[تم حل المشكلة]مشكلة الجهاز بطيئ لما يتصل بالنت

[hasafa]

السلام عليكم اخواني الاعزاء مشكله بالجهاز راح اكسر الجهاز
المشكله لما اتصل بالانترنت يصير الجهاز طينه ثقيل وبطيئ ولما افصل النت صار الجهاز عادى وهذا تقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:09 م, on 25/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\update\update.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG DWL-G520] C:\Program Files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - C:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O8 - Extra context menu item: إضافة إلى حاجب الدعايات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C19CDE6-59AB-49CF-9FEE-7F2532F509E2}: NameServer = 80.122.173.49 80.122.173.246
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5647 bytes

 

[MAAX]

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة​

 

[hasafa]

تسلم يالغالى وهذا التقرير

ComboFix 09-06-26.02 - MARAM 06/26/2009 21:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.965.1033.18.503.255 [GMT 3:00]
Running from: c:\documents and settings\MARAM\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-05-26 to 2009-06-26 )))))))))))))))))))))))))))))))
.

2009-06-18 17:38 . 2009-06-18 17:38 81920 ----a-w- c:\documents and settings\MARAM\Application Data\ezpinst.exe
2009-06-18 17:38 . 2009-06-18 17:38 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-06-18 17:38 . 2009-06-18 17:38 47360 ----a-w- c:\documents and settings\MARAM\Application Data\pcouffin.sys
2009-06-18 17:38 . 2009-06-18 17:39 -------- d-----w- c:\documents and settings\MARAM\Application Data\Vso
2009-06-18 17:38 . 2006-09-16 16:44 314368 ----a-w- c:\windows\system32\avisynth.dll
2009-06-18 17:38 . 2004-05-26 18:37 719872 ----a-w- c:\windows\system32\devil.dll
2009-06-18 17:38 . 2009-06-20 07:52 -------- d-----w- c:\program files\FOX Video Converter
2009-06-15 19:32 . 2008-04-09 16:58 2478656 ----a-w- c:\documents and settings\MARAM\Application Data\Simply Super Software\Trojan Remover\ive83.exe
2009-06-14 18:56 . 2009-06-14 18:56 -------- d-----w- c:\documents and settings\MARAM\Application Data\AdobeUM
2009-06-14 18:56 . 2009-06-14 18:56 -------- d-----w- c:\documents and settings\MARAM\Local Settings\Application Data\Adobe
2009-06-14 18:44 . 2009-06-14 18:44 -------- d-----w- c:\windows\Cache
2009-06-09 20:51 . 2009-06-09 20:53 -------- d-----w- c:\documents and settings\MARAM\Application Data\Mask Pro 4.0
2009-06-09 20:50 . 2007-04-19 04:36 294912 ----a-w- c:\windows\onOneToolbox2.dll
2009-06-09 20:39 . 2009-06-09 20:39 -------- d-----w- c:\program files\onOne Software
2009-06-09 20:17 . 2009-06-09 20:23 111077 ----a-w- c:\documents and settings\MARAM\Application Data\IDM\DwnlData\MARAM\Firefox-20Setup-203.0.10_22\Firefox-20Setup-203.0.10.exe
2009-06-08 19:46 . 2009-06-08 19:46 -------- d-----w- c:\documents and settings\MARAM\Local Settings\Application Data\Stardock
2009-06-07 20:12 . 2009-06-07 20:12 -------- d-----w- c:\documents and settings\MARAM\Application Data\AccurateRip
2009-06-07 19:20 . 2009-06-07 19:20 116144 ----a-w- c:\documents and settings\MARAM\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
2009-06-07 19:19 . 2009-06-10 18:41 -------- d-----w- c:\documents and settings\MARAM\Application Data\IDM
2009-06-07 19:19 . 2009-06-09 16:48 -------- d-----w- c:\program files\Internet Download Manager
2009-06-07 16:27 . 2009-06-07 16:50 -------- d-sh--w- c:\documents and settings\MARAM\Phone Browser
2009-06-06 21:08 . 2009-06-06 21:08 -------- d-----w- c:\documents and settings\MARAM\Application Data\CyberLink
2009-06-06 20:45 . 2009-06-06 20:45 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-06-06 20:42 . 2001-03-08 15:30 24064 ------w- c:\windows\system32\msxml3a.dll
2009-06-06 20:40 . 2009-06-06 20:40 -------- d-----w- c:\program files\CyberLink
2009-06-06 20:35 . 2009-06-06 20:36 84672 ----a-w- c:\documents and settings\MARAM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-06 20:27 . 2009-06-06 20:27 -------- d-----w- c:\windows\system32\ebay
2009-06-06 20:27 . 2009-06-06 20:50 -------- d-----w- c:\program files\Ashampoo
2009-06-05 18:55 . 2009-06-25 20:53 -------- d-----w- c:\windows\system32\CatRoot_bak

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-26 18:40 . 2009-04-22 18:56 -------- d-----w- c:\documents and settings\MARAM\Application Data\DMCache
2009-06-26 18:39 . 2009-04-17 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-26 18:33 . 2009-04-17 23:36 278560 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-26 18:33 . 2009-04-17 23:36 2032 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-26 18:33 . 2009-04-17 23:36 1146912 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-26 18:33 . 2009-04-17 23:36 10040 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-19 14:30 . 2009-04-22 16:44 -------- d-----w- c:\program files\iWellsoft 3GP Video Converter
2009-06-17 20:17 . 2009-05-03 17:21 -------- d-----w- c:\program files\Kelk 2000
2009-06-09 20:39 . 2009-04-17 23:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-06 20:58 . 2009-05-06 20:59 -------- d-----w- c:\program files\PhotoInstrument
2009-06-06 20:58 . 2009-04-18 17:26 -------- d-----w- c:\program files\Trojan Remover
2009-05-21 00:37 . 2009-05-21 00:37 -------- d-----w- c:\documents and settings\MARAM\Application Data\GRETECH
2009-05-21 00:36 . 2009-05-21 00:36 -------- d-----w- c:\program files\GRETECH
2009-05-20 17:28 . 2009-04-17 23:36 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-20 17:28 . 2009-04-17 23:36 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-15 06:07 . 2009-05-15 06:07 -------- d-----w- c:\documents and settings\MARAM\Application Data\Xilisoft Corporation
2009-05-15 06:02 . 2009-05-15 06:02 -------- d-----w- c:\program files\Xilisoft
2009-05-10 14:33 . 2009-05-10 14:33 -------- d-----w- c:\program files\allTunes mobile
2009-05-09 20:49 . 2009-05-09 19:43 -------- d-----w- c:\program files\Perfect Icon
2009-05-08 15:29 . 2009-05-08 15:29 -------- d-----w- c:\program files\Makayama Software
2009-05-07 15:44 . 2004-05-23 12:00 344064 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 23:03 . 2009-05-05 23:03 -------- d-----w- c:\program files\WinPcap
2009-05-03 17:22 . 2009-05-03 17:22 254976 ----a-w- c:\windows\system32\HLVDD.DLL
2009-05-03 17:08 . 2009-05-03 17:08 -------- d-----w- c:\program files\DCETools
2009-04-30 22:39 . 2009-04-30 22:39 -------- d-----w- c:\program files\Photodex Presenter
2009-04-30 22:39 . 2009-04-30 22:39 -------- d-----w- c:\documents and settings\MARAM\Application Data\Netscape
2009-04-30 22:39 . 2009-04-30 22:39 131072 ----a-w- c:\documents and settings\MARAM\Application Data\Netscape\Plugins\npPxPlay.dll
2009-04-30 22:39 . 2009-04-30 22:39 131072 ----a-w- c:\documents and settings\MARAM\Application Data\Mozilla\Plugins\npPxPlay.dll
2009-04-30 22:38 . 2009-04-30 22:38 -------- d-----w- c:\program files\Photodex
2009-04-30 22:38 . 2009-04-30 22:38 -------- d-----w- c:\documents and settings\MARAM\Application Data\Photodex
2009-04-29 23:21 . 2009-04-29 23:17 -------- d-----w- c:\program files\WinAce
2009-04-29 04:52 . 2004-05-23 12:00 659456 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:52 . 2004-05-23 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-28 23:07 . 2009-04-25 09:53 8457 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp DSP Effects.dat
2009-04-28 23:06 . 2009-04-28 23:06 13281 ----a-w- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-04-27 22:04 . 2009-04-27 22:04 -------- d-----w- c:\program files\Cryptomathic
2009-04-25 09:55 . 2009-04-17 23:21 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-24 17:33 . 2009-04-24 17:33 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Installer\CommonCustomActions\UninstCCD.exe
2009-04-24 17:33 . 2009-04-24 17:33 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-04-24 17:33 . 2009-04-24 17:33 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{5AFEABF5-7411-4C29-9FA9-71ABE880662D}\Installer\CommonCustomActions\UninstPCS.exe
2009-04-22 19:44 . 2009-04-22 19:44 69 ----a-w- c:\windows\system32\3gpvideoconverterb.dat
2009-04-22 19:44 . 2009-04-22 19:44 69 ----a-w- c:\windows\system32\3gpvideoconvertera.dat
2009-04-22 18:20 . 2009-04-22 18:20 1172 ----a-w- c:\windows\mozver.dat
2009-04-18 00:51 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-04-18 00:51 . 2009-04-18 00:51 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-04-18 00:51 . 2009-04-18 00:51 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-04-18 00:50 . 2009-04-18 00:50 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-04-18 00:06 . 2009-04-18 00:06 0 ----a-w- c:\windows\nsreg.dat
2009-04-17 23:18 . 2009-04-17 23:18 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-17 09:58 . 2004-05-23 12:00 1846656 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 15:11 . 2004-05-23 12:00 584192 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-08 2562560]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [2005-08-19 3084288]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-04-18 206088]
"D-Link AirPlus XtremeG DWL-G520"="c:\program files\D-Link\AirPlus XtremeG DWL-G520\AirPlusCFG.exe" [2007-06-21 1327104]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
"USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 318464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-05-23 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [18/04/2009 02:47 ص 472832]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [03/08/2005 12:10 ص 32512]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.googl.com/
mStart Page = hxxp://www.microsoft.com
mWindow Title = Microsoft Internet Explorer
IE: Download with Xilisoft YouTube Video Converter - c:\program files\Xilisoft\YouTube Video Converter\upod_link.HTM
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\documents and settings\MARAM\Application Data\Mozilla\Firefox\Profiles\qq4z3ywr.default\
FF - component: c:\documents and settings\MARAM\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\documents and settings\MARAM\Application Data\Mozilla\plugins\npPxPlay.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-26 21:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{4870b31a-5cf9-49d1-875a-47bc255a5870}]
@Denied: (Full) (Everyone)
"Model"=dword:0000009b
"Therad"=dword:00000007

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):e4,6a,be,6d,34,00,a9,eb,9f,5e,22,c4,4b,40,d0,68,5c,89,a6,15,4a,
92,e9,2f,dc,0a,f9,24,b1,8c,26,c5,71,73,a2,58,d7,70,8f,85,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3804)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Crypserv.exe
c:\program files\Photodex\ProShowProducer\scsiaccess.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-06-26 21:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-26 18:44

Pre-Run: 9,872,986,112 bytes free
Post-Run: 9,832,894,464 bytes free

183 --- E O F --- 2009-06-13 22:27

 

[MAAX]

هل تستخدم مزود الخدمة سعودي نت او افاق شامل ؟

 

[hasafa]

لا والله يا اخوى اتصالى واير ليس ومزود الخدمه بالمنطقه

 

[MAAX]

اخي جهازك سليم
والمشكلة بالغالب من مزود الخدمة

 

[hasafa]

تسلم يالغالى ما قصرت هم انا اعتقد من مزود الخدمه
عالعموم الف شكر