آرجو المساعدة يا إخواني عند تنصيب كسبرسكي !!!!!!

  • بادئ الموضوع بادئ الموضوع vortexpc2
  • تاريخ البدء تاريخ البدء
  • المشاهدات 625
V

vortexpc2

زيزوومى فعال
إنضم
6 أبريل 2008
المشاركات
258
مستوى التفاعل
7
النقاط
330
الإقامة
Tunisia
غير متصل
55ca1c4864.gif


بسم الله الرحمان الرحيم

آرجو المساعدة يا إخواني عند تنصيب كسبرسكي البرنامج يطلب مني إيجاد klim5.sys و هذا هو تقرير علي جهازي آرجو من كل من له دراية آن لا يبخل بي الحل

ComboFix 09-06-18.02 - Mohamed 19/06/2009 9:57.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.216.1036.18.511.88 [GMT 2:00]
Running from: c:\documents and settings\Mohamed\Mes documents\Downloads\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Mohamed\Application Data\PCenter
c:\program files\WhenUSearch
c:\windows\system32\Cache
C:\Autorun.inf
C:\d9c.bat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\cg.dat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\mw.dat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\rd.dat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\sc.dat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\sm.dat
c:\documents and settings\Mohamed\Application Data\PCenter\dbases\sp.dat
c:\documents and settings\Mohamed\Application Data\PCenter\keys\cg.key
c:\documents and settings\Mohamed\Application Data\PCenter\keys\rd.key
c:\documents and settings\Mohamed\Application Data\PCenter\keys\sc.key
c:\documents and settings\Mohamed\Application Data\PCenter\keys\sp.key
c:\documents and settings\Mohamed\Application Data\PCenter\temp\settings.ini
c:\documents and settings\Mohamed\Application Data\PCenter\temp\spfilter
C:\gpcdt.cmd
c:\program files\WhenUSearch\search.dll
c:\windows\system32\nmdfgds0.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\olhrwef.exe
D:\Autorun.inf
D:\d9c.bat
D:\gpcdt.cmd

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_AVPsys


((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 )))))))))))))))))))))))))))))))
.

2009-06-19 07:34 . 2009-06-19 08:03 358432 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-19 07:06 . 2009-06-19 08:03 233760 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-18 22:03 . 2009-06-18 22:03 -------- d-----w- c:\program files\R-Studio
2009-06-18 21:31 . 2009-06-18 21:31 -------- d-----w- c:\documents and settings\Mohamed\Application Data\Apple Computer
2009-06-18 21:31 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-06-18 21:31 . 2009-03-19 14:32 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-06-18 21:30 . 2009-06-18 21:30 -------- d-----w- c:\program files\iPod
2009-06-18 21:30 . 2009-06-18 21:31 -------- d-----w- c:\program files\iTunes
2009-06-18 21:30 . 2009-06-18 21:31 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-18 21:29 . 2009-06-18 21:29 -------- d-----w- c:\program files\Bonjour
2009-06-18 21:28 . 2009-06-18 21:30 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-06-18 21:19 . 2009-06-18 21:19 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-18 21:10 . 2009-06-18 21:12 -------- d-----w- c:\program files\QuickTime
2009-06-18 21:10 . 2009-06-18 21:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-17 17:41 . 2009-06-17 17:53 -------- d-----w- C:\TDdownload
2009-06-17 17:38 . 2006-01-09 13:01 86016 ----a-w- c:\windows\system32\gigagetbho_v10.dll
2009-06-17 17:38 . 2009-06-17 17:38 -------- d-----w- c:\program files\Giganology
2009-06-17 15:59 . 2009-06-17 15:59 104274 --sh--r- C:\gbm6n.exe
2009-06-15 17:23 . 2009-06-15 17:23 -------- d-----w- c:\documents and settings\Mohamed\Local Settings\Application Data\WinAVI
2009-06-15 17:22 . 2009-06-15 17:22 -------- d-----w- c:\program files\WinAVI Video Converter 9.0
2009-06-15 17:22 . 2009-06-15 17:22 -------- d-----w- c:\windows\WinAVI Video Converter 9.0
2009-06-14 22:21 . 2009-06-14 22:21 -------- d-----w- c:\program files\Fichiers communs\xing shared
2009-06-14 18:22 . 2009-06-14 18:22 -------- d-----w- c:\documents and settings\Mohamed\Local Settings\Application Data\Apple
2009-06-14 18:22 . 2009-06-14 18:22 -------- d-----w- c:\program files\Apple Software Update
2009-06-14 18:22 . 2009-06-14 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-14 18:21 . 2009-06-18 21:31 -------- d-----w- c:\documents and settings\Mohamed\Local Settings\Application Data\Apple Computer
2009-06-13 22:58 . 2009-06-13 23:06 4 ----a-w- c:\windows\info147.sys
2009-06-13 22:57 . 2009-06-13 22:57 -------- d-----w- c:\program files\Fichiers communs\Totem Shared
2009-06-10 17:50 . 2009-06-19 01:23 -------- d-----w- c:\program files\Flash Banner Creator
2009-06-02 17:54 . 2009-06-02 17:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Bandoo
2009-06-02 17:54 . 2009-06-02 17:55 -------- d-----w- c:\program files\Bandoo
2009-06-02 17:44 . 2009-06-02 17:44 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-02 17:44 . 2009-06-02 17:44 -------- d-----w- c:\program files\Windows Live
2009-05-31 19:05 . 2009-05-31 19:05 -------- d-----w- c:\program files\Motorola
2009-05-31 19:05 . 2008-03-26 11:43 364544 ----a-w- c:\windows\system32\sm56co81.dll
2009-05-31 19:04 . 2007-07-11 21:49 96384 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2009-05-31 19:04 . 2009-05-31 19:04 -------- d-----w- c:\program files\Realtek
2009-05-31 19:03 . 2009-05-31 19:03 -------- d-----w- c:\documents and settings\Mohamed\Application Data\InstallShield
2009-05-31 18:40 . 2009-05-31 18:40 -------- d-----w- c:\program files\ParetoLogic
2009-05-31 18:40 . 2009-05-31 18:40 -------- d-----w- c:\program files\Fichiers communs\ParetoLogic
2009-05-31 18:30 . 2009-05-31 18:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-05-29 15:56 . 2009-06-19 07:37 -------- d-----w- c:\program files\Mozilla Firefox 3.5 Beta 4
2009-05-26 18:18 . 2009-06-03 18:54 -------- d-----w- c:\program files\Counter-Strike 1.6
2009-05-26 15:58 . 2009-05-26 15:58 -------- d-----w- c:\program files\Counter-Strike
2009-05-24 22:04 . 2009-05-24 22:04 -------- d--h--w- c:\windows\PIF
2009-05-24 01:09 . 2009-05-24 01:09 -------- d-----w- c:\documents and settings\Mohamed\Application Data\oovootb
2009-05-23 17:46 . 2009-05-23 17:46 -------- d-----w- c:\documents and settings\Mohamed\Local Settings\Application Data\Identities
2009-05-22 18:02 . 2009-05-22 18:02 -------- d-----w- c:\documents and settings\Mohamed\Application Data\EmailNotifier
2009-05-22 16:18 . 2009-05-22 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\EmailNotifier
2009-05-22 16:18 . 2009-05-22 16:18 -------- d-----w- c:\program files\ooVoo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-19 08:03 . 2009-06-19 07:34 6320 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-19 08:03 . 2009-06-19 07:06 26096 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-19 07:36 . 2009-03-18 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-19 07:11 . 2009-03-23 05:07 -------- d-----w- c:\program files\Download Direct
2009-06-19 01:25 . 2009-05-01 01:15 -------- d-----w- c:\program files\SWiSHmax
2009-06-19 01:24 . 2009-05-08 10:46 -------- d-----w- c:\program files\Easy GIF Animator
2009-06-15 23:38 . 2009-04-11 00:54 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-06-14 22:21 . 2009-04-11 10:48 -------- d-----w- c:\program files\Fichiers communs\Real
2009-06-14 22:20 . 2006-09-28 18:53 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-12 15:10 . 2009-03-18 10:03 -------- d-----w- c:\documents and settings\Mohamed\Application Data\Skype
2009-06-12 12:22 . 2009-03-18 15:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-11 18:44 . 2009-03-17 22:15 79512 ----a-w- c:\documents and settings\Mohamed\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-31 19:08 . 2009-03-17 22:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-29 19:58 . 2009-03-18 13:16 15136 ----a-w- c:\program files\pldecal.wad
2009-05-26 18:26 . 2009-03-18 11:29 -------- d-----w- c:\program files\Cheating-Death
2009-05-21 14:12 . 2009-05-19 18:15 -------- d-----w- c:\program files\SFO
2009-05-19 16:43 . 2009-05-19 16:43 -------- d-----w- c:\program files\CoffeeCup Software
2009-05-17 19:42 . 2009-03-18 10:34 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-17 12:43 . 2009-05-17 12:37 -------- d-----w- c:\program files\ATI Technologies
2009-05-17 12:41 . 2009-05-17 12:41 9158 ----a-r- c:\documents and settings\Mohamed\Application Data\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
2009-05-17 12:41 . 2009-05-17 12:41 -------- d-----w- c:\program files\Fichiers communs\ATI Technologies
2009-05-17 12:29 . 2009-05-17 11:59 -------- d-----w- c:\documents and settings\All Users\Application Data\CompuServe Dialer
2009-05-17 12:25 . 2009-05-16 01:01 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-05-17 12:18 . 2009-05-17 10:40 -------- d-----w- c:\documents and settings\Mohamed\Application Data\zweitgeist
2009-05-17 12:14 . 2009-05-17 12:14 172160 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-05-17 11:59 . 2009-05-17 11:59 -------- d-----w- c:\documents and settings\Mohamed\Application Data\CompuServe Dialer
2009-05-17 10:42 . 2009-05-17 10:42 49152 ----a-w- c:\documents and settings\Mohamed\Application Data\zweitgeist\IdleHook.dll
2009-05-17 10:42 . 2009-05-17 10:42 20480 ----a-w- c:\documents and settings\Mohamed\Application Data\zweitgeist\hook13.dll
2009-05-17 10:42 . 2009-05-17 10:42 81920 ----a-w- c:\documents and settings\Mohamed\Application Data\zweitgeist\uninstall.exe
2009-05-12 15:37 . 2009-05-12 15:37 -------- d-----w- c:\documents and settings\Mohamed\Application Data\Malwarebytes
2009-05-12 15:37 . 2009-05-12 15:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-12 11:20 . 2004-08-05 12:00 567554 ----a-w- c:\windows\system32\perfh00C.dat
2009-05-12 11:20 . 2004-08-05 12:00 106172 ----a-w- c:\windows\system32\perfc00C.dat
2009-05-11 22:01 . 2009-03-18 10:34 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-10 12:40 . 2009-04-11 10:47 -------- d-----w- c:\program files\Google
2009-05-10 11:29 . 2009-05-10 11:29 -------- d-----w- c:\program files\MobeeSoft
2009-05-07 17:57 . 2009-05-07 17:56 2959376 ----a-w- c:\windows\system32\dotnetfx35setup.exe
2009-05-07 17:56 . 2009-05-07 17:55 2585872 ----a-w- c:\windows\system32\WindowsInstaller-KB893803-v2-x86.exe
2009-05-06 09:53 . 2009-05-04 16:10 -------- d-----w- c:\program files\sXe Injected
2009-05-05 19:17 . 2009-05-05 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-05-05 11:46 . 2009-05-04 19:05 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-05-04 19:06 . 2009-05-04 19:05 -------- d-----w- c:\documents and settings\Mohamed\Application Data\DAEMON Tools Pro
2009-05-04 18:57 . 2009-05-04 18:06 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-05-01 10:41 . 2009-05-01 10:40 -------- d-----w- c:\program files\mp3DirectCut
2009-04-27 16:53 . 2009-04-27 16:53 -------- d-----w- c:\program files\filehippo.com
2009-04-27 07:54 . 2009-04-02 09:24 152576 ----a-w- c:\documents and settings\Mohamed\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-26 19:20 . 2009-04-26 19:20 -------- d-----w- c:\program files\Comptes et Budget Free V5.0
2009-04-24 02:34 . 2009-04-24 02:34 -------- d-----w- c:\documents and settings\Mohamed\Application Data\Globe7
2009-04-23 09:30 . 2009-04-23 09:30 -------- d-----w- c:\program files\MOJOSOFT
2009-04-23 09:30 . 2009-04-23 09:30 -------- d-----w- c:\documents and settings\Mohamed\Application Data\mojosoft
2009-04-22 14:03 . 2009-04-26 15:11 51200 ----a-w- c:\documents and settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\ovzw1o6m.default\extensions\{42ea702f-fe06-4d30-8a24-79a35f3bd446}\components\FFExternalAlert.dll
2009-04-22 14:03 . 2009-04-26 15:11 114688 ----a-w- c:\documents and settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\ovzw1o6m.default\extensions\{42ea702f-fe06-4d30-8a24-79a35f3bd446}\components\npmozax.dll
2009-04-22 08:43 . 2009-04-22 08:43 0 ----a-w- c:\windows\ativpsrm.bin
2009-04-22 08:23 . 2009-03-17 22:27 -------- d-----w- c:\documents and settings\Mohamed\Application Data\ATI
2009-04-21 23:48 . 2009-04-21 23:48 -------- d-----w- c:\documents and settings\Mohamed\Application Data\AlauxSoft
2009-04-21 12:19 . 2009-04-21 12:15 -------- d-----w- c:\program files\SystemRequirementsLab
2009-04-21 12:15 . 2009-04-21 12:15 -------- d-----w- c:\documents and settings\Mohamed\Application Data\SystemRequirementsLab
2009-04-21 12:15 . 2009-04-21 12:15 207872 ----a-w- c:\documents and settings\Mohamed\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll
2009-04-21 12:15 . 2009-04-21 12:15 207872 ----a-w- c:\documents and settings\Mohamed\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll
2009-04-21 12:15 . 2009-04-21 12:15 207872 ----a-w- c:\documents and settings\Mohamed\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll
2009-04-21 12:15 . 2009-04-21 12:15 207872 ----a-w- c:\documents and settings\Mohamed\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll
2009-04-03 09:36 . 2009-04-03 09:36 62976 ----a-w- c:\windows\PegtopUI.exe
2009-04-03 01:53 . 2009-04-03 01:44 52770576 ----a-w- c:\documents and settings\Mohamed\Application Data\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe
2009-04-02 13:21 . 2009-05-11 22:01 84480 ----a-w- c:\windows\system32\ff_vfw.dll
2009-03-25 13:06 . 2009-04-12 15:18 51200 ----a-w- c:\documents and settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\ovzw1o6m.default\extensions\{76559fb8-c061-4635-973e-080666aa619b}\components\FFExternalAlert.dll
2009-03-25 13:06 . 2009-04-12 15:18 114688 ----a-w- c:\documents and settings\Mohamed\Application Data\Mozilla\Firefox\Profiles\ovzw1o6m.default\extensions\{76559fb8-c061-4635-973e-080666aa619b}\components\npmozax.dll
2009-03-23 03:56 . 2009-03-23 03:56 152576 ----a-w- c:\documents and settings\Mohamed\Application Data\Sun\Java\jre1.6.0_12\lzma.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2008-03-26 1208320]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-06-14 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Gigaget"="c:\program files\Giganology\Gigaget\GigagetShell.exe" [2006-02-07 495616]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.2.407\\English\\setup.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hlds.exe"=
"d:\\Mohamed\\Programes\\CryptLoad_1.1.6\\CryptLoad_1.1.6\\RouterClient.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Giganology\\Gigaget\\Gigaget.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:TCP port 443 ooVoo
"443:UDP"= 443:UDP:UDP port 443 ooVoo
"37674:TCP"= 37674:TCP:TCP port 37674 ooVoo
"37674:UDP"= 37674:UDP:UDP port 37674 ooVoo
"37675:UDP"= 37675:UDP:UDP port 37675 ooVoo

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 18:29 32784]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-06-15 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2008-12-29 18:44]

2009-06-17 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Fichiers communs\ParetoLogic\UUS2\UUS.dll [2008-02-22 10:25]

2009-06-18 c:\windows\Tasks\User_Feed_Synchronization-{DD3794E2-DE81-4BFC-A5FC-61ACC69F6CB1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
- - - - ORPHANS REMOVED - - - -

BHO-{A057A204-BACC-4D26-8087-36EE87E26986} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl


.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Download All by Gigaget - c:\program files\Giganology\Gigaget\getallurl.htm
IE: &Download by Gigaget - c:\program files\Giganology\Gigaget\geturl.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: canalplay.com
Trusted Zone: canalplusactive.com
FF - ProfilePath -

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox 3.5 Beta 4\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-19 10:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ےےےے¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(6940)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\ieframe.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\snmp.exe
c:\progra~1\Bandoo\Bandoo.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Completion time: 2009-06-19 10:08 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-19 08:08

Pre-Run: 16 948 453 376 octets libres
Post-Run: 16 887 513 088 octets libres

328 --- E O F --- 2009-05-13 23:44
أنقر للتوسيع...
المراقبين

55ca1c4864.gif


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



 

توقيع : vortexpc2
ترتيب حسب التاريخ ترتيب حسب الأصوات
الى الركن المناسب
 
تأييد 0
اعطني صورة من رسالة الخطأ باراك الله فيك
 
تأييد 0
السلام عليكم

لا عرف ما هي الرساله التي تظهر لك بالضبط
لكن من كلامك يطلب منك الكاسبر ملف klim5.sys
والملف موجود في
كود: 
C:\WINDOWS\system32\drivers

بالتوفيق ان شاء الله
 
توقيع : GranDMasteR
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى