows\system32\NlsData0011.dll
2009-05-25 20:00 . 2009-05-25 20:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-05-25 20:00 . 2009-05-25 20:00 826368 ----a-w- c:\windows\system32\wininet.dll
2009-05-25 20:00 . 2009-05-25 20:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-05-25 20:00 . 2009-05-25 20:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-05-25 18:13 . 2009-05-24 20:22 680 ----a-w- c:\users\Hp\AppData\Local\d3d9caps.dat
2009-05-25 17:10 . 2009-05-25 13:30 -------- d-----w- c:\programdata\Apple Computer
2009-05-25 15:32 . 2006-11-02 12:35 -------- d-----w- c:\program files\MSBuild
2009-05-25 13:55 . 2009-05-25 13:54 -------- d-----w- c:\program files\QuickWiz
2009-05-25 13:54 . 2009-05-25 13:54 -------- d-----w- c:\program files\Common Files\Accent Shared
2009-05-25 13:54 . 2009-05-25 13:54 -------- d-----w- c:\program files\Common Files\GuruNet Shared
2009-05-25 13:54 . 2009-05-25 13:54 0 --sha-r- \MSDOS.SYS
2009-05-25 13:54 . 2009-05-25 13:54 0 --sha-r- \IO.SYS
2009-05-25 13:45 . 2009-05-25 13:45 -------- d-----w- c:\program files\mpegable
2009-05-25 13:45 . 2009-05-25 13:45 47104 ------w- c:\windows\AKDeInstall.exe
2009-05-25 13:45 . 2009-05-25 13:45 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-25 13:31 . 2009-05-25 13:31 -------- d-----w- c:\users\Hp\AppData\Roaming\Apple Computer
2009-05-25 13:31 . 2009-05-25 13:31 -------- d-----w- c:\programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-05-25 13:31 . 2009-05-25 13:31 -------- d-----w- c:\program files\iTunes
2009-05-25 13:31 . 2009-05-25 13:31 -------- d-----w- c:\program files\iPod
2009-05-25 13:31 . 2009-05-25 13:31 -------- d-----w- c:\program files\Bonjour
2009-05-25 13:31 . 2009-05-25 13:30 -------- d-----w- c:\program files\QuickTime
2009-05-25 13:31 . 2009-05-25 13:30 -------- d-----w- c:\program files\Common Files\Apple
2009-05-25 13:30 . 2009-05-25 13:30 -------- d-----w- c:\program files\Apple Software Update
2009-05-20 19:54 . 2009-04-03 18:18 33840 ----a-w- c:\windows\system32\drivers\HssDrv.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-05-29_15.35.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-25 11:04 . 2009-06-09 12:48 36174 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:03 . 2009-06-09 12:48 50626 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-27 13:31 . 2008-11-27 13:31 98304 c:\windows\System32\Macromed\Shockwave 10\SwOnce.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 86016 c:\windows\System32\Macromed\Shockwave 10\SwMenuX.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 77824 c:\windows\System32\Macromed\Shockwave 10\SwInit.exe
+ 2008-11-27 13:31 . 2008-11-27 13:31 24576 c:\windows\System32\Macromed\Shockwave 10\DynaPlayer.dll
+ 2009-03-16 08:59 . 2009-03-16 08:59 53248 c:\windows\System32\Macromed\Common\SwSupport.dll
+ 2009-05-15 15:50 . 2009-05-15 15:50 21008 c:\windows\System32\DriverStore\FileRepository\klim6.inf_ec82f25c\klim6.sys
+ 2009-05-25 02:18 . 2009-05-25 02:18 27507 c:\windows\System32\drivers\klopp.dat
+ 2009-05-16 17:59 . 2009-05-16 17:59 19472 c:\windows\System32\drivers\klmouflt.sys
+ 2009-05-15 15:50 . 2009-05-15 15:50 21008 c:\windows\System32\drivers\klim6.sys
+ 2008-12-15 17:41 . 2008-12-15 17:41 33808 c:\windows\System32\drivers\klbg.sys
+ 2006-11-02 13:00 . 2009-06-09 14:16 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:00 . 2009-05-29 14:56 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:00 . 2009-05-29 14:56 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:00 . 2009-06-09 14:16 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-30 13:56 . 2009-05-30 13:55 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012009053020090531\index.dat
- 2006-11-02 13:00 . 2009-05-29 14:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:00 . 2009-06-09 14:16 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-06-01 06:24 . 2009-06-01 06:24 78571 c:\windows\System32\Adobe\Shockwave 11\uninstaller.exe
+ 2009-04-29 10:17 . 2009-04-29 10:17 58736 c:\windows\System32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2009-04-28 10:23 . 2009-04-28 10:23 94208 c:\windows\System32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-04-29 10:17 . 2009-04-29 10:17 52288 c:\windows\System32\Adobe\Shockwave 11\gtapi.dll
+ 2009-04-29 10:29 . 2009-04-29 10:29 67000 c:\windows\System32\Adobe\Director\SWDNLD.EXE
- 2009-05-25 15:34 . 2009-05-25 15:34 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2006-11-02 10:25 . 2009-06-04 19:28 86016 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-05-27 18:07 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2009-06-04 19:28 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-27 18:07 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-27 18:07 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2009-06-04 19:28 51200 c:\windows\inf\infpub.dat
+ 2009-05-24 20:24 . 2009-06-09 12:48 7610 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-100929737-2577450405-1365038318-1000_UserData.bin
+ 2009-04-28 10:26 . 2009-04-28 10:26 9216 c:\windows\System32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2009-06-09 12:45 . 2009-06-09 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-29 14:56 . 2009-05-29 14:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-06-09 12:45 . 2009-06-09 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-05-29 14:56 . 2009-05-29 14:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-26 09:31 . 2009-06-08 21:58 188466 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2006-11-02 10:33 . 2009-06-09 12:52 617344 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-06-09 12:52 108874 c:\windows\System32\perfc009.dat
+ 2008-11-27 13:31 . 2008-11-27 13:31 180224 c:\windows\System32\Macromed\Shockwave 10\Proj.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 475136 c:\windows\System32\Macromed\Shockwave 10\PluginPing.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 339968 c:\windows\System32\Macromed\Shockwave 10\Plugin.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 606208 c:\windows\System32\Macromed\Shockwave 10\iml32X.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 581632 c:\windows\System32\Macromed\Shockwave 10\Control.dll
+ 2009-05-25 02:21 . 2009-05-25 02:21 219664 c:\windows\System32\klogon.dll
+ 2009-06-04 19:26 . 2009-06-04 19:26 280592 c:\windows\System32\drivers\klif.sys
+ 2009-05-24 12:30 . 2009-05-24 12:30 128016 c:\windows\System32\drivers\kl1.sys
+ 2009-05-27 15:46 . 2009-05-29 16:21 262144 c:\windows\System32\config\TxR\NTUSER.DAT
- 2009-05-27 15:46 . 2009-05-27 15:46 262144 c:\windows\System32\config\TxR\NTUSER.DAT
- 2009-05-27 15:46 . 2009-05-27 15:46 262144 c:\windows\System32\config\RegBack\NTUSER.DAT
+ 2009-05-27 15:46 . 2009-05-29 16:21 262144 c:\windows\System32\config\RegBack\NTUSER.DAT
- 2009-05-27 15:46 . 2009-05-27 15:46 262144 c:\windows\System32\config\Journal\NTUSER.DAT
+ 2009-05-27 15:46 . 2009-05-29 16:21 262144 c:\windows\System32\config\Journal\NTUSER.DAT
+ 2009-04-28 10:24 . 2009-04-28 10:24 114688 c:\windows\System32\Adobe\Shockwave 11\SwInit.exe
+ 2009-04-29 10:28 . 2009-04-29 10:28 468408 c:\windows\System32\Adobe\Shockwave 11\SwHelper_1150596.exe
+ 2009-04-28 10:26 . 2009-04-28 10:26 446464 c:\windows\System32\Adobe\Shockwave 11\Proj.dll
+ 2009-04-28 10:24 . 2009-04-28 10:24 372736 c:\windows\System32\Adobe\Shockwave 11\Plugin.dll
+ 2009-04-29 10:17 . 2009-04-29 10:17 716800 c:\windows\System32\Adobe\Shockwave 11\gi.dll
+ 2009-04-28 10:26 . 2009-04-28 10:26 614400 c:\windows\System32\Adobe\Shockwave 11\Control.dll
+ 2009-04-29 10:29 . 2009-04-29 10:29 202168 c:\windows\System32\Adobe\Director\SwDir.dll
+ 2009-04-28 10:25 . 2009-04-28 10:25 131072 c:\windows\System32\Adobe\Director\np32dsw.dll
- 2009-05-25 15:34 . 2009-05-25 15:34 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2005-06-13 12:50 . 2005-06-13 12:50 397312 c:\windows\Downloaded Program Files\imcv1.dll
+ 2008-11-27 13:31 . 2008-11-27 13:31 1490944 c:\windows\System32\Macromed\Shockwave 10\dirapiX.dll
+ 2009-04-28 10:00 . 2009-04-28 10:00 1011712 c:\windows\System32\Adobe\Shockwave 11\iml32.dll
+ 2009-04-28 10:04 . 2009-04-28 10:04 1798144 c:\windows\System32\Adobe\Shockwave 11\dirapi.dll
+ 2009-05-25 15:34 . 2009-06-07 04:12 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-05-25 15:34 . 2009-05-25 15:34 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-05-25 15:34 . 2009-06-07 04:12 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
2009-05-04 10:56 398776 ----a-w- c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-05-25 21:47 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-05-25 1232896]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Azkary"="c:\program files\Azkary\Azkary" [X]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-08 289576]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-25 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [BU]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]

c:\users\Hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE Gamer HUD.lnk - c:\program files\GIGABYTE\Gamer HUD\HUD.exe [2008-7-15 1952256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-100929737-2577450405-1365038318-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A24D2123-A10A-4062-B495-2BFA6FD86440}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{815900BB-9D35-4BCC-AE9C-E0EE6507BF17}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{2F004693-4B3C-462C-8513-A585337F8A9D}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{029ADD7B-2584-42A2-A9C9-18CB7DF53053}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{5F03A141-211A-4D24-947A-F1675EE5073F}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{E1C85411-75BF-4C62-A2EC-A2853911A8BE}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B416896B-9DFC-49CC-AA2A-13882604CFBA}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{BA3D5002-00F8-4ACC-B3B7-81129FBA908A}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{28F0CEF5-173B-4CE8-9AD1-C3F339F49CB9}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{B81A5A05-A0B5-4CD6-B046-A1B47E6FD041}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{3E8C77EC-A1F1-4AB8-B39F-1B9A6BC302B4}"= c:\program files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{D66E926F-8385-4B63-AB4D-443A02C4493F}"= UDP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{C9AFD3C2-5CE9-4512-9FE2-0A1F5D7F3BC3}"= TCP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{DF3C2066-B378-4DAF-94A1-44B9523AE213}"= UDP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{8E4D98C8-0878-4422-B282-9EBFCC1FF9C7}"= TCP:c:\program files\GameSpy Arcade\Aphex.exe:GameSpy Arcade
"{3A23327A-3CBC-4599-A8F5-36268495C604}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{A14FD987-60C7-4B67-A03F-BC938694DAA3}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{702132BE-9881-4294-9FDD-CF140AA4DBAD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{0828BE38-1F10-4528-831C-12F33E9A7806}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/08 08:41 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/09 06:50 م 21008]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [01/06/09 09:13 م 331312]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [02/11/06 01:25 م 167936]
R3 HssDrv;Hotspot Shield Helper Miniport;c:\windows\System32\drivers\HssDrv.sys [03/04/09 09:18 م 33840]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/09 08:59 م 19472]
S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [25/05/09 08:01 م 240128]
S2 mfevtp;mfevtp;c:\windows\system32\mfevtps.exe --> c:\windows\system32\mfevtps.exe [?]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [01/06/09 09:58 م 34352]
S3 mferkdet;mferkdet;c:\windows\System32\drivers\mferkdet.sys [25/05/09 05:33 م 64432]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: {{4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
IE: {{CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
FF - ProfilePath - c:\users\Hp\AppData\Roaming\Mozilla\Firefox\Profiles\6djurqh3.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-09 19:24
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-06-09 19:26
ComboFix-quarantined-files.txt 2009-06-09 16:26
ComboFix2.txt 2009-05-29 15:37

Pre-Run: 6,849,486,848 bytes free
Post-Run: 6,929,317,888 bytes free

375 --- E O F --- 2009-05-25 22:17
 
تأييد 0

عطل برنامج الحمايه واستخدم اداة SmitfraudFix

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

000.png





001.png





002.png





003.png





004.png


005.png
 
التعديل الأخير بواسطة المشرف:
توقيع : king_man
تأييد 0
SmitFraudFix v2.419

Scan done at 20:06:43.67, Tue 06/09/2009
Run from C:\Windows\system32\SmitfraudFix
OS: Microsoft Windows [Version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Broadcom NetXtreme Gigabit Ethernet
DNS Server Search Order: 192.168.1.254

Description: TAP VPN Adapter
DNS Server Search Order: 10.17.224.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{63873EFD-BBEE-47BC-9B73-B135B9A883D9}: DhcpNameServer=10.17.224.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{7448E490-4F80-46E4-9FDB-5734BD548E6E}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7448E490-4F80-46E4-9FDB-5734BD548E6E}: DhcpNameServer=212.93.192.16 212.93.192.10
HKLM\SYSTEM\CS2\Services\Tcpip\..\{63873EFD-BBEE-47BC-9B73-B135B9A883D9}: DhcpNameServer=10.17.224.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{7448E490-4F80-46E4-9FDB-5734BD548E6E}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CS3\Services\Tcpip\..\{7448E490-4F80-46E4-9FDB-5734BD548E6E}: DhcpNameServer=192.168.1.254
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.17.224.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.93.192.16 212.93.192.10
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.17.224.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.254


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK.2



»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End
 
تأييد 0
اخى اخبرنا هل تم حل المشكله
 
توقيع : king_man
تأييد 0
لا والله يا اخوي الكريم

المشكله زي ما تشوف في الصوره انو في اتصالين شابكين وهذا ما يخليني اقدر اتصل بالنت

كيف افصلهم ما ادري
 
تأييد 0
اخى المشكلة فى ال public network
 
تأييد 0
طيب ما الحل ؟؟
 
تأييد 0
ماذا تريد اى ان توصل الاثنان معا او تعمل بالثانية ام الاولى
 
تأييد 0
اريد انا اعمل فقط بألأنترنت

الإفتراضيه
 
تأييد 0
هل تستطيع اخى عمل ما بالصورة واعطنى صورة اخرى لهذا الاختيار
58446437.jpg



 
تأييد 0
ugugx قال:
هل تستطيع اخى عمل ما بالصورة واعطنى صورة اخرى لهذا الاختيار
58446437.jpg



أنقر للتوسيع...

اخوي هاذي وانا شغآل بالبروكسي

والمنفذ الي تحت هو حق البروكسي
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى