عندي مشكله في تعليق بالجهاز

رعبوب11 · 26 يونيو 2009

سلام عليكم انا عندي الجهاز يعلق عندي وجهازي موصفاته حلوه وعندي الهردسك 80 قيقا

هاذي موصفات جهازي واحيانن يصير ثقيل انا ابغاه خفيف ياريت تقولولي ايش اسوي الرمات عندي 2 قيقا قولولي ايش يحتاج علشان اخليه خفيف

زيزوووم · 26 يونيو 2009

هلاا فيك

عطنا تقرير مبدئي عن جهازك

واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم

رعبوب11 · 26 يونيو 2009

شوف التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:04:31 م, on 26/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp325.exe
C:\WINDOWS\vsnp325.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\calender\Rainlendar\Rainlendar2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

=
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] C:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\calender\Rainlendar\Rainlendar2.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: أضافة إلى مانع الأعلانات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{A92D9A82-7099-4DB7-BC01-E25174DF0B82}: NameServer = 10.2.224.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.EXE (file missing)
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 9352 bytes

bu3zoooz · 26 يونيو 2009

من قدك العم زيزوم رد عليك

رعبوب11 · 26 يونيو 2009

وينك يا أخ زيزوم

Future Tank X-1 · 26 يونيو 2009

رعبوب11 قال:
وينك يا أخ زيزوم

الصبر اخي

زيزوووم · 26 يونيو 2009

رعبوب11 قال:
وينك يا أخ زيزوم

وسع صدرك لا يجيك احد المشرفين ويقفل موضوعك :cr:

ونبي منك هالتقرير لاهنت

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

زيزوووم · 26 يونيو 2009

bu3zoooz قال:
من قدك العم زيزوم رد عليك

يابعد راسي :b:

رعبوب11 · 26 يونيو 2009

ههههههههههههه :d: لا تعصب عليه وهذا التقرير الثاني يابعدي

ComboFix 09-06-26.02 - Administrator 06/26/2009 21:40.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.2039.1529 [GMT 3:00]
Running from: c:\documents and settings\Administrator\My Documents\My Completed Downloads\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Help\agt0401.hlp
c:\windows\Help\agt0405.hlp
c:\windows\Help\agt0408.hlp
c:\windows\Help\agt0415.hlp
c:\windows\Help\agt0419.hlp
c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
D:\123.txt
D:\autorun.inf
.
((((((((((((((((((((((((( Files Created from 2009-05-26 to 2009-06-26 )))))))))))))))))))))))))))))))
.
2009-06-26 18:10 . 2009-06-26 18:12 -------- d-----w- c:\windows\system32\NtmsData
2009-06-26 17:04 . 2009-06-26 17:04 -------- d-----w- c:\program files\Trend Micro
2009-06-26 14:24 . 2009-06-26 14:24 95744 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\Updates\Condition.dll
2009-06-26 14:20 . 2009-06-26 14:20 9216 ----a-w- C:\t52703u.exe
2009-06-26 12:15 . 2009-06-26 12:15 -------- d-----w- c:\windows\system32\LogFiles
2009-06-26 00:18 . 2009-06-26 00:18 -------- d-----w- C:\Hotspot Shield
2009-06-25 23:36 . 2009-06-25 23:36 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-06-25 23:36 . 2009-06-25 23:36 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-06-25 23:36 . 2009-06-25 23:36 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-06-25 23:36 . 2009-06-25 23:36 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-06-25 23:36 . 2009-06-25 23:36 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-06-25 23:02 . 2009-06-25 23:02 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-06-25 22:59 . 2009-06-25 22:59 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-25 22:59 . 2009-06-25 22:59 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-25 22:58 . 2009-06-26 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-25 22:58 . 2009-06-25 22:58 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-25 22:52 . 2009-06-25 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-25 15:14 . 2009-06-25 15:16 -------- d-----w- c:\program files\Hotspot Shield
2009-06-23 21:08 . 2009-06-23 22:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM
2009-06-23 21:08 . 2009-06-23 22:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache
2009-06-23 21:08 . 2009-06-23 22:55 -------- d-----w- c:\program files\Internet Download Manager
2009-06-23 21:07 . 2009-06-23 21:07 83456 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll
2009-06-23 21:01 . 2009-06-23 21:01 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2009-06-23 20:33 . 2009-06-24 10:45 -------- d-----w- c:\program files\DAP
2009-06-22 21:52 . 2009-06-23 21:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedBit
2009-06-21 19:33 . 2009-06-21 19:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-06-20 10:04 . 2009-06-20 10:04 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-06-19 09:36 . 2009-06-19 09:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nokia Multimedia Player
2009-06-19 04:54 . 2009-06-19 04:54 -------- d-----w- c:\program files\AskSearch
2009-06-19 03:14 . 2009-06-21 22:51 -------- d-----w- c:\program files\uTorrent
2009-06-15 20:09 . 2009-06-15 20:09 -------- d-----w- c:\documents and settings\Administrator\WINDOWS
2009-06-14 23:36 . 2009-06-14 23:36 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2009-06-14 22:47 . 2009-06-14 22:47 -------- d-----w- c:\program files\Luminositi
2009-06-14 09:29 . 2009-06-14 09:49 -------- d-----w- c:\program files\Fake Webcam
2009-06-14 08:57 . 2009-06-19 05:36 -------- d-----w- c:\program files\LtUcx
2009-06-14 08:12 . 2004-08-03 19:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-06-14 08:12 . 2004-08-03 20:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-06-14 08:12 . 2004-08-03 20:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-06-14 08:12 . 2004-08-03 20:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-06-14 08:12 . 2004-08-03 20:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-06-14 08:12 . 2004-08-03 20:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-06-14 08:12 . 2004-08-03 20:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-06-14 08:11 . 2004-08-03 21:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-06-14 08:10 . 2007-02-12 11:50 20480 ----a-w- c:\windows\FixCamera.exe
2009-06-14 08:10 . 2006-07-03 07:31 94208 ----a-w- c:\windows\amcap.exe
2009-06-14 08:10 . 2006-10-10 12:49 270336 ----a-w- c:\windows\tsnp325.exe
2009-06-14 08:10 . 2006-10-10 11:11 827392 ----a-w- c:\windows\vsnp325.exe
2009-06-14 08:10 . 2007-04-20 15:51 10253056 ----a-w- c:\windows\system32\drivers\snp325.sys
2009-06-14 08:10 . 2009-06-14 08:10 -------- d-----w- c:\program files\Common Files\snp325
2009-06-14 08:10 . 2007-03-14 08:21 61440 ----a-w- c:\windows\system32\vsnp325.dll
2009-06-14 08:10 . 2006-04-12 09:11 147456 ----a-w- c:\windows\system32\rsnp325.dll
2009-06-14 08:10 . 2005-11-23 10:55 53248 ----a-w- c:\windows\system32\csnp325.dll
2009-06-14 08:10 . 2009-06-14 08:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\InstallShield
2009-06-14 07:16 . 2009-06-14 07:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\CyberLink
2009-06-14 07:16 . 2009-06-14 07:16 -------- d-----w- c:\program files\NCH Software
2009-06-14 07:09 . 2009-06-19 08:44 18595840 ----a-w- c:\windows\system32\coredata.dll
2009-06-14 07:08 . 2009-06-14 07:08 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-06-14 07:08 . 2009-06-14 07:08 -------- d-----w- c:\documents and settings\Administrator\Application Data\NCH Swift Sound
2009-06-14 07:08 . 2009-06-14 07:08 -------- d-----w- c:\program files\NCH Swift Sound
2009-06-14 06:48 . 2009-06-16 23:34 -------- d-----w- c:\documents and settings\Administrator\Phone Browser
2009-06-14 04:12 . 2009-06-14 04:15 -------- d-----w- c:\documents and settings\Administrator\Application Data\Creative
2009-06-14 04:09 . 2009-06-14 04:09 -------- d-----w- c:\windows\system32\Data
2009-06-14 04:08 . 2001-03-29 23:00 62976 ----a-w- c:\windows\system32\CTDetres.dll
2009-06-14 04:05 . 2001-08-23 12:00 6144 ----a-r- c:\windows\system32\kbdtuq.dll
2009-06-14 04:04 . 2009-06-14 01:33 -------- d--h--w- c:\documents and settings\Default User
2009-06-14 04:04 . 2009-06-14 01:20 -------- d-----w- C:\Documents and Settings
2009-06-14 04:04 . 2009-06-14 01:15 -------- d-----w- c:\documents and settings\All Users
2009-06-14 04:02 . 2009-06-14 04:11 -------- d-----w- c:\program files\Creative
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-26 18:50 . 2009-06-14 02:42 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-25 22:50 . 2009-06-14 03:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-20 08:01 . 2009-06-14 02:46 -------- d-----w- c:\documents and settings\Administrator\Application Data\Nokia
2009-06-15 05:12 . 2009-06-14 02:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-15 02:44 . 2009-06-14 03:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Comodo
2009-06-15 02:44 . 2009-06-14 03:20 -------- d-----w- c:\documents and settings\All Users\Application Data\comodo
2009-06-15 02:29 . 2009-06-14 03:22 -------- d-----w- c:\program files\VisualTaskTips
2009-06-15 00:00 . 2009-06-14 02:34 -------- d-----w- c:\program files\MSN Messenger
2009-06-14 21:43 . 2009-06-14 02:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\greatglue
2009-06-14 21:43 . 2009-06-14 02:36 -------- d-----w- c:\program files\Circle Developement
2009-06-14 08:49 . 2009-06-14 01:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-14 07:09 . 2009-06-14 07:09 344064 ----a-w- c:\windows\system32\dkll.dll
2009-06-14 07:09 . 2009-06-14 07:09 196608 ----a-w- c:\windows\system32\maag.dll
2009-06-14 07:09 . 2009-06-14 07:09 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-06-14 07:09 . 2009-06-14 07:09 1986560 ----a-w- c:\windows\system32\akll.dll
2009-06-14 07:09 . 2009-06-14 07:09 -------- d-----w- c:\program files\Ozone
2009-06-14 03:16 . 2009-06-14 02:37 -------- d-----w- c:\documents and settings\All Users\Application Data\That Face Camp Shim
2009-06-14 02:56 . 2009-06-14 02:53 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-06-14 02:56 . 2009-06-14 02:56 64650 ----a-w- c:\windows\BricoPackUninst.cmd
2009-06-14 02:56 . 2004-08-03 21:56 218624 ----a-w- c:\windows\system32\uxtheme.dll
2009-06-14 02:48 . 2009-06-14 02:48 0 ----a-w- c:\windows\nsreg.dat
2009-06-14 02:47 . 2009-06-14 02:47 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-14 02:46 . 2009-06-14 02:45 -------- d-----w- c:\program files\DIFX
2009-06-14 02:46 . 2009-06-14 02:46 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-14 02:46 . 2009-06-14 02:46 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-14 02:46 . 2009-06-14 02:44 -------- d-----w- c:\program files\Nokia
2009-06-14 02:45 . 2009-06-14 02:41 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-06-14 02:45 . 2009-06-14 02:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\PC Suite
2009-06-14 02:45 . 2009-06-14 02:45 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-14 02:44 . 2009-06-14 02:44 9728 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe
2009-06-14 02:44 . 2009-06-14 02:44 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe
2009-06-14 02:44 . 2009-06-14 02:44 15360 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-14 02:44 . 2009-06-14 02:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-14 02:44 . 2009-06-14 02:42 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-06-14 02:43 . 2009-06-14 02:43 -------- d-----w- c:\documents and settings\Administrator\Application Data\URSoft
2009-06-14 02:41 . 2009-06-14 02:41 306432 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-14 02:41 . 2009-06-14 02:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-14 02:36 . 2009-06-14 02:36 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-06-14 02:36 . 2009-06-14 02:36 172032 ------w- c:\windows\Setup1.exe
2009-06-14 02:36 . 2009-06-14 02:36 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-14 02:36 . 2009-06-14 02:36 -------- d-----w- c:\program files\greatglue
2009-06-14 02:36 . 2009-06-14 02:36 -------- d-----w- c:\program files\Windows Live
2009-06-14 02:36 . 2009-06-14 02:36 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-14 02:35 . 2009-06-14 01:27 57104 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-14 02:32 . 2009-06-14 02:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2009-06-14 02:32 . 2009-06-14 02:32 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-06-14 02:32 . 2009-06-14 02:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2009-06-14 02:32 . 2009-06-14 02:32 -------- d-----w- c:\program files\Skype
2009-06-14 02:32 . 2009-06-14 02:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-06-14 02:32 . 2009-06-14 02:32 -------- d-----w- c:\program files\Common Files\Skype
2009-06-14 02:31 . 2009-06-14 02:31 -------- d-----w- c:\program files\calender
2009-06-14 02:31 . 2009-06-14 02:31 -------- d-----w- c:\program files\ClocX
2009-06-14 02:31 . 2009-06-14 02:31 2678 ----a-w- c:\windows\java\Packages\Data\1BD3LNNJ.DAT
2009-06-14 02:31 . 2009-06-14 02:31 2678 ----a-w- c:\windows\java\Packages\Data\57X7J7NV.DAT
2009-06-14 02:31 . 2009-06-14 02:31 2678 ----a-w- c:\windows\java\Packages\Data\VLBB5RZD.DAT
2009-06-14 02:31 . 2009-06-14 02:31 2678 ----a-w- c:\windows\java\Packages\Data\9ZLNXZRT.DAT
2009-06-14 02:31 . 2009-06-14 02:31 2678 ----a-w- c:\windows\java\Packages\Data\1RPR371F.DAT
2009-06-14 02:30 . 2009-06-14 02:30 2232 ----a-w- c:\windows\java\Packages\Data\JXJ5F39N.DAT
2009-06-14 02:30 . 2009-06-14 02:30 155995 ----a-w- c:\windows\java\Packages\PBH37TRL.ZIP
2009-06-14 02:27 . 2009-06-14 02:27 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-14 02:27 . 2009-06-14 02:27 -------- d-----w- c:\program files\Common Files\Real
2009-06-14 02:27 . 2009-06-14 02:03 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-14 02:27 . 2009-06-14 02:03 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-14 02:27 . 2009-06-14 02:27 -------- d-----w- c:\program files\Real
2009-06-14 02:26 . 2009-06-14 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-06-14 02:25 . 2009-06-14 01:54 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-14 02:25 . 2009-06-14 02:02 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-14 02:12 . 2009-06-14 02:12 -------- d-----w- c:\program files\Microsoft.NET
2009-06-14 02:11 . 2009-06-14 02:11 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-06-14 02:09 . 2009-06-14 02:07 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-14 02:08 . 2009-06-14 02:08 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2009-06-14 02:07 . 2009-06-14 02:07 -------- d-----w- c:\program files\Nero
2009-06-14 02:04 . 2009-06-14 02:03 -------- d-----w- c:\program files\CyberLink
2009-06-14 02:03 . 2009-06-14 02:03 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-14 02:01 . 2009-06-14 02:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\ACD Systems
2009-06-14 02:01 . 2009-06-14 02:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-06-14 02:01 . 2009-06-14 02:01 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-06-14 02:01 . 2009-06-14 02:01 -------- d-----w- c:\program files\ACD Systems
2009-06-14 02:00 . 2009-06-14 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverCure
2009-06-14 01:54 . 2009-06-14 01:54 -------- d-----w- c:\program files\Realtek
2009-06-14 01:54 . 2009-06-14 01:54 315392 ----a-w- c:\windows\HideWin.exe
2009-06-14 01:48 . 2009-06-14 01:48 -------- d-----w- c:\program files\Intel
2009-06-14 01:36 . 2009-06-14 01:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\DriverCure
2009-06-14 01:31 . 2009-06-14 01:31 -------- d-----w- c:\program files\ParetoLogic
2009-06-14 01:31 . 2009-06-14 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-06-14 01:30 . 2009-06-14 01:16 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-14 01:17 . 2009-06-14 01:17 -------- d-----w- c:\program files\microsoft frontpage
2009-06-14 01:13 . 2009-06-14 01:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-04 16:00 . 2009-06-04 16:00 59992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.459\English\setup.exe
2009-06-01 18:13 . 2009-06-01 18:13 33840 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2009-05-25 02:21 . 2009-05-25 02:21 219664 ----a-w- c:\windows\system32\klogon.dll
2009-05-25 02:18 . 2009-05-25 02:18 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-05-24 12:30 . 2009-05-24 12:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-05-16 17:59 . 2009-05-16 17:59 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2009-05-13 14:46 . 2009-05-13 14:46 31760 ----a-w- c:\windows\system32\drivers\klim5.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-06-25 15:14 218160 ----a-w- c:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Rainlendar2"="c:\program files\calender\Rainlendar\Rainlendar2.exe" [2007-03-18 1284096]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Creative MediaSource Go"="c:\program files\Creative\MediaSource\Go\CTCMSGo.exe" [2003-08-12 131072]
"RemoteCenter"="c:\program files\Creative\MediaSource\RemoteControl\RCMan.EXE" [2004-06-25 147456]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2009-06-23 2811392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-10-12 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-10-12 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-10-12 135168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-14 198160]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2004-04-13 103936]
"CTSysVol"="c:\program files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800]
"SbUsb AudCtrl"="sbusbdll.dll" - c:\windows\system32\sbusbdll.dll [2004-07-09 119296]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-14 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 08:41 م 33808]
R2 HssSrv;Hotspot Shield Routing Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [01/06/2009 09:13 م 331312]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 05:46 م 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 08:59 م 19472]
R3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [14/06/2009 07:09 ص 1643648]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [01/06/2009 09:58 م 34352]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [14/06/2009 11:10 ص 10253056]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-06-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:17]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Device Detector - DevDetect.exe

.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
IE: {{CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
TCP: {A92D9A82-7099-4DB7-BC01-E25174DF0B82} = 10.2.224.1
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://server2.server4flood.com/imscp/talkc38.cab
DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} - hxxp://server2.server4flood.com/imscp/talka.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://174.36.94.119:1999/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://174.37.194.246/admin/talks3n.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\9o0cgpju.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://ar.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:ar

fficial
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
---- FIREFOX POLICIES ----
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-26 21:49
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1148)
c:\program files\Common Files\Ahead\Lib\NeroDigitalExt.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
c:\windows\system32\igfxres.dll
c:\windows\system32\igfxress.dll
c:\windows\system32\igfxsrvc.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Hotspot Shield\bin\openvpnas.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\ACD Systems\EN\DevDetect.exe
c:\windows\system32\rundll32.exe
c:\program files\Hotspot Shield\bin\openvpntray.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Creative\MediaSource\RemoteControl\OSDMenu.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
.
**************************************************************************
.
Completion time: 2009-06-26 21:56 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-26 18:56
Pre-Run: 15,530,295,296 bytes free
Post-Run: 15,618,768,896 bytes free
329

aly mohmad · 26 يونيو 2009

السلام عليكم وعندى مشكلة مشابهة مرفق لكم تقرير

زيزوووم · 26 يونيو 2009

رعبوب11 قال:
ههههههههههههه :d: لا تعصب عليه وهذا التقرير الثاني يابعدي

:d::d:

يبي له جلسه جهازك :q:

لاهنت اعمل التالي

اولاا /
احذف الكاسبر سكي

ثانيا /
احذف Hotspot Shield

ثالثا /

ادخل هذه الصفحة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وحمل اداة المكافي
شغلها بدبل كلك واتركها حتى تنتهي صفحة الدوس من الفحص والتنظيف
ثم توجه الى القرص c ،، وقم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التقرير noor_mcafee
وارفعه على هذا الموقع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وارفق رابط التحميل بمشاركتك القادمة
----------------------------

حمل برنامج الافيرا واتبع الشرح للفحص والتنظيف
ثم ارفع التقرير هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وارفق الرابط بمشاركتك القادمة
-------------------------

زيزوووم · 26 يونيو 2009

aly mohmad قال:
السلام عليكم وعندى مشكلة مشابهة مرفق لكم تقرير

عذرا منك ياغالي :b:

ارجو فتح موضوع خاص فيك

زيزوووم · 26 يونيو 2009

يرجى عدم فتح اي موقع
او تركيب فلااش ميموري
او تشغيل اي برنامج

حتى ننتهي من فحص وتنظيف جهازك

رعبوب11 · 27 يونيو 2009

زيزوم قال:
يرجى عدم فتح اي موقع

او تركيب فلااش ميموري
او تشغيل اي برنامج

حتى ننتهي من فحص وتنظيف جهازك

اسف ياخوي زيزوم على التأخير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وفحص الافيرا معاه بمستند نص

k:

زيزوووم · 27 يونيو 2009

يسعد صباحك ياغالي

جاري تحليل التقارير

DCJ_99 · 27 يونيو 2009

يسيدي مين قدهم الزعيم هوه الي بيحل مشكلتهم

زيزوووم · 27 يونيو 2009

DCJ_99 قال:
يسيدي مين قدهم الزعيم هوه الي بيحل مشكلتهم

:d:

زيزوووم · 27 يونيو 2009

لاهنت حمل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وعند التشغيل تظهر لك واجهة الاداة ,,

اضغط على Scan for Vundo

وبعد الانتهاء من الفحص .. اضغط على Remove Vundo
عندها تظهر لك رسالة تأكيد ... اضغط على yes
وعند الطلب منك باعادة الجهاز ... اختر yes

زيزوووم · 27 يونيو 2009

حمل الملف التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

فك الضغط عنه وافتح المجلد avz4
وشغل الملف avz واعمل كما الشرح التالي

ثم الصق محتوى هذا الكود داخل المساحة وتابع الشرح

كود:

begin
ExecuteStdScr(3);
end.

بعد الانتهاء ستجد مجلد جديد يحمل اسم LOG
يحتوي على ملف html يحمل اسم virusinfo_syscure
موضح بالصورة التالية

قم بضغط الملف >>>

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

الضغط
وارفعه على موقع الرفع التالي وارفقه بمشاركتك القادمة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

رعبوب11 · 27 يونيو 2009

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

:b:

زيزوومى فعال

عضو شرف

زيزوومى فعال

زيزوومي نشيط

توقيع : bu3zoooz

زيزوومى فعال

زيزوومى محترف

توقيع : Future Tank X-1

عضو شرف

عضو شرف

زيزوومى فعال

زيزوومي جديد

عضو شرف

عضو شرف

عضو شرف

زيزوومى فعال

عضو شرف

زيزوومى مبدع

توقيع : DCJ_99

عضو شرف

عضو شرف

عضو شرف

زيزوومى فعال