مشكله طفشتني؟؟؟؟؟؟؟ماعرفت احلها

س

سطيحان

زيزوومي جديد
إنضم
4 يونيو 2009
المشاركات
35
مستوى التفاعل
0
النقاط
40
غير متصل
السلام عليكم ورحمة الله وبركاته
انا عندي مشكلة ::اذا جيت افتح صورة...اواي شي اسوي .كلك يمين. فتح باستخدام يجيني كذا
665641592.jpg
url%5D
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
سطيحان قال:
السلام عليكم ورحمة الله وبركاته
انا عندي مشكلة ::اذا جيت افتح صورة اسوي .فتح باستخدام يجيني كذا
url%5d
أنقر للتوسيع...


كذا ماينفع هات صورة
 
توقيع : البارون
تأييد 0
وضعنا صورة
 
تأييد 0
الظاهر انك عندك ملفات mp3 تريد قراءتها حسنا

برنامج mp3 الذي تملك تنصبه بجهازك لا يستطيع قراءة امتداد الملف لانه عربي والبرنامج غير مصمم على قراءة الامتدادات العربية
انصحك بما يلي

يا اما تبدل امتداد الملف كان تجعل بدل كتابة اسم المجلد ب القرءان تجعله مكتوبا بالفرنسية quran وهكذا حتى اذا شغلت برنامج قارء mp3وتريد سماع هذا الصوت يقراه عادي
وهذه المشكلة دوما تصادفها عند ما يكون الاكسبي فرنسي عربي او بك 1 او فيستا الى غيري ذالك
اما بيئة اكسبي عربية فعادي هذا من باب تجربتي الخاصة فقط

اما الطريقة الثانية تنزل برنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
من باب قراءة جميع الملفات باغلب الصيغ المولتيميديا
فهذا البرنامج فقط عن تجربة شخصية في جهازي لم يظهر اي تعارض بخصوص القراءات يعني ملف mp3يحمل اسم مكتوب بالعربية ح يقراه عادي
هذا من ناحية
======
اما تفسير الخطا الذي ظهر معك على حساب ما هو مكتوب في النافذة

معناه ان البرنامج غير قادر على ربط حزمة الملفات
اخوي تاكد من تثبيت البرنامج جيدا وان البرنامج ليس له جذور او بقايا ملفات في الجهاز ثم اعد تثبيته
 
توقيع : volvo2008
تأييد 0
volvo2008 قال:
الظاهر انك عندك ملفات mp3 تريد قراءتها حسنا

برنامج mp3 الذي تملك تنصبه بجهازك لا يستطيع قراءة امتداد الملف لانه عربي والبرنامج غير مصمم على قراءة الامتدادات العربية
انصحك بما يلي

يا اما تبدل امتداد الملف كان تجعل بدل كتابة اسم المجلد ب القرءان تجعله مكتوبا بالفرنسية quran وهكذا حتى اذا شغلت برنامج قارء mp3وتريد سماع هذا الصوت يقراه عادي
وهذه المشكلة دوما تصادفها عند ما يكون الاكسبي فرنسي عربي او بك 1 او فيستا الى غيري ذالك
اما بيئة اكسبي عربية فعادي هذا من باب تجربتي الخاصة فقط

اما الطريقة الثانية تنزل برنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
من باب قراءة جميع الملفات باغلب الصيغ المولتيميديا
فهذا البرنامج فقط عن تجربة شخصية في جهازي لم يظهر اي تعارض بخصوص القراءات يعني ملف mp3يحمل اسم مكتوب بالعربية ح يقراه عادي
هذا من ناحية
======
اما تفسير الخطا الذي ظهر معك على حساب ما هو مكتوب في النافذة

معناه ان البرنامج غير قادر على ربط حزمة الملفات
اخوي تاكد من تثبيت البرنامج جيدا وان البرنامج ليس له جذور او بقايا ملفات في الجهاز ثم اعد تثبيته
أنقر للتوسيع...
:ok:

























:d:
 
تأييد 0
مو بس هذا كل شي يجيني زي كذا حتى صورة او اي شي.....
 
تأييد 0
هلا بك



اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​
 
توقيع : AbOdy
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:28:16 م, on 12/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Gigabyte\ET5Pro\GUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\GIGABYTE\GBTUpd\RunUpd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\ziad\My Documents\TuneUpPortable\App\TuneUp\MemOptimizer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinAce\winace.exe
C:\Documents and Settings\ziad\My Documents\Downloads\Programs\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBTUpd] C:\Program Files\GIGABYTE\GBTUpd\PreRun.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: "إضافة إلى حاجب الدعايات" - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{C15C1A0D-3C25-40AE-BBB5-7BDCD4DF099C}: NameServer = 10.7.192.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 9160 bytes
 
تأييد 0
عطل برامج الحماية وشغل الأداة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes



اثناء الفحص ممكن يعاد تشغيل الجهاز



وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى

وعطني تقرير هذه الأداة مع تقرير هايجاك جديد
 
توقيع : AbOdy
تأييد 0
ComboFix 09-06-12.02 - ziad 06/13/2009 0:11.1 - NTFSx86
Running from: c:\documents and settings\ziad\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\ziad\Application Data\wiaserva.log
c:\windows\system32\kakle.dll
c:\windows\system32\kr_done1
c:\windows\system32\rpcss(2)(2).dll
c:\windows\system32\tmp.reg
c:\windows\system32\url(3).dll
c:\windows\system32\url(4).dll
c:\windows\system32\url(6).dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
E:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys


((((((((((((((((((((((((( Files Created from 2009-05-12 to 2009-06-12 )))))))))))))))))))))))))))))))
.

2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\windows\system32\xircom
2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\windows\system32\wbem\snmp
2009-06-12 21:15 . 2009-06-12 21:15 -------- d-----w- c:\program files\microsoft frontpage
2009-06-12 20:32 . 2009-06-12 20:32 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-11 23:46 . 2009-06-11 23:46 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-06-11 23:46 . 2009-06-11 23:46 -------- d-----w- c:\program files\UltraISO
2009-06-11 23:30 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-11 23:23 . 2009-06-11 23:23 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-11 23:01 . 2009-06-11 23:01 -------- d--h--w- c:\windows\PIF
2009-06-11 21:56 . 2009-06-11 22:57 -------- d-----w- c:\program files\USB Disk Security
2009-06-11 19:20 . 2003-03-18 18:12 1047552 ----a-w- c:\windows\system32\mfc71u.dll
2009-06-11 19:20 . 2004-07-26 14:16 476320 ----a-w- c:\windows\system32\imagXpr7.dll
2009-06-11 19:20 . 2004-07-26 14:16 471040 ----a-w- c:\windows\system32\imagXRA7.dll
2009-06-11 19:20 . 2004-07-26 14:16 262144 ----a-w- c:\windows\system32\imagXR7.dll
2009-06-11 19:20 . 2004-07-26 14:16 1568768 ----a-w- c:\windows\system32\imagX7.dll
2009-06-11 19:20 . 2004-07-09 06:43 364544 ----a-w- c:\windows\system32\TwnLib4.dll
2009-06-11 19:14 . 2009-06-11 19:14 3982 ----a-w- c:\windows\87t98.sys
2009-06-11 15:05 . 2009-06-12 20:30 -------- d-----w- c:\documents and settings\ziad\Application Data\Skype
2009-06-11 15:04 . 2009-06-11 15:04 -------- d-----w- c:\program files\Common Files\Skype
2009-06-11 15:04 . 2009-06-11 15:04 -------- d-----r- c:\program files\Skype
2009-06-11 15:04 . 2009-06-11 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-09 23:34 . 2009-06-09 23:34 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-09 21:39 . 2009-04-30 21:13 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-09 21:39 . 2009-04-30 21:13 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-09 20:48 . 2009-06-09 20:48 -------- d-----w- c:\program files\AutoPlay Media Studio 6.0
2009-06-09 20:48 . 2009-06-09 20:48 -------- d-----w- c:\windows\AutoPlay Media Studio 6.0
2009-06-09 17:55 . 2009-06-09 17:55 0 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\BugdoctorSetup_388\BugdoctorSetup.exe
2009-06-09 17:49 . 2009-06-09 17:55 9412645 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\ams70ev_386\ams70ev.exe
2009-06-09 17:47 . 2009-06-09 20:49 -------- d-----w- c:\documents and settings\ziad\Application Data\IndigoRose
2009-06-09 17:47 . 2009-06-09 17:47 8704 ----a-w- c:\documents and settings\ziad\Application Data\Thinstall\KB884016\400000500002h\flasget.exe
2009-06-09 17:47 . 2009-06-09 17:47 -------- d-----w- c:\documents and settings\ziad\Application Data\Thinstall
2009-06-09 17:13 . 2009-06-09 17:13 -------- d-----w- c:\documents and settings\ziad\Application Data\Downloaded Installations
2009-06-09 14:41 . 2009-06-09 14:41 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-09 14:13 . 2009-06-09 14:13 188193 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\klmcodec485_378\klmcodec485.exe
2009-06-09 13:11 . 2009-06-09 13:11 198064 ----a-w- c:\documents and settings\ziad\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-09 12:14 . 2009-06-12 16:17 -------- d-----w- c:\program files\Unlocker
2009-06-09 12:01 . 2009-06-09 12:01 -------- d-----w- c:\documents and settings\ziad\Application Data\Malwarebytes
2009-06-09 12:00 . 2009-06-09 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-09 11:37 . 2009-06-09 11:38 2927168 ----a-w- c:\documents and settings\ziad\Application Data\IDM\idmupdt.exe
2009-06-08 23:32 . 2009-06-08 23:32 921632 ----a-w- C:\PA7302.DAT
2009-06-08 23:30 . 2008-04-13 21:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-06-08 23:30 . 2008-04-13 21:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-06-08 23:29 . 2008-04-13 21:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-06-08 23:29 . 2008-04-13 21:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-06-08 23:29 . 2008-04-13 21:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-06-08 23:29 . 2008-04-13 21:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-06-08 23:29 . 2008-04-13 21:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-06-08 23:29 . 2008-04-14 18:29 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-06-08 22:28 . 2009-06-08 22:28 -------- d-sh--w- c:\documents and settings\ziad\IECompatCache
2009-06-08 21:52 . 2006-11-20 06:04 6656 ----a-w- c:\windows\system32\CoInst_070614.dll
2009-06-08 15:45 . 2009-06-08 15:45 -------- d-----w- c:\windows\system32\LogFiles
2009-06-08 13:27 . 2009-06-11 02:54 -------- d-----w- c:\windows\PaltalkScene
2009-06-08 13:27 . 2009-06-11 02:54 -------- d-----w- c:\program files\Paltalk Messenger
2009-06-08 10:46 . 2009-06-08 10:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-06-08 10:46 . 2009-06-08 10:46 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-06-07 20:36 . 2009-06-07 20:36 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2009-06-07 18:28 . 2008-04-14 21:29 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-07 16:55 . 2008-07-08 11:54 148496 ----a-w- c:\windows\system32\drivers\34851966.sys
2009-06-07 16:47 . 2009-06-07 16:47 -------- d-sh--w- c:\documents and settings\ziad\PrivacIE
2009-06-07 16:39 . 2009-06-07 16:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-06-07 16:38 . 2009-06-07 16:38 -------- d-sh--w- c:\documents and settings\ziad\IETldCache
2009-06-07 16:27 . 2006-06-29 10:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-06-07 15:48 . 2009-06-09 21:51 -------- d-----w- c:\windows\ie8updates
2009-06-07 15:46 . 2009-06-07 15:48 -------- dc-h--w- c:\windows\ie8
2009-06-07 15:41 . 2009-05-12 05:11 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-06-06 20:16 . 2009-06-06 20:16 -------- d-----w- c:\windows\system32\QuickTime
2009-06-06 20:15 . 2009-06-06 20:15 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2009-06-06 20:15 . 2009-06-06 20:15 -------- d-----w- c:\program files\TechSmith
2009-06-06 18:59 . 2009-06-06 18:59 -------- d-----w- c:\program files\ICQ
2009-06-06 18:58 . 2009-06-06 18:59 1420884 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\powerbackupu3trial_281\powerbackupu3trial.exe
2009-06-06 18:49 . 2009-06-06 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\RoboForm
2009-06-06 17:48 . 2008-10-16 11:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-06-06 17:48 . 2008-10-16 11:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-06-06 17:35 . 2009-02-21 08:15 16973664 ----a-w- c:\documents and settings\ziad\Application Data\U3\temp\4a2aa8170\Internet explorer 8 (XP)\Internet explorer 8 FR (XP)\IE8-WindowsXP-x86-FRA.exe
2009-06-06 17:07 . 2009-06-07 19:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-05 21:41 . 2009-06-05 21:41 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-05 21:37 . 2009-06-05 21:37 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\WMTools Downloaded Files
2009-06-05 20:26 . 2009-06-05 20:26 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-05 20:23 . 2009-06-05 20:23 3584 ----a-r- c:\documents and settings\ziad\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-06-05 20:23 . 2009-06-05 20:23 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-06-05 20:23 . 2009-06-05 20:23 -------- d-----w- c:\program files\MSECACHE
2009-06-05 15:17 . 2009-06-05 15:17 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-05 15:07 . 2008-04-14 21:29 350720 ----a-w- c:\windows\system32\hypertrm.dll
2009-06-05 15:07 . 2008-04-14 21:30 342016 ----a-w- c:\windows\system32\mspaint.exe
2009-06-05 15:07 . 2008-04-14 21:29 101888 ----a-w- c:\windows\system32\clipbrd.exe
2009-06-05 15:07 . 2008-04-14 21:30 538624 ----a-w- c:\windows\system32\spider.exe
2009-06-05 14:28 . 2009-06-05 14:28 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Windows Live Writer
2009-06-05 14:28 . 2009-06-05 14:28 -------- d-----w- c:\documents and settings\ziad\Application Data\Windows Live Writer
2009-06-04 16:58 . 2009-06-04 16:58 -------- d-----w- c:\program files\ClocX
2009-06-04 16:52 . 2009-06-04 16:53 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-06-04 15:02 . 2009-06-04 15:02 7168 ----a-w- c:\windows\system32\drivers\utg4njgz.sys
2009-06-04 13:53 . 2008-07-08 11:54 148496 ----a-w- c:\windows\system32\drivers\71772103.sys
2009-06-04 10:48 . 2009-06-04 11:02 -------- d-----w- c:\documents and settings\ziad\DoctorWeb
2009-06-04 10:46 . 2009-06-04 10:46 -------- d-----w- c:\program files\RegCleaner
2009-06-04 09:52 . 2009-06-04 09:52 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\G DATA
2009-06-03 16:31 . 2000-06-26 10:45 106496 ----a-r- c:\windows\system32\TwnLib20.dll
2009-06-03 16:30 . 2001-06-26 07:15 38912 ----a-r- c:\windows\system32\picn20.dll
2009-06-03 16:30 . 2001-07-06 11:44 544768 ----a-r- c:\windows\system32\imagx5.dll
2009-06-03 16:30 . 2001-07-06 17:24 283920 ----a-r- c:\windows\system32\ImagXpr5.dll
2009-06-03 16:30 . 2001-07-06 13:41 569344 ----a-r- c:\windows\system32\imagr5.dll
2009-06-03 16:30 . 2009-06-04 10:49 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-06-03 16:30 . 2009-06-03 16:31 -------- d-----w- c:\program files\Ahead
2009-06-03 15:32 . 2009-06-06 17:31 3493888 ---ha-w- c:\documents and settings\ziad\Application Data\U3\temp\Launchpad Removal.exe
2009-06-03 15:31 . 2009-06-06 17:31 110592 ----a-w- c:\documents and settings\ziad\Application Data\U3\temp\cleanup.exe
2009-06-03 15:24 . 2009-06-06 19:10 -------- d-----w- c:\documents and settings\ziad\Application Data\U3
2009-06-03 10:24 . 2009-06-08 11:04 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Adobe
2009-06-03 10:24 . 2009-06-03 10:24 -------- d-----w- c:\documents and settings\ziad\Application Data\AdobeUM
2009-06-03 08:21 . 2009-06-03 08:21 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\Apple Computer
2009-06-03 08:13 . 2009-06-03 08:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-03 08:12 . 2009-06-08 22:08 -------- d-----w- c:\program files\QuickTime Alternative
2009-06-02 23:14 . 2009-06-02 23:22 1375290 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\Nero-9.4.13.2_trial_168\Nero-9.4.13.2_trial.exe
2009-06-02 22:24 . 2008-04-13 21:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-06-02 22:24 . 2008-04-13 21:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-02 21:44 . 2009-06-02 22:21 -------- d-----w- c:\program files\ma-config.com
2009-06-02 21:44 . 2009-06-02 22:21 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2009-06-02 16:57 . 2009-06-02 16:57 -------- d-----w- c:\windows\Sun
2009-06-02 15:49 . 2009-06-02 15:49 -------- d-----w- c:\program files\IObit
2009-06-02 03:32 . 2009-01-15 07:00 13824 ----a-w- c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFAlert.dll
2009-06-02 03:32 . 2009-01-15 07:00 114688 ----a-w- c:\documents and settings\ziad\Application Data\Mozilla\Firefox\Profiles\qcsaup30.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\npmozax.dll
2009-06-01 21:47 . 2009-06-01 21:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-01 20:28 . 2009-06-03 16:52 -------- d-----w- c:\documents and settings\ziad\Local Settings\Application Data\AskToolbar
2009-06-01 20:28 . 2009-06-01 20:28 -------- d-----w- c:\documents and settings\ziad\Application Data\TuneUp Software
2009-06-01 20:27 . 2009-06-01 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-06-01 20:27 . 2009-06-09 00:43 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-06-01 19:38 . 2009-06-01 19:38 84760 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 21:15 . 2009-05-26 20:15 -------- d-----w- c:\documents and settings\ziad\Application Data\DMCache
2009-06-12 21:15 . 2009-05-26 19:55 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2009-06-12 21:15 . 2009-05-26 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-12 21:14 . 2009-05-26 20:12 491552 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-12 21:14 . 2009-05-26 20:12 4856 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-12 21:14 . 2009-05-26 20:12 1852960 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-12 21:14 . 2009-05-26 20:12 17652 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-12 16:41 . 2009-06-12 16:41 -------- d-----w- c:\documents and settings\ziad\Application Data\CyberScrub
2009-06-12 16:41 . 2009-06-12 16:41 -------- d-----w- c:\documents and settings\ziad\Application Data\cleaner
2009-06-12 13:34 . 2009-05-26 20:07 -------- d-----w- c:\program files\Nero
2009-06-11 19:14 . 2009-06-11 19:14 6693 ----a-w- c:\windows\system32\drivers\15KP9.s38
2009-06-11 13:19 . 2009-05-26 20:15 -------- d-----w- c:\documents and settings\ziad\Application Data\IDM
2009-06-10 01:35 . 2009-05-26 20:00 -------- d-----w- c:\program files\Internet Download Manager
2009-06-09 14:41 . 2009-05-26 20:19 -------- d-----w- c:\program files\Common Files\Real
2009-06-09 14:41 . 2009-05-26 20:19 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-09 14:41 . 2009-05-26 20:01 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-09 14:39 . 2009-06-09 14:39 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-08 22:31 . 2009-05-26 19:50 27848 ----a-w- c:\documents and settings\ziad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-08 22:08 . 2009-05-26 20:01 -------- d-----w- c:\program files\CCleaner
2009-06-08 13:27 . 2009-05-26 20:02 -------- d-----w- c:\documents and settings\ziad\Application Data\Paltalk
2009-06-07 18:27 . 2009-05-26 19:40 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-05 15:08 . 2001-09-19 18:00 67438 ----a-w- c:\windows\system32\perfc001.dat
2009-06-05 15:08 . 2001-09-19 18:00 366874 ----a-w- c:\windows\system32\perfh001.dat
2009-06-04 12:04 . 2009-05-26 19:37 358912 ----a-w- c:\windows\system32\wbem\wmic.exe
2009-06-04 12:04 . 2009-05-26 19:37 16896 ----a-w- c:\windows\system32\wbem\unsecapp.exe
2009-06-04 12:04 . 2009-05-26 19:37 117760 ----a-w- c:\windows\system32\wbem\wbemtest.exe
2009-06-04 12:04 . 2009-05-26 19:37 36352 ----a-w- c:\windows\system32\wbem\scrcons.exe
2009-06-04 12:04 . 2009-05-26 19:37 16384 ----a-w- c:\windows\system32\wbem\mofcomp.exe
2009-06-04 12:01 . 2009-05-26 19:37 20992 ----a-w- c:\windows\system32\msg.exe
2009-06-04 12:00 . 2008-04-14 21:29 19968 ----a-w- c:\windows\system32\cacls.exe
2009-06-04 11:55 . 2009-05-26 22:34 15360 ----a-w- c:\windows\TASKMAN.EXE
2009-06-04 11:55 . 2009-05-26 19:47 86016 ----a-w- c:\windows\SoundMan.exe
2009-06-04 11:55 . 2001-09-19 18:00 25600 ----a-w- c:\windows\twunk_32.exe
2009-06-04 11:55 . 2009-05-26 19:47 1826816 ----a-w- c:\windows\SkyTel.exe
2009-06-04 11:55 . 2009-05-26 19:47 1191936 ----a-w- c:\windows\RtlUpd.exe
2009-06-04 11:55 . 2009-05-26 19:47 9716736 ----a-w- c:\windows\RTLCPL.exe
2009-06-04 11:55 . 2009-05-26 19:47 2166784 ----a-w- c:\windows\MicCal.exe
2009-06-04 11:55 . 2009-05-26 19:47 315392 ----a-w- c:\windows\HideWin.exe
2009-06-04 11:55 . 2009-05-26 19:47 2811392 ----a-w- c:\windows\alcwzrd.exe
2009-06-04 10:55 . 2009-06-04 10:06 79360 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\WS2Fix.exe
2009-06-04 10:55 . 2009-06-04 10:06 90112 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\VACFix.exe
2009-06-04 10:55 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\UIFix.exe
2009-06-04 10:55 . 2009-06-04 10:06 245760 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\unzip.exe
2009-06-04 10:55 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swxcacls.exe
2009-06-04 10:55 . 2009-06-04 10:06 44032 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swsc.exe
2009-06-04 10:55 . 2009-06-04 10:06 24576 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Reboot.exe
2009-06-04 10:55 . 2009-06-04 10:06 20480 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\SmiUpdate.exe
2009-06-04 10:55 . 2009-06-04 10:06 136704 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\swreg.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\IEDFix.exe
2009-06-04 10:54 . 2009-06-04 10:06 83456 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\o4Patch.exe
2009-06-04 10:54 . 2009-06-04 10:06 3584 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Policies.exe
2009-06-04 10:54 . 2009-06-04 10:06 180224 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\ProxyDisable.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\IEDFix.C.exe
2009-06-04 10:54 . 2009-06-04 10:06 85504 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\GenericRenosFix.exe
2009-06-04 10:54 . 2009-06-04 10:06 80896 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\HostsChk.exe
2009-06-04 10:54 . 2009-06-04 10:06 51200 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\dumphive.exe
2009-06-04 10:54 . 2009-06-04 10:06 1536 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\exit.exe
2009-06-04 10:54 . 2009-06-04 10:06 84992 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\404Fix.exe
2009-06-04 10:54 . 2009-06-04 10:06 81408 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\Agent.OMZ.Fix.exe
2009-06-04 10:49 . 2009-05-26 19:37 16896 ----a-w- c:\windows\system32\wbem\winmgmt.exe
2009-06-04 10:49 . 2008-04-14 21:30 56320 ----a-w- c:\windows\system32\tlntsvr.exe
2009-06-04 10:49 . 2008-04-14 21:30 57856 ----a-w- c:\windows\system32\spoolsv.exe
2009-06-04 10:49 . 2008-04-14 21:30 71680 ----a-w- c:\windows\system32\smlogsvc.exe
2009-06-03 16:30 . 2009-05-26 20:07 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-02 18:19 . 2009-05-26 19:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-02 17:37 . 2009-05-26 20:11 -------- d-----w- c:\program files\Hotspot Shield
2009-06-02 16:29 . 2009-05-26 19:44 16608 ----a-w- c:\windows\gdrv.sys
2009-06-02 08:56 . 2009-06-04 10:06 2180123 ----a-w- c:\documents and settings\ziad\Application Data\IDM\DwnlData\ziad\SmitfraudFix_221\SmitfraudFix\SmitfraudFix.cmd
2009-05-31 17:54 . 2008-04-14 21:30 14848 ----a-w- c:\windows\system32\svchost.exe
2009-05-30 10:46 . 2008-04-14 21:30 155648 ------w- c:\windows\system32\wscript.exe
2009-05-30 10:46 . 2008-04-14 21:30 110592 ----a-w- c:\windows\system32\services.exe
2009-05-30 10:46 . 2008-04-14 21:30 110592 ----a-w- c:\windows\system32\services(2)(2).exe
2009-05-30 10:46 . 2008-04-14 21:29 139264 ------w- c:\windows\system32\cscript.exe
2009-05-30 10:46 . 2001-09-19 18:00 35328 ------w- c:\windows\system32\sc.exe
2009-05-30 10:46 . 2006-10-18 20:03 101376 ------w- c:\windows\system32\logagent.exe
2009-05-29 09:48 . 2008-04-14 21:29 11264 ----a-w- c:\windows\system32\dumprep.exe
2009-05-29 09:48 . 2008-04-14 21:29 45056 ----a-w- c:\windows\system32\alg.exe
2009-05-28 22:25 . 2001-09-19 18:00 12800 ----a-w- c:\windows\system32\mrinfo.exe
2009-05-28 22:17 . 2008-04-14 21:29 1031168 ----a-w- c:\windows\explorer.exe
2009-05-28 22:14 . 2008-04-14 21:29 15360 ----a-w- c:\windows\system32\ctfmon.exe
2009-05-28 22:05 . 2008-04-14 21:29 180224 ----a-w- c:\windows\system32\dwwin.exe
2009-05-28 09:59 . 2008-04-14 21:30 36864 ------w- c:\windows\system32\odbcad32.exe
2009-05-28 09:59 . 2008-04-14 21:29 64512 ------w- c:\windows\system32\cleanmgr.exe
2009-05-28 09:59 . 2009-05-26 19:47 16859136 ------r- c:\windows\RTHDCPL.exe
2009-05-28 09:59 . 2009-05-26 19:54 306688 ------w- c:\windows\IsUninst.exe
2009-05-28 09:59 . 2001-09-19 18:00 33792 ------w- c:\windows\system32\wupdmgr.exe
2009-05-28 09:59 . 2008-04-14 21:30 50176 ------w- c:\windows\system32\utilman.exe
2009-05-28 09:59 . 2008-04-14 21:29 143360 ------w- c:\windows\system32\mobsync.exe
2009-05-28 09:59 . 2008-04-14 21:29 389632 ------w- c:\windows\system32\cmd.exe
2009-05-28 09:59 . 2008-04-14 21:30 35840 ------w- c:\windows\system32\rcimlby.exe
2009-05-28 09:58 . 2001-09-19 18:00 347136 ------w- c:\windows\system32\tourstart.exe
2009-05-27 23:22 . 2009-05-26 19:40 86327 ------w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-27 12:51 . 2008-04-14 21:30 37376 ------w- c:\windows\system32\netstat.exe
2009-05-27 12:51 . 2008-04-14 21:29 115200 ------w- c:\windows\system32\iexpress.exe
2009-05-27 12:40 . 2008-04-14 21:30 31232 ------w- c:\windows\system32\wscntfy.exe
2009-05-26 21:08 . 2009-05-26 21:05 -------- d-----w- c:\program files\Windows Live
2009-05-26 21:06 . 2009-05-26 21:06 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-26 21:06 . 2009-05-26 21:06 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-26 21:05 . 2009-05-26 21:05 -------- d-----w- c:\program files\Microsoft
2009-05-26 20:40 . 2008-01-29 14:29 33808 ------w- c:\windows\system32\drivers\klbg.sys
.

------- Sigcheck -------

[-] 2009-05-31 17:54 14848 6DBDAE7658CD81B2E45DB0DA2D0C0961 c:\windows\system32\svchost.exe

[-] 2009-05-28 22:17 1031168 AEC443583A7AAF1DEB50EE62A3EB5F0A c:\windows\explorer.exe

[-] 2009-05-30 10:46 111104 9BD755964CEA5FDD0E0CCA43496641EB c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-05-30 10:46 110592 ABD17858C840083966513CFA661E50A8 c:\windows\system32\services.exe
[-] 2009-05-30 10:46 110592 ABD17858C840083966513CFA661E50A8 c:\windows\system32\dllcache\services.exe

[-] 2009-05-28 22:14 15360 00EA61EEFF6B0B54361C0364F2C5F799 c:\windows\system32\ctfmon.exe

[-] 2009-06-04 10:49 57856 F847A3B1397DDD1C7373395D6B97FCE6 c:\windows\system32\spoolsv.exe

[-] 2009-05-27 12:41 26112 37E445BA6F57F538ADB92BFE6A5A53DE c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2009-05-28 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-09 2815408]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2009-05-27 20480]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2009-06-04 204800]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2009-05-28 81920]
"GBTUpd"="c:\program files\GIGABYTE\GBTUpd\PreRun.exe" [2008-04-03 297480]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-26 206088]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2004-04-13 103936]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-09 198160]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2009-05-28 16859136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-05-28 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"81:TCP"= 81:TCP:Bifrost

R0 GVTDrv;GVTDrv; [x]
R3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]
R3 utg4njgz;AVZ Kernel Driver;c:\windows\system32\Drivers\utg4njgz.sys [2009-06-04 7168]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2009-05-26 33808]
S0 ulsata2;ulsata2; [x]
S1 is-4EF8Edrv;is-4EF8Edrv;c:\windows\system32\DRIVERS\71772103.sys [2008-07-08 148496]
S1 is-K54HCdrv;is-K54HCdrv;c:\windows\system32\DRIVERS\34851966.sys [2008-07-08 148496]
S2 HssSrv;Hotspot Shield Routing Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [2009-06-01 331312]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - MARKFUN_NT
*Deregistered* - MarkFun_NT

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-11 c:\windows\Tasks\User_Feed_Synchronization-{114F0AEC-68F2-4E6B-89A1-BC756DC6FC77}.job
- c:\windows\system32\msfeedssync.exe [2008-05-07 01:31]
.
- - - - ORPHANS REMOVED - - - -

BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll
HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {C15C1A0D-3C25-40AE-BBB5-7BDCD4DF099C} = 10.7.192.1
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-13 00:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1368)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\CF27459.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Hotspot Shield\bin\openvpnas.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Gigabyte\GBTUpd\RunUpd.exe
.
**************************************************************************
.
Completion time: 2009-06-12 0:17 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-12 21:17

Pre-Run: 20,542,914,560 bytes free
Post-Run: 20,459,986,944 bytes free

380 --- E O F --- 2009-06-09 21:51
ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ
تقرير الهايجك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:18 ص, on 13/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\GIGABYTE\GBTUpd\RunUpd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ziad\My Documents\Downloads\Programs\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GBTUpd] C:\Program Files\GIGABYTE\GBTUpd\PreRun.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')
O4 - HKUS\S-1-5-21-606747145-2111687655-1417001333-1003\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{C15C1A0D-3C25-40AE-BBB5-7BDCD4DF099C}: NameServer = 10.7.192.1
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 7858 bytes
 
تأييد 0
تمام التقرير الأخير سليم

اعمل التالي

قم بعمل التالي



wh_67363828.png


wh_20288410.png




واخبرنا بخصوص المشكلة
 
توقيع : AbOdy
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى