برامج مو راضيه تفتح ؟؟!!

6flah · 17 يوليو 2009

السلام عليكم

كل مافتح برنامج ميديا اوديو مايفتح مدري وش مشكلته؟؟
يطلع لي كذا

حتى الفوتوشوب كل مافتحه يطلع لي كذا

مدري وش السبب
بس صارت لي هالمشاكل بعد ماغيرت المستندات من قرص c الى d
عشان المساحه السي صار ممتلئ مررره

مدري وش الحل ياليت تساعدوني :b:

عاشق الصيانة · 17 يوليو 2009

احتمال بعض الملفات منتقلن حاول انت تحدف البرامج من تاني جديد وحمل البرامج من تاني جديد

MMA_LORD_735 · 17 يوليو 2009

و عليكم السلام و رحمة الله ...

>> كان يشتغل معاك الفوتوشوب عادي و بعدين لاء ؟

<< تقرير هايجك ...

البتال · 17 يوليو 2009

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك في موضوع مشكلتك

6flah · 17 يوليو 2009

ايه كان يشتغل كلهم يشتغلون فجاءه صار كذا

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:35:58, on 17/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
D:\Documents and Settings\BURAQ\My Documents\برامج\حمايه\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [Ford mpeg road draw] C:\Documents and Settings\All Users\Application Data\way rdr ford mpeg\BEEP SETUP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [LoudSkip] C:\DOCUME~1\BURAQ\APPLIC~1\MPEGPR~1\denttitleidle.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: إضافة إلى حاجب الدعايات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (ActiveQscan Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 10269 bytes

MMA_LORD_735 · 17 يوليو 2009

<< طبقي التالي ...

mma_lord_735 قال:
مرحباً ...

عذراً على تأخير أخي ...

الله يعطكون العافية ...

أعمل التالي بترتــــيب ...

أولاً أغلق الأنتي فايروس ألي عندك ...

ثم ... حمل هذه الاداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلها ... تظهر لك رسالة أضغط على [ yes ] ...

تظهر رسالة بعدها مباشرة أيضاً أضغط على [ yes ] ...

لح تشتغل الاداة و تسوي فحص ...

<< أثناء الفحص ممكن يسوي الجهاز ريستارد << أعادة تشغيل ...

بعد أعادة التشغيل ... تعود الاداة و تكمل فحص ...

أنتظر ولا تفتح أي برنامج حتى يظهر لك التقرير داخل مفكرة ...

و بهذا يكون أنتهى الفحص و التنظيف ...

أنسخ التقرير بشكل كامل ... و صحيح ...

و لصقه في ردك القادم ...

6flah · 18 يوليو 2009

ComboFix 09-07-14.08 - BURAQ 07/17/2009 5:56.3.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.1014.499 [GMT 3:00]
Running from: c:\documents and settings\BURAQ\My Documents\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\1046a0.msp
c:\windows\Installer\1232320.msp
c:\windows\Installer\135dc18.msp
c:\windows\Installer\13bd932.msi
c:\windows\Installer\1611e7.msp
c:\windows\Installer\1651014.msp
c:\windows\Installer\16d3d77.msp
c:\windows\Installer\1802e9.msp
c:\windows\Installer\1bdbc6.msp
c:\windows\Installer\1d5b5aa.msp
c:\windows\Installer\1e8e63.msp
c:\windows\Installer\1ee5c55.msp
c:\windows\Installer\244528.msp
c:\windows\Installer\28f3a4.msp
c:\windows\Installer\2abac8.msp
c:\windows\Installer\2e2ad13.msp
c:\windows\Installer\2e8fe.msp
c:\windows\Installer\30aa0.msp
c:\windows\Installer\311c4.msp
c:\windows\Installer\3206a.msp
c:\windows\Installer\32740.msp
c:\windows\Installer\336f2c.msp
c:\windows\Installer\34cb32.msp
c:\windows\Installer\3502bd.msp
c:\windows\Installer\35e7c.msp
c:\windows\Installer\37bd8.msp
c:\windows\Installer\384f0.msp
c:\windows\Installer\393013.msp
c:\windows\Installer\3c2fc6.msp
c:\windows\Installer\3c4978.msp
c:\windows\Installer\3e12a.msp
c:\windows\Installer\3e87a1.msp
c:\windows\Installer\458bb.msp
c:\windows\Installer\46490a.msp
c:\windows\Installer\5314fb.msp
c:\windows\Installer\53bd9f.msp
c:\windows\Installer\5429e.msp
c:\windows\Installer\585f2b.msp
c:\windows\Installer\58e0e.msp
c:\windows\Installer\598607.msp
c:\windows\Installer\61ba8.msp
c:\windows\Installer\61e9ac.msp
c:\windows\Installer\641cc8.msp
c:\windows\Installer\649ae.msp
c:\windows\Installer\6919b3.msp
c:\windows\Installer\69f8a9.msp
c:\windows\Installer\6a825b.msp
c:\windows\Installer\7525ce.msp
c:\windows\Installer\7ad9f3.msp
c:\windows\Installer\7e898e.msp
c:\windows\Installer\7ecd0f.msp
c:\windows\Installer\8319c4.msp
c:\windows\Installer\85e9cc.msp
c:\windows\Installer\90e2d2.msp
c:\windows\Installer\9be973.msp
c:\windows\Installer\a10511.msp
c:\windows\Installer\af22f.msp
c:\windows\Installer\b7bb28.msp
c:\windows\Installer\c6bc38.msp
c:\windows\Installer\c6fb83.msp
c:\windows\Installer\d7d6c2.msp
c:\windows\Installer\dcba39.msp
c:\windows\Installer\ead3f7.msp
c:\windows\Installer\f79dd4.msp
c:\windows\system32\kakle.dll
c:\windows\system32\tmp.reg
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2009-06-17 to 2009-07-17 )))))))))))))))))))))))))))))))
.
2009-07-16 21:05 . 2009-07-16 21:05 -------- d-sh--w- C:\FOUND.001
2009-07-13 18:21 . 2009-07-13 18:21 -------- d-sh--w- C:\FOUND.000
2009-07-12 11:01 . 2009-07-12 11:02 322560 ----a-w- c:\documents and settings\BURAQ\Application Data\mpegprogram\ShimDartTray.exe
2009-07-12 11:00 . 2009-07-17 03:04 954368 ----a-w- c:\documents and settings\All Users\Application Data\way rdr ford mpeg\BEEP SETUP.exe
2009-07-12 10:59 . 2009-07-12 11:00 -------- d-----w- c:\program files\mpegprogram
2009-07-12 10:59 . 2009-07-12 10:59 544768 ----a-w- c:\documents and settings\BURAQ\Application Data\mpegprogram\denttitleidle.exe
2009-07-12 10:59 . 2009-07-12 10:59 -------- d-----w- c:\program files\Circl Developement
2009-07-10 11:40 . 2009-07-10 11:40 -------- d-----w- c:\documents and settings\BURAQ\Application Data\Hewlett-Packard
2009-07-10 11:31 . 2004-10-08 01:16 35840 ----a-w- c:\windows\system32\drivers\AFS2K.SYS
2009-07-10 11:28 . 2009-07-10 11:28 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-07-10 11:27 . 2009-07-10 11:27 -------- d-----w- c:\program files\Hewlett-Packard
2009-07-10 11:26 . 2003-04-07 20:21 94208 ----a-r- c:\windows\system32\HPZipt12.dll
2009-07-10 11:26 . 2003-04-07 20:21 57344 ----a-r- c:\windows\system32\HPZisn12.dll
2009-07-10 11:26 . 2003-04-07 20:21 167936 ----a-r- c:\windows\system32\HPZipr12.dll
2009-07-10 11:26 . 2003-04-07 20:21 65795 ----a-r- c:\windows\system32\HPZipm12.exe
2009-07-10 11:26 . 2003-04-07 20:21 61699 ----a-r- c:\windows\system32\HPZinw12.exe
2009-07-10 11:26 . 2003-04-07 20:21 233528 ----a-r- c:\windows\system32\HPZidr12.dll
2009-07-10 11:26 . 2003-04-07 20:21 16080 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-07-10 11:26 . 2003-04-07 20:21 51024 ----a-r- c:\windows\system32\drivers\hpzid412.sys
2009-07-10 11:25 . 2003-04-07 20:21 21456 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-07-10 11:25 . 2008-04-13 08:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-07-10 11:25 . 2008-04-13 08:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2009-07-10 11:24 . 2003-04-07 20:31 237568 ----a-r- c:\windows\system32\HPZc3212.dll
2009-07-10 11:24 . 2003-04-07 20:21 81920 ----a-r- c:\windows\system32\hpovst08.dll
2009-07-10 11:24 . 2003-04-07 20:21 561152 ----a-r- c:\windows\system32\hpotscl.dll
2009-07-10 11:23 . 2009-07-10 11:31 20475 ----a-w- c:\windows\hpoins01.dat
2009-07-10 11:23 . 2003-04-07 20:31 16622 ------w- c:\windows\hpomdl01.dat
2009-07-09 04:58 . 2009-07-09 04:58 -------- d-----w- c:\windows\system32\wbem\Repository
2009-07-09 01:31 . 2009-07-09 01:31 -------- d-sh--w- c:\documents and settings\test 1\PrivacIE
2009-07-09 01:27 . 2009-07-09 01:27 -------- d-sh--w- c:\documents and settings\test 1\IETldCache
2009-07-06 23:41 . 2009-07-06 23:41 -------- d--h--w- c:\windows\system32\WLANProfiles
2009-07-06 23:25 . 2009-07-06 23:25 -------- d-sh--w- c:\documents and settings\BURAQ\IECompatCache
2009-07-06 23:24 . 2009-07-06 23:24 -------- d-sh--w- c:\documents and settings\BURAQ\PrivacIE
2009-07-06 23:22 . 2009-07-06 23:22 -------- d-sh--w- c:\documents and settings\BURAQ\IETldCache
2009-07-06 09:01 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-07-06 09:01 . 2009-07-06 09:01 -------- d-----w- c:\windows\ie8updates
2009-07-06 09:01 . 2009-04-30 21:22 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-06 09:01 . 2009-04-30 21:22 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-06 08:57 . 2009-07-06 08:57 -------- d--h--w- c:\windows\ie8
2009-07-04 21:29 . 2009-07-04 21:29 -------- d-----w- c:\windows\KeyChanger Windows Edition
2009-07-04 21:29 . 2009-07-04 21:29 -------- d-----w- c:\program files\KeyChanger Windows Edition
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-17 03:02 . 2009-01-24 18:15 3976 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-17 03:02 . 2009-01-24 18:15 236576 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-17 03:02 . 2009-01-24 18:15 16416 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-17 03:02 . 2009-01-24 18:15 1136 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-12 11:01 . 2009-03-26 04:14 335872 ----a-w- c:\documents and settings\BURAQ\Application Data\mpegprogram\Ball meet mess mapi.exe
2009-06-16 14:36 . 2004-08-03 18:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2001-08-23 09:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-03 17:09 . 2009-06-03 17:09 -------- d-----w- c:\program files\MunSoft
2009-06-03 16:09 . 2009-06-03 16:09 -------- d-----w- c:\documents and settings\BURAQ\Application Data\CDRoller
2009-05-31 14:15 . 2008-09-15 10:11 20 ----a-w- c:\windows\popcinfo.dat
2009-05-24 01:09 . 2009-05-24 01:09 -------- d-----w- c:\program files\softxpansion
2009-05-24 01:02 . 2009-05-24 01:02 -------- d-----w- c:\documents and settings\BURAQ\Application Data\MakeUpPilot
2009-05-20 20:50 . 2009-01-24 18:15 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-20 20:50 . 2009-01-24 18:15 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-13 05:15 . 2004-08-03 18:56 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-03 18:56 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 17:56 . 2009-01-24 15:55 118688 ----a-w- c:\documents and settings\test 1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-10-28 2606512]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2007-08-17 159744]
"LoudSkip"="c:\docume~1\BURAQ\APPLIC~1\MPEGPR~1\denttitleidle.exe" [2009-07-12 544768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-12-10 1228800]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 974848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-12 206088]
"Ford mpeg road draw"="c:\documents and settings\All Users\Application Data\way rdr ford mpeg\BEEP SETUP.exe" [2009-07-17 954368]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-5-17 568176]
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]
hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Macromedia\\Flash MX\\Flash.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\winks\\mcoinstall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\DRIVERS\br3gmdm.sys --> c:\windows\system32\DRIVERS\br3gmdm.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BD195C73-48CA-FFB7-61FD-038F0AAB384B}]
c:\docume~1\BURAQ\LOCALS~1\Temp\svchost.exe
.
Contents of the 'Scheduled Tasks' folder
2009-07-17 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-07-10 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-07-17 c:\windows\Tasks\User_Feed_Synchronization-{357BA96B-BCE7-4922-B86A-34BC4E020F86}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
2009-07-17 c:\windows\Tasks\A8BBDCD5918C510D.job
- c:\docume~1\buraq\applic~1\mpegpr~1\ShimDartTray.exe [2009-07-12 11:02]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-PopUpStopperFreeEdition - c:\program files\Panicware\Pop-Up Stopper Free Edition\PSFree.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Settings,ProxyOverride = local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: إضافة إلى حاجب الدعايات - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://98.126.41.234:1999/ReadUid.CAB
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-17 06:04
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-583907252-1645522239-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
[HKEY_USERS\S-1-5-21-583907252-1645522239-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*!*!*!* \OpenWithList]
@Class="Shell"
"a"="IDMan.exe"
"MRUList"="a"
[HKEY_USERS\S-1-5-21-583907252-1645522239-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*39H/J ]
@Class="Shell"
[HKEY_USERS\S-1-5-21-583907252-1645522239-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*39H/J \OpenWithList]
@Class="Shell"
"a"="IDMan.exe"
"MRUList"="a"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{16e5c8f7-9bde-4894-be31-def585aa5f85}]
@Denied: (Full) (Everyone)
"Model"=dword:00000024
"Therad"=dword:00000011
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,4a,50,23,fc,aa,de,05,c3,74,ef,08,a7,6b,f7,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5d77788b-a259-4dc0-b271-ea7733fc141c}]
@Denied: (Full) (Everyone)
"Model"=dword:00000145
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):f8,c2,f6,40,1b,f4,47,52,b9,e5,d6,6a,28,47,bb,5c,cb,2e,1f,81,70,
0f,97,cd,ea,da,27,ef,81,06,e1,a1,39,5c,38,ed,a0,b3,45,2b,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ba,20,9e,c3,54,ef,16,12,82,e8,ff,60,0e,ac,2e,6f,ab,0f,b2,49,9f,
86,9e,f6,00,82,d6,7e,85,b9,30,e2,ee,59,29,08,3c,1b,80,96,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(220)
c:\windows\system32\WININET.dll
c:\program files\UberIcon\UberIcon.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\IME\SPGRMR.DLL
c:\program files\Common Files\Microsoft Shared\INK\SKCHUI.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE
c:\program files\INTEL\WIRELESS\BIN\S24EVMON.EXE
c:\program files\INTEL\WIRELESS\BIN\EVTENG.EXE
c:\program files\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\program files\INTEL\WIRELESS\BIN\REGSRVC.EXE
c:\program files\MICROSOFT\SEARCH ENHANCEMENT PACK\SEAPORT\SEAPORT.EXE
c:\windows\SYSTEM32\STACSV.EXE
c:\program files\INTEL\WIRELESS\BIN\WLKEEPER.EXE
c:\windows\system32\WgaTray.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
.
**************************************************************************
.
Completion time: 2009-07-17 6:06 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-17 03:06
Pre-Run: 545,013,760 bytes free
Post-Run: 2,331,394,048 bytes free
309 --- E O F --- 2009-07-17 00:02

6flah · 18 يوليو 2009

لاحظ اللي عليها مربع احمر
عندك كذا؟؟ ولا بس عندي

<<< شاكه

6flah · 20 يوليو 2009

Corporation · 20 يوليو 2009

جهازك مليان اصابات ,,

هايجاك جديد لاهنتي ..

برامج مو راضيه تفتح ؟؟!!

6flah

زيزوومى محترف

توقيع : 6flah

عاشق الصيانة

زيزوومي جديد

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

البتال

عـضـو شـرف

توقيع : البتال

6flah

زيزوومى محترف

توقيع : 6flah

MMA_LORD_735

زيزوومي جديد

توقيع : MMA_LORD_735

6flah

زيزوومى محترف

توقيع : 6flah

6flah

زيزوومى محترف

توقيع : 6flah

6flah

زيزوومى محترف

توقيع : 6flah

Corporation

زيزوومى فضى

توقيع : Corporation

NTLite Business 2025.8.10552 X64