بطئ غريب - مرفق التقرير

مطفي_النور · 27 يونيو 2009

بطئ غريب + تعليق

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:49:56 م, on 27/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Idea Net Setter\Idea Net Setter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} (AMI DicomDir TreeView Control 2.1) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

and Settings\User\سطح المكتب\الاشعه\CDVIEWER\CdViewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC0624D-0759-47B2-B164-7629EC4B1C26}: NameServer = 202.56.250.6 202.54.1.63
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5748 bytes

مطفي_النور · 27 يونيو 2009

وينكم ياااا عرب :cr:

MMA_LORD_735 · 27 يونيو 2009

أعمل التالي بترتــــيب ...

أولاً أغلق الأنتي فايروس ألي عندك ...

ثم ... حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها ... تظهر لك رسالة أضغط على [ Yes ] ...

تظهر رسالة بعدها مباشرة أيضاً أضغط على [ Yes ] ...

لح تشتغل الاداة و تسوي فحص ...

<< أثناء الفحص ممكن يسوي الجهاز ريستارد << أعادة تشغيل ...

بعد أعادة التشغيل ... تعود الاداة و تكمل فحص ...

أنتظر ولا تفتح أي برنامج حتى يظهر لك التقرير داخل مفكرة ...

و بهذا يكون أنتهى الفحص و التنظيف ...

أنسخ التقرير بشكل كامل ... و صحيح ...

و لصقه في ردك القادم ...

مطفي_النور · 27 يونيو 2009

جاري التطبيق

يعطيك العافيه اخوي:b:

MMA_LORD_735 · 28 يونيو 2009

الله يعافيك حبيبي ...

و طريق أنك تطفي الأنتي فايروس ...

كليك يمين على الأيقونة بجانب الساعة ...

و ختار [ Close ] أو [ Exit ] ...

مطفي_النور · 28 يونيو 2009

هذا التقرير اللي اعطاني
ComboFix 09-06-26.02 - User 06/28/2009 0:07.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1256.966.1025.18.1015.549 [GMT 3:00]
Running from: c:\documents and settings\User\My Documents\Downloads\Programs\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))))
.
2009-06-27 13:15 . 2009-06-27 13:15 198064 ----a-w- c:\documents and settings\User\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-27 13:14 . 2009-06-27 13:14 -------- d-----w- c:\program files\.Tonec Inc
2009-06-27 12:49 . 2009-06-27 12:49 -------- d-----w- c:\program files\Trend Micro
2009-06-26 22:00 . 2009-06-26 22:07 -------- d-----w- c:\documents and settings\User\Application Data\TeamViewer
2009-06-26 21:59 . 2009-06-26 21:59 -------- d-----w- c:\program files\TeamViewer
2009-06-26 21:59 . 2009-06-26 21:59 -------- d-----w- c:\documents and settings\User\temp
2009-06-25 16:54 . 2009-06-25 16:54 -------- d-----w- c:\program files\CCleaner
2009-06-25 14:09 . 2008-09-19 09:14 101504 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-06-25 14:09 . 2008-08-26 13:17 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-06-25 14:09 . 2008-04-14 06:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-06-25 14:09 . 2007-08-09 01:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-06-25 14:05 . 2009-06-25 14:11 -------- d-----w- c:\program files\Idea Net Setter
2009-06-23 20:37 . 2009-06-24 12:26 -------- d-----w- c:\documents and settings\User\Application Data\Nokia Multimedia Player
2009-06-23 20:33 . 2009-06-23 20:33 -------- d-sh--w- c:\documents and settings\User\Phone Browser
2009-06-23 19:58 . 2009-06-23 19:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-23 19:58 . 2009-06-23 21:06 -------- d-----w- c:\documents and settings\User\Application Data\Nokia
2009-06-22 09:49 . 2009-06-22 09:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-22 09:48 . 2009-06-22 09:48 -------- d-----w- c:\program files\Circle Devlopement
2009-06-22 09:47 . 2009-06-22 09:48 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-21 08:41 . 2009-06-27 12:44 -------- d-----w- C:\QUARANTINE
2009-06-21 08:41 . 2009-06-21 08:41 -------- d-----w- c:\program files\Adverts
2009-06-21 08:40 . 2009-06-21 08:46 -------- d-----w- c:\program files\MessengerPlus! 3
2009-06-19 13:17 . 2009-06-19 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\MSScanAppDataDir
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 21:14 . 2009-05-20 16:10 -------- d-----w- c:\documents and settings\User\Application Data\DMCache
2009-06-27 13:16 . 2009-05-20 16:10 -------- d-----w- c:\documents and settings\User\Application Data\IDM
2009-06-27 13:14 . 2009-05-20 16:09 -------- d-----w- c:\program files\Internet Download Manager
2009-06-25 14:29 . 2008-04-20 14:08 53932 ----a-w- c:\windows\system32\perfc001.dat
2009-06-25 14:29 . 2008-04-20 14:08 321742 ----a-w- c:\windows\system32\perfh001.dat
2009-06-23 20:44 . 2009-06-23 19:54 -------- d-----w- c:\documents and settings\User\Application Data\PC Suite
2009-06-23 19:57 . 2009-06-23 19:56 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-23 19:56 . 2009-06-23 19:56 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-23 19:56 . 2009-06-23 19:51 -------- d-----w- c:\program files\Nokia
2009-06-23 19:54 . 2009-06-23 19:54 -------- d-----w- c:\program files\DIFX
2009-06-23 19:53 . 2009-06-23 19:53 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-19 13:19 . 2009-05-20 15:16 82704 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-18 06:13 . 2008-04-21 09:37 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-20 18:13 . 2008-04-25 16:02 -------- d-----w- c:\program files\Windows Live
2009-05-20 18:07 . 2008-04-25 15:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-20 17:36 . 2009-05-20 16:19 -------- d-----w- c:\program files\GRETECH
2009-05-20 16:57 . 2009-05-20 16:57 -------- d-----w- c:\program files\Common Files\L&H
2009-05-20 16:54 . 2009-05-20 16:54 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-05-20 16:47 . 2009-05-20 16:47 -------- d-----w- c:\program files\Microsoft Works
2009-05-20 16:42 . 2009-05-20 16:42 -------- d-----w- c:\program files\Microsoft.NET
2009-05-20 16:27 . 2009-05-20 16:27 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-20 16:26 . 2009-05-20 16:25 -------- d-----w- c:\program files\Common Files\Real
2009-05-20 16:25 . 2009-05-20 15:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-20 16:25 . 2009-05-20 15:26 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-20 16:25 . 2009-05-20 16:25 -------- d-----w- c:\program files\Real
2009-05-20 16:20 . 2009-05-20 16:20 -------- d-----w- c:\program files\Google
2009-05-20 15:54 . 2009-05-20 15:54 2232 ----a-w- c:\windows\java\Packages\Data\MAKUTJT7.DAT
2009-05-20 15:54 . 2009-05-20 15:54 155995 ----a-w- c:\windows\java\Packages\VVZ9NX7Z.ZIP
2009-05-20 15:54 . 2009-05-20 15:54 2678 ----a-w- c:\windows\java\Packages\Data\U7BVBX33.DAT
2009-05-20 15:53 . 2009-05-20 15:53 2678 ----a-w- c:\windows\java\Packages\Data\QVTNNLJ1.DAT
2009-05-20 15:53 . 2009-05-20 15:53 2678 ----a-w- c:\windows\java\Packages\Data\VTND79J3.DAT
2009-05-20 15:53 . 2009-05-20 15:53 2678 ----a-w- c:\windows\java\Packages\Data\8AHVPVNT.DAT
2009-05-20 15:53 . 2009-05-20 15:53 2678 ----a-w- c:\windows\java\Packages\Data\N3Z3TZ1Z.DAT
2009-05-20 15:26 . 2009-05-20 15:26 -------- d-----w- c:\program files\Common Files\Cisco Systems
2009-05-20 15:26 . 2009-05-20 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-05-20 15:26 . 2009-05-20 15:24 -------- d-----w- c:\program files\McAfee
2009-05-20 15:24 . 2009-05-20 15:24 -------- d-----w- c:\program files\Common Files\McAfee
.
------- Sigcheck -------
[7] 2006-03-02 12:00 14336 0ECD0853CADB84AE5DF7DA9BD1731CC7 c:\windows\system32\svchost.exe
[7] 2007-03-08 15:36 577024 9A432140628841A7D5B489A4AC2EB154 c:\windows\system32\user32.dll
[7] 2007-03-08 15:36 577024 9A432140628841A7D5B489A4AC2EB154 c:\windows\system32\dllcache\user32.dll
[7] 2006-03-02 12:00 82944 C3B9FD7B0D0824FC224684B73302A0FD c:\windows\system32\ws2_32.dll
[7] 2008-02-16 09:30 664576 3DEE02D98E6729A99E510E50BCA91051 c:\windows\system32\wininet.dll
[7] 2008-02-16 09:30 664576 3DEE02D98E6729A99E510E50BCA91051 c:\windows\system32\dllcache\wininet.dll
[7] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\system32\dllcache\tcpip.sys
[7] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\system32\drivers\tcpip.sys
[7] 2006-03-02 12:00 501248 BA4E08425B62BE257AE4557DA058F1AA c:\windows\system32\winlogon.exe
[7] 2006-03-02 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys
[7] 2006-03-02 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys
[7] 2007-02-28 16:01 2059136 086984CD8336845B0C249E256ACB3B00 c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2007-02-28 16:01 2059136 086984CD8336845B0C249E256ACB3B00 c:\windows\system32\ntkrnlpa.exe
[7] 2007-02-28 16:01 2059136 086984CD8336845B0C249E256ACB3B00 c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2007-02-28 16:01 2181888 7EC6346D7AA038FB8879A0DCBDF2B320 c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2007-02-28 16:01 2181888 7EC6346D7AA038FB8879A0DCBDF2B320 c:\windows\system32\ntoskrnl.exe
[7] 2007-02-28 16:01 2181888 7EC6346D7AA038FB8879A0DCBDF2B320 c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2007-06-13 13:22 1030656 4E877303248A09847FB303EE173FBD70 c:\windows\explorer.exe
[7] 2007-06-13 13:22 1030656 4E877303248A09847FB303EE173FBD70 c:\windows\system32\dllcache\explorer.exe
[7] 2006-03-02 12:00 108032 706B1ED77D90DFAFC71AC86AFCC1CC03 c:\windows\system32\services.exe
[7] 2006-03-02 12:00 13312 E0C58B25FA2A8AC9EA18A0A5ABB8A932 c:\windows\system32\lsass.exe
[7] 2006-03-02 12:00 15360 B87D2319441038F62BDDAEEB6BCE156D c:\windows\system32\ctfmon.exe
[7] 2006-03-02 12:00 57856 5917EF4B63693507C1BE9D1986D2E1DB c:\windows\system32\spoolsv.exe
[7] 2007-04-16 19:45 53080 3A83A45E7DD5276315AA20245E7C32BF c:\windows\system32\wuauclt.exe
[7] 2007-04-16 19:45 53080 3A83A45E7DD5276315AA20245E7C32BF c:\windows\system32\dllcache\wuauclt.exe
[7] 2006-03-02 12:00 24576 E5B1BAFAC265460493B1A12B65C1CF52 c:\windows\system32\userinit.exe
[7] 2006-03-02 12:00 295424 4D42FE6F795DEA7917F329A40A175294 c:\windows\system32\termsrv.dll
[7] 2007-04-16 15:52 1352704 0ACBF4B0AB7F515D33D30F15C6C43BCA c:\windows\system32\kernel32.dll
[7] 2007-04-16 15:52 1352704 0ACBF4B0AB7F515D33D30F15C6C43BCA c:\windows\system32\dllcache\kernel32.dll
[7] 2006-03-02 12:00 17408 A8C31D5B403B48E98F352DCBCFCEEB9E c:\windows\system32\powrprof.dll
[7] 2006-03-02 12:00 110080 E3FE07E893352F48748790DA6FD04A42 c:\windows\system32\imm32.dll
[7] 2006-03-02 12:00 1547776 A253EDE6E4DA90E8254B8C2E4838A3CB c:\windows\system32\sfcfiles.dll

[7] 2006-03-02 12:00 24448 356C3EB547902E04CA7FEE05BCCE5C7B c:\windows\system32\drivers\kbdclass.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-27 2815408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 104984]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 121368]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 100888]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2008-04-16 335872]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-03-27 102400]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-03-20 544768]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-24 132496]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2007-10-16 111952]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-20 185896]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 222208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-03-06 16858112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
AutoRun OSCleaner.lnk - c:\program files\ASUS\Asus OS Cleaner\AsOSCleaner.exe [2008-4-25 118784]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^سرعة تشغيل Adobe Reader.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\سرعة تشغيل Adobe Reader.lnk
backup=c:\windows\pss\سرعة تشغيل Adobe Reader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
R3 AsusACPI;ASUS ACPI Driver;c:\windows\system32\drivers\ASUSACPI.SYS [25/04/2008 06:49 م 11264]
R3 Ktp;Elantech Smart-Pad;c:\windows\system32\drivers\ETD.sys [22/04/2008 07:04 ص 25088]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://eeepc.asus.com/global
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

and settings\User\سطح المكتب\الاشعه\CDVIEWER\CdViewer.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-28 00:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(492)
c:\windows\system32\igfxdev.dll
- - - - - - - > 'explorer.exe'(5848)
c:\windows\system32\msi.dll
.
Completion time: 2009-06-27 0:18
ComboFix-quarantined-files.txt 2009-06-27 21:18
Pre-Run: 16,501,497,856 bytes free
Post-Run: 16,609,255,424 bytes free
181

MMA_LORD_735 · 28 يونيو 2009

يعطيك العافية يارب ...

هلأ حبيبي رجاع و عطيني تقرير هايجك جديد ...

مطفي_النور · 28 يونيو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45:04 ص, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Idea Net Setter\Idea Net Setter.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} (AMI DicomDir TreeView Control 2.1) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

and Settings\User\سطح المكتب\الاشعه\CDVIEWER\CdViewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC0624D-0759-47B2-B164-7629EC4B1C26}: NameServer = 202.56.250.6 202.54.1.63
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6535 bytes

MMA_LORD_735 · 28 يونيو 2009

حدد هذه القيم ...

و سوي لها أصلاح ...

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} (AMI DicomDir TreeView Control 2.1) - file://C:\Documents and Settings\User\سطح المكتب\الاشع&# 1607;\CDVIEWER\CdViewer.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC0624D-0759-47B2-B164-7629EC4B1C26}: NameServer =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طريقة الأصلاح ...

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

و هات لنتيجة

...

مطفي_النور · 28 يونيو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:39:38 ص, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Idea Net Setter\Idea Net Setter.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\User\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\User\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 5653 bytes

MMA_LORD_735 · 28 يونيو 2009

لتقرير عسل مثلك

...

لحين حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دبل كليك عليها ... أتركها لين تخلص ...

و بعدين أعملك حوسة في الجهاز ...

و هات نتيجة جهازك ...

مطفي_النور · 28 يونيو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:15:01 ص, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Idea Net Setter\Idea Net Setter.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\User\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\User\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC0624D-0759-47B2-B164-7629EC4B1C26}: NameServer = 202.56.250.6 202.54.1.63
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6153 bytes

MMA_LORD_735 · 28 يونيو 2009

MMA_LORD_735 قال:
لتقرير عسل مثلك ...

لحين حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

دبل كليك عليها ... أتركها لين تخلص ...

و بعدين أعملك حوسة في الجهاز ...

و هات نتيجة جهازك ...

:u:

مطفي_النور · 28 يونيو 2009

و بعدين أعملك حوسة في الجهاز ...

احوس بشنو :cr:

بطئ غريب - مرفق التقرير

مطفي_النور

زيزوومى متألق

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

مطفي_النور

زيزوومى متألق

NTLite Business 2025.8.10552 X64