[تم حل المشكلة]( مشكله ) بالآ كسبلور 8 ..؟؟؟؟؟

الحالة
مغلق و غير مفتوح للمزيد من الردود.
ا

ابو خآلد

زيزوومى متألق
إنضم
5 أبريل 2008
المشاركات
353
مستوى التفاعل
1
النقاط
420
الإقامة
السعودية - الرياض
غير متصل
السلام عليكم


كيف الحال وش اخباركم


حبايبي يازيزومييين


عندي مشكله بالاكسبلور 8 اني من افتحه يعلق مره مره ومره ويطووووووووول بعدين يطلع لي قوقل


تعتقدون من وين المشكله وكيف حلها

بالعلم اني حذفت الاكسبلور 8 وطلع عندي الاكسبلور 7 ونص الحاله بالاكسبلور 7 والحين رجعت للاكسبلور 8 ونفس الحاله ماراحت ... اتمنى الحل ...
 

توقيع : ابو خآلد
ترتيب حسب التاريخ ترتيب حسب الأصوات
الله يحييك اخوي
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:02:14 م, on 23/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\xpm09_6047v002\wdm\STacSV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Topos\cFosSpeed\spd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\RORO\Application Data\Thinstall\Adobe Photoshop CS\4000009c00002i\IEXPLORE.EXE
C:\Documents and Settings\RORO\Application Data\Thinstall\Adobe Photoshop CS\4000009c00002i\IEXPLORE.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: Prefetch - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files\ONSPEED\Prefetch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: إرسال إلى &جهاز Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: إرسال إلى Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\xpm09_6047v002\wdm\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 9257 bytes
 
توقيع : ابو خآلد
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
ماتحملت معي الااداه .. بالله عطني رابط ثااااااااااااااااااني
 
توقيع : ابو خآلد
تأييد 0
تفضل بعد اذن اخوي ماكس

عطل برامج الحماية لديك

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
 بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
 انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بردك القادم

 
توقيع : السّاجد لله
تأييد 0
hesham77 قال:
تفضل بعد اذن اخوي ماكس


عطل برامج الحماية لديك


نزل هذه الاداة



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes

بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes


اثناء الفحص ممكن يعاد تشغيل الجهاز


وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه

انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بردك القادم
أنقر للتوسيع...

اخوي هشام الاداه ماتتحمل معي ممكن رابط ثاني ...

غير هذه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : ابو خآلد
تأييد 0
ســـــــــــــــم يالغلا ,,

ComboFix 09-07-24.01 - RORO 07/25/2009 7:02.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2010.1571 [GMT 3:00]
Running from: c:\documents and settings\RORO\سطح المكتب\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\RORO\قائمة ابدأ\البرامج\QUAD Utilities
c:\documents and settings\RORO\قائمة ابدأ\البرامج\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.lnk
c:\documents and settings\RORO\قائمة ابدأ\البرامج\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.lnk
c:\documents and settings\RORO\قائمة ابدأ\البرامج\QUAD Utilities\QUAD Registry Cleaner\Uninstall QUAD Registry Cleaner.lnk
c:\documents and settings\RORO\Application Data\QUAD Backups
c:\documents and settings\RORO\Application Data\QUAD Backups\07.21.2009,01-35-34\Automatic.reg
c:\documents and settings\RORO\Application Data\QUAD Backups\07.22.2009,06-01-18\Automatic.reg
c:\documents and settings\RORO\Application Data\QUAD Backups\07.22.2009,14-15-02\Automatic.reg
c:\program files\QUAD Utilities
c:\program files\QUAD Utilities\QUAD Registry Cleaner\program.log
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner website.url
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Registry Cleaner.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Styles\Vista.cjstyles
c:\program files\QUAD Utilities\QUAD Registry Cleaner\uninst.exe
c:\program files\QUAD Utilities\QUAD Registry Cleaner\Vista Scheduler.dll
.
((((((((((((((((((((((((( Files Created from 2009-06-25 to 2009-07-25 )))))))))))))))))))))))))))))))
.
2009-07-23 18:01 . 2009-07-23 18:01 -------- d-----w- c:\program files\Trend Micro
2009-07-23 06:05 . 2009-07-23 06:05 7168 ----a-w- c:\documents and settings\RORO\Application Data\Thinstall\Adobe Photoshop CS\4000009c00002i\IEXPLORE.EXE
2009-07-23 06:04 . 2009-07-23 06:04 7168 ----a-w- c:\documents and settings\RORO\Application Data\Thinstall\Adobe Photoshop CS\1000000b00002i\rundll32.exe
2009-07-23 06:04 . 2009-07-23 06:04 -------- d-----w- c:\documents and settings\RORO\Application Data\Thinstall
2009-07-23 01:41 . 2009-07-23 01:41 -------- d-sh--w- c:\documents and settings\RORO\IECompatCache
2009-07-23 01:17 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-23 01:14 . 2009-07-23 01:16 -------- dc-h--w- c:\windows\ie8
2009-07-22 23:47 . 2009-07-22 23:50 -------- d-----w- c:\documents and settings\RORO\Local Settings\Application Data\Google
2009-07-22 03:13 . 2006-06-29 10:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-07-22 01:36 . 2009-07-22 01:36 -------- d--h--w- c:\windows\PIF
2009-07-22 01:35 . 2009-07-22 01:39 -------- d-----w- c:\documents and settings\RORO\Application Data\SlipStream
2009-07-22 01:33 . 2009-07-22 01:33 -------- d-----w- c:\program files\onspeed_toolbar
2009-07-22 01:33 . 2009-07-22 01:33 -------- d-----w- c:\documents and settings\RORO\Application Data\ONSPEED_TOOLBAR
2009-07-22 01:33 . 2009-07-22 01:33 -------- d-----w- c:\program files\ONSPEED
2009-07-22 01:33 . 2008-07-24 01:53 114688 ----a-w- c:\windows\sliprt.dll
2009-07-21 01:59 . 2009-07-21 01:59 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-07-21 00:05 . 2009-07-21 00:05 -------- d-----w- c:\windows\Sun
2009-07-20 23:51 . 2009-07-20 23:51 -------- d-sh--w- c:\documents and settings\RORO\PrivacIE
2009-07-20 23:46 . 2009-07-20 23:46 -------- d-sh--w- c:\documents and settings\RORO\IETldCache
2009-07-20 23:43 . 2009-07-20 23:43 -------- d-----w- c:\documents and settings\RORO\Application Data\Media Player Classic
2009-07-20 23:42 . 2009-07-22 11:10 -------- d-----w- c:\windows\ie8updates
2009-07-20 23:42 . 2009-04-30 21:13 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-20 23:42 . 2009-04-30 21:13 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-20 23:42 . 2009-04-30 21:13 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-20 23:42 . 2009-04-30 21:13 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-20 23:22 . 2009-07-20 23:22 176656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\x64\scrchpg.dll
2009-07-20 23:21 . 2009-07-20 23:21 215824 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\w2000\klif.sys
2009-07-20 23:19 . 2008-06-14 17:31 271616 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-07-20 23:19 . 2008-06-14 17:31 271616 ------w- c:\windows\system32\drivers\bthport.sys
2009-07-20 23:18 . 2009-07-20 23:18 22792 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\vkbd64.dll
2009-07-20 23:18 . 2009-07-20 23:18 176656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\scrchpg.dll
2009-07-20 23:18 . 2009-07-20 23:18 60168 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\x64\ievkbd.dll
2009-07-20 23:18 . 2009-07-20 23:18 21256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-07-20 23:17 . 2009-07-20 23:18 861448 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-07-20 23:16 . 2009-07-20 23:16 83208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-07-20 23:15 . 2009-07-20 23:15 62728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-07-20 23:15 . 2009-07-20 23:15 43784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-07-20 23:15 . 2009-07-20 23:15 365832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-07-20 23:15 . 2009-07-20 23:15 201992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-07-20 23:14 . 2008-10-16 11:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-07-20 23:14 . 2009-07-21 14:56 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-07-20 23:13 . 2009-07-20 23:13 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-07-20 23:13 . 2009-07-20 23:13 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-07-20 22:55 . 2009-07-20 23:23 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-07-20 22:55 . 2009-07-20 23:23 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-07-20 22:54 . 2009-07-20 22:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-20 22:54 . 2009-07-25 04:05 303136 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-20 22:54 . 2009-07-25 04:05 1250848 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-20 22:54 . 2009-07-20 22:54 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-20 22:54 . 2009-07-25 03:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-07-20 22:52 . 2009-07-20 22:52 -------- d-----w- c:\documents and settings\RORO\Application Data\Creative
2009-07-20 22:39 . 2009-07-25 03:58 -------- d-----w- c:\documents and settings\RORO\Application Data\TeraCopy
2009-07-20 22:34 . 2009-07-20 22:35 -------- d-----w- c:\documents and settings\RORO\Application Data\translateclient
2009-07-20 22:10 . 2009-07-20 22:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-20 22:06 . 2009-07-20 22:06 -------- d-----w- c:\windows\system32\3Planesoft
2009-07-20 22:06 . 2009-07-20 22:06 -------- d-----w- c:\program files\3Planesoft Screensaver Manager
2009-07-20 22:06 . 2007-02-26 22:59 409600 ----a-w- c:\windows\system32\3Planesoft_Screensaver_Manager.scr
2009-07-20 22:06 . 2009-07-20 22:06 -------- d-----w- c:\program files\Koi Fish 3D Screensaver
2009-07-20 22:06 . 2007-02-27 03:28 9907200 ----a-w- c:\windows\system32\Koi Fish 3D Screensaver.exe
2009-07-20 22:06 . 2007-02-26 23:00 769536 ----a-w- c:\windows\system32\Koi_Fish_3D_Screensaver.scr
2009-07-20 22:05 . 2009-07-20 22:05 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-07-20 22:05 . 2009-07-20 22:05 -------- d-----w- c:\windows\OPTIONS
2009-07-20 22:05 . 2008-06-27 06:39 332928 ----a-w- c:\windows\system32\drivers\rtl8187.sys
2009-07-20 22:05 . 2008-06-27 06:39 332928 ----a-w- c:\windows\system\rtl8187.sys
2009-07-20 22:05 . 2007-10-09 10:13 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys
2009-07-20 22:05 . 2009-07-20 22:05 -------- d-----w- c:\windows\system32\REALTEK RTL8187 Wireless LAN Driver and Utility
2009-07-20 22:05 . 2009-07-20 22:05 -------- d-----w- c:\program files\TeraCopy
2009-07-20 22:05 . 2009-07-20 22:05 -------- d-----w- c:\program files\Gabest
2009-07-20 22:04 . 2008-03-21 14:01 248816798 ----a-w- c:\program files\Adobe Photoshop CS.exe
2009-07-20 22:03 . 2009-07-20 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-07-20 22:03 . 2009-07-20 22:03 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-07-20 22:03 . 2009-07-20 22:03 -------- d-----w- c:\program files\Common Files\Intel
2009-07-20 22:01 . 2009-07-20 22:01 -------- d-----w- c:\program files\WinASO
2009-07-20 22:01 . 2009-07-20 22:01 -------- d-----w- c:\program files\Translate Client
2009-07-20 22:00 . 2009-07-20 22:00 -------- d-----w- c:\program files\FreeTime
2009-07-20 21:58 . 2009-07-20 21:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-20 21:57 . 2009-07-20 21:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-20 21:56 . 2009-07-20 21:56 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-20 21:47 . 2009-07-25 01:30 -------- d-----w- c:\documents and settings\RORO\Tracing
2009-07-20 21:40 . 2009-07-20 21:40 -------- d-----w- c:\program files\Microsoft
2009-07-20 21:40 . 2009-07-20 21:40 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-20 21:40 . 2009-07-20 21:40 -------- d-----w- c:\program files\Windows Live
2009-07-20 21:28 . 2009-07-20 21:28 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-20 21:26 . 2009-07-20 21:26 -------- d-----w- c:\documents and settings\RORO\Application Data\ZipGenius
2009-07-20 21:26 . 2009-07-20 21:26 -------- d-----w- c:\program files\ZipGenius 6
2009-07-20 18:27 . 2009-07-20 18:27 198064 ----a-w- c:\documents and settings\RORO\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-07-20 18:27 . 2009-07-25 03:59 -------- d-----w- c:\documents and settings\RORO\Application Data\DMCache
2009-07-20 18:27 . 2009-07-24 19:54 -------- d-----w- c:\documents and settings\RORO\Application Data\IDM
2009-07-20 18:26 . 2009-07-20 18:26 -------- d-----w- c:\program files\Internet Download Manager
2009-07-20 18:26 . 2008-09-28 19:00 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2009-07-20 18:25 . 2009-07-20 18:25 -------- d-----w- c:\program files\Topos
2009-07-20 18:25 . 2009-02-11 09:33 787672 ----a-w- c:\windows\system32\drivers\cfosspeed.sys
2009-07-20 18:25 . 2009-02-11 09:33 290008 ----a-w- c:\windows\system32\cfosspeed.dll
2009-07-20 18:08 . 2009-07-20 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-07-20 18:07 . 2009-07-20 18:07 -------- d-----w- C:\Temp
2009-07-20 17:57 . 2009-07-20 17:57 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-20 17:56 . 2009-07-20 17:56 152576 ----a-w- c:\documents and settings\RORO\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-20 17:55 . 2009-07-20 17:55 -------- d-----w- c:\windows\CtDrvInstall
2009-07-20 17:54 . 2008-04-14 01:00 24576 ----a-r- c:\windows\system32\OA002Aor.dll
2009-07-20 17:54 . 2009-07-20 17:54 75 --sh--r- c:\windows\CT4CET.bin
2009-07-20 17:54 . 2009-07-20 17:54 -------- d-----w- c:\program files\Creative
2009-07-20 17:54 . 2009-07-20 17:54 -------- d-----w- c:\program files\Common Files\Reallusion
2009-07-20 17:53 . 2009-07-20 17:54 -------- d-----w- c:\program files\Dell Webcam
2009-07-20 17:53 . 2009-07-20 17:53 -------- d-----w- c:\program files\Creative Live! Cam
2009-07-20 17:49 . 2008-04-15 12:00 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-20 17:45 . 2009-07-20 17:45 -------- d-----w- c:\program files\ATI Technologies
2009-07-20 17:42 . 2009-07-20 17:42 -------- d-----w- C:\Intel
2009-07-20 17:42 . 2009-07-20 22:03 -------- d-----w- c:\program files\Intel
2009-07-20 17:41 . 2009-07-20 17:57 -------- d-----w- c:\program files\Java
2009-07-20 17:41 . 2009-07-20 17:41 -------- d-----w- c:\program files\Common Files\Java
2009-07-20 17:40 . 2009-07-20 17:40 -------- d-----w- c:\program files\Marvell
2009-07-20 17:40 . 2009-07-20 17:40 -------- d-----w- c:\documents and settings\RORO\Application Data\TMP
2009-07-20 17:39 . 2008-11-26 08:39 835584 ----a-w- c:\windows\system32\BCMLogon.dll
2009-07-20 17:39 . 2008-11-26 08:39 416 ----a-w- c:\windows\system32\vcredist_x86.bat
2009-07-20 17:39 . 2008-11-26 08:39 33664 ----a-w- c:\windows\system32\drivers\BCMWLNPF.SYS
2009-07-20 17:39 . 2008-11-26 08:39 65536 ----a-w- c:\windows\system32\wltrynt.dll
2009-07-20 17:39 . 2008-11-26 08:39 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe
2009-07-20 17:39 . 2008-11-26 08:39 143360 ----a-w- c:\windows\system32\preflib.dll
2009-07-20 17:39 . 2008-11-26 08:39 69632 ----a-w- c:\windows\system32\bcmwlpkt.dll
2009-07-20 17:39 . 2008-11-26 08:39 311296 ----a-w- c:\windows\system32\bcmwlu00.exe
2009-07-20 17:38 . 2008-11-26 08:39 2670592 ----a-w- c:\windows\system32\WLBCGCBPRO731.DLL
2009-07-20 17:38 . 2008-11-26 08:39 24576 ----a-w- c:\windows\system32\WLTRYSVC.EXE
2009-07-20 17:38 . 2008-11-26 08:39 2289664 ----a-w- c:\windows\system32\WLTRAY.EXE
2009-07-20 17:38 . 2008-11-26 08:39 1391104 ----a-w- c:\windows\system32\drivers\BCMWL5.SYS
2009-07-20 17:38 . 2008-11-26 08:39 2039808 ----a-w- c:\windows\system32\BCMWLTRY.EXE
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-30 05:05 . 2009-07-20 22:09 102264 ----a-w- c:\windows\Fonts\SC_SHMOOKH01.ttf
2009-07-25 04:05 . 2009-07-20 22:54 3164 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-25 04:05 . 2009-07-20 22:54 12948 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-25 01:05 . 2008-04-15 12:00 71384 ----a-w- c:\windows\system32\perfc001.dat
2009-07-25 01:05 . 2008-04-15 12:00 375946 ----a-w- c:\windows\system32\perfh001.dat
2009-07-22 00:55 . 2008-04-15 12:00 218624 ----a-w- c:\windows\system32\uxtheme.dll
2009-07-20 23:24 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-20 23:22 . 2009-07-20 23:22 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-07-20 22:34 . 2009-07-20 10:27 72184 ----a-w- c:\documents and settings\RORO\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-20 22:05 . 2009-07-20 17:22 -------- d-----w- c:\program files\Realtek
2009-07-20 21:58 . 2009-07-20 21:58 -------- d-----w- c:\program files\Common Files\Real
2009-07-20 21:58 . 2009-07-20 21:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-20 21:58 . 2009-07-20 21:57 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-20 21:58 . 2009-07-20 21:58 -------- d-----w- c:\program files\Real
2009-07-20 18:26 . 2009-07-20 18:26 6116 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-07-20 17:28 . 2009-07-20 17:28 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2009-07-20 17:28 . 2009-07-20 17:28 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-07-20 05:37 . 2009-07-20 05:37 -------- d-----w- c:\program files\microsoft frontpage
2009-07-20 05:34 . 2009-07-20 05:34 83160 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-07-20 05:34 . 2009-07-20 05:34 -------- d-----w- c:\program files\MSBuild
2009-07-20 05:34 . 2009-07-20 05:34 -------- d-----w- c:\program files\Reference Assemblies
2009-07-20 05:30 . 2009-07-20 05:30 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-20 05:28 . 2009-07-20 05:28 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-20 05:27 . 2009-07-20 05:27 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-16 14:36 . 2008-04-15 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2008-04-15 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:11 . 2009-05-01 09:06 1289216 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 16:11 . 2009-07-20 21:57 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2009-07-20 21:57 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-07-20 21:57 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-13 05:02 . 2009-05-01 09:11 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2008-04-15 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-01 21:02 . 2009-07-20 21:57 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-07-20 21:57 685056 ----a-w- c:\windows\system32\divx.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmvdmoe2.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmvdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 1329152 ----a-w- c:\windows\system32\wmspdmoe.dll
2009-05-01 10:20 . 2009-05-01 10:20 603648 ----a-w- c:\windows\system32\wmspdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 99840 ----a-w- c:\windows\system32\wmpshell.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmsdmoe2.dll
2009-05-01 10:20 . 2009-05-01 10:20 4096 ----a-w- c:\windows\system32\wmsdmod.dll
2009-05-01 10:20 . 2009-05-01 10:20 8237056 ----a-w- c:\windows\system32\wmploc.dll
2009-05-01 10:19 . 2009-05-01 10:19 314880 ----a-w- c:\windows\system32\wmpdxm.dll
2009-05-01 10:19 . 2009-05-01 10:19 242688 ----a-w- c:\windows\system32\wmpasf.dll
2009-05-01 10:17 . 2009-05-01 10:17 208896 ----a-w- c:\windows\system32\wmerror.dll
2009-05-01 10:17 . 2009-05-01 10:17 157184 ----a-w- c:\windows\system32\wmidx.dll
2009-05-01 10:17 . 2009-05-01 10:17 37376 ----a-w- c:\windows\system32\wmdmps.dll
2009-05-01 10:17 . 2009-05-01 10:17 33792 ----a-w- c:\windows\system32\wmdmlog.dll
2009-05-01 10:17 . 2009-05-01 10:17 222720 ----a-w- c:\windows\system32\wmasf.dll
2009-05-01 10:17 . 2009-05-01 10:17 1117696 ----a-w- c:\windows\system32\wmadmoe.dll
2009-05-01 10:17 . 2009-05-01 10:17 757248 ----a-w- c:\windows\system32\wmadmod.dll
2009-05-01 10:15 . 2009-05-01 10:15 63488 ----a-w- c:\windows\system32\wpdmtpus.dll
2009-05-01 10:14 . 2009-05-01 10:14 1661440 ----a-w- c:\windows\system32\WMPEncEn.dll
2009-05-01 09:53 . 2009-05-01 09:53 1571328 ----a-w- c:\windows\system32\sfcfiles.dll
2009-05-01 09:43 . 2001-09-18 11:06 77891 ----a-w- c:\windows\system32\usrmlnka.exe
2009-05-01 09:15 . 2009-05-01 09:15 124928 ----a-w- c:\windows\system32\drivers\ulsata2.sys
2009-05-01 09:14 . 2009-05-01 09:14 988160 ----a-w- c:\windows\system32\syssetup.dll
2009-05-01 09:06 . 2009-05-01 09:06 354304 ----a-w- c:\windows\system32\winhttp.dll
2009-05-01 09:06 . 2009-05-01 09:06 56832 ----a-w- c:\windows\system32\secur32.dll
2009-05-01 09:06 . 2009-07-20 05:26 227840 ----a-w- c:\windows\system32\wbem\wmiprvse.exe
2009-05-01 09:06 . 2009-07-20 05:26 453120 ----a-w- c:\windows\system32\wbem\wmiprvsd.dll
2009-05-01 09:06 . 2009-05-01 09:06 401408 ----a-w- c:\windows\system32\rpcss.dll
2009-05-01 09:06 . 2009-05-01 09:06 35328 ----a-w- c:\windows\system32\sc.exe
2009-05-01 09:06 . 2009-05-01 09:06 110592 ----a-w- c:\windows\system32\services.exe
2009-05-01 09:06 . 2009-05-01 09:06 283136 ----a-w- c:\windows\system32\pdh.dll
2009-05-01 09:05 . 2009-05-01 09:05 2146816 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-05-01 09:05 . 2009-05-01 09:05 723456 ----a-w- c:\windows\system32\lsasrv.dll
2009-05-01 09:05 . 2009-07-20 05:26 473600 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-05-01 09:05 . 2009-05-01 09:05 681472 ----a-w- c:\windows\system32\advapi32.dll
2009-05-01 09:02 . 2009-07-20 05:26 91648 ----a-w- c:\windows\system32\mtxoci.dll
2009-05-01 09:02 . 2009-07-20 05:26 161792 ----a-w- c:\windows\system32\msdtcuiu.dll
2009-05-01 09:02 . 2009-05-01 09:02 66560 ----a-w- c:\windows\system32\mtxclu.dll
2009-05-01 09:02 . 2009-07-20 05:26 956928 ----a-w- c:\windows\system32\msdtctm.dll
2009-05-01 09:02 . 2009-07-20 05:26 428032 ----a-w- c:\windows\system32\msdtcprx.dll
2009-05-01 09:02 . 2009-07-20 05:26 58880 ----a-w- c:\windows\system32\msdtclog.dll
2009-04-29 04:42 . 2009-04-29 04:42 78336 ------w- c:\windows\system32\ieencode.dll
.
------- Sigcheck -------
[-] 2009-05-01 09:53 1571328 CA1867A515E40A015BA6D9ADD83FB823 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]
"Google Update"="c:\documents and settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-22 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2009-01-09 1712128]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2008-07-11 466944]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-21 442460]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-08-01 200704]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-26 2289664]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-20 148888]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-16 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-16 150040]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-20 198160]
"SlipStream"="c:\program files\ONSPEED\onspeedcore.exe" [2008-07-24 344064]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Translate Client.lnk]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [01/05/2009 12:15 م 124928]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [21/07/2009 01:05 ص 38144]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [20/07/2009 08:20 م 108160]
R3 OA009Afx;Provides a software interface to control audio effects of OA009 camera.;c:\windows\system32\drivers\OA009Afx.sys [20/07/2009 08:28 م 148056]
R3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\drivers\OA009Ufd.sys [20/07/2009 08:28 م 144544]
R3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\drivers\OA009Vid.sys [20/07/2009 08:28 م 268992]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [20/07/2009 08:22 م 157696]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys [21/07/2009 01:05 ص 332928]
S3 Rts516xIR;Realtek IR Driver; [x]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-117609710-1801674531-1004Core.job
- c:\documents and settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-22 23:47]
2009-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-117609710-1801674531-1004UA.job
- c:\documents and settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-22 23:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Connection Wizard,ShellNext = hxxp://www.zyzoom.org/vb/index.php
IE: إرسال إلى &جهاز Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: إرسال إلى Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\progra~1\ONSPEED\sliplsp.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-25 07:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(992)
c:\windows\System32\BCMLogon.dll
- - - - - - - > 'explorer.exe'(2924)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\program files\IDT\XPM09_6047v002\WDM\stacsv.exe
c:\program files\Topos\cFosSpeed\spd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\rundll32.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\hidfind.exe
c:\program files\DellTPad\ApntEx.exe
c:\windows\system32\igfxsrvc.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Completion time: 2009-07-25 7:09 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-25 04:09
Pre-Run: 239,927,971,840 bytes free
Post-Run: 239,848,976,384 bytes free
358
 
توقيع : ابو خآلد
تأييد 0
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبعد انتهاء الفحص اعمل التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
 
تأييد 0
Malwarebytes' Anti-Malware 1.29
Database version: 1276
Windows 5.1.2600 Service Pack 3
26/07/2009 01:24:07 ص
mbam-log-2009-07-26 (01-24-07).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 70194
Time elapsed: 13 minute(s), 20 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
 
توقيع : ابو خآلد
تأييد 0
تمام
اعمل تقرير هايجاك جديد
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:16:51 ص, on 26/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\xpm09_6047v002\wdm\STacSV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Topos\cFosSpeed\spd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: Prefetch - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files\ONSPEED\Prefetch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: إرسال إلى &جهاز Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: إرسال إلى Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\xpm09_6047v002\wdm\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 8379 bytes
 
توقيع : ابو خآلد
تأييد 0
اتمنى احصل حل لانه الويندوز جديد مسوي فورمات ماصارلي اسبووووووووووع:er:
 
توقيع : ابو خآلد
تأييد 0

عمل فحص سريع للـ Bitdefender
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثم قم بضغط التقارير مع بعضها [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
وقم برفعها على مركز رفع [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
 
توقيع : البارون
تأييد 0
البارون قال:

عمل فحص سريع للـ Bitdefender
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثم قم بضغط التقارير مع بعضها [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
وقم برفعها على مركز رفع [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
أنقر للتوسيع...

BitDefender QuickScan Beta v0.9.5.2
-----------------------------------

Scan date: Sun Jul 26 13:46:18 2009
Machine ID: 94DB0FD2



No infection found.
--------------------


Processes
---------
<unsigned> Dell Webcam Central Application 2324 C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
<unsigned> QuickSet 1652 C:\Program Files\Dell\QuickSet\quickset.exe
<unsigned> Internet Download Manager (IDM) 232 C:\Program Files\Internet Download Manager\IDMan.exe
<unsigned> Accelerator Core Services 2712 C:\Program Files\ONSPEED\onspeedcore.exe
<unsigned> Dell Wireless WLAN Card Wireless Network Controlle 1928 C:\WINDOWS\System32\bcmwltry.exe
<unsigned> Dell Wireless WLAN Card Wireless Network Tray Appl 748 C:\WINDOWS\system32\WLTRAY.exe
<unsigned> WLTRYSVC.EXE 1908 C:\WINDOWS\System32\WLTRYSVC.EXE

<verified> RealNetworks Scheduler 2504 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
<verified> ApMsgFwd 1484 C:\Program Files\DellTPad\ApMsgFwd.exe
<verified> Alps Pointing-device Driver for Windows NT/2000/XP 968 C:\Program Files\DellTPad\Apntex.exe
<verified> Alps Pointing-device Driver 520 C:\Program Files\DellTPad\Apoint.exe
<verified> Alps Pointing-device Driver 956 C:\Program Files\DellTPad\HidFind.exe
<verified> IDT PC Audio 348 C:\Program Files\IDT\WDM\sttray.exe
<verified> IDT PC Audio 192 C:\program files\idt\xpm09_6047v002\wdm\STacSV.exe
<verified> Internet Download Manager agent for click monitori 3276 C:\Program Files\Internet Download Manager\IEMonitor.exe
<verified> Internet Explorer 2616 C:\Program Files\internet explorer\iexplore.exe
<verified> Internet Explorer 3308 C:\Program Files\internet explorer\iexplore.exe
<verified> Internet Explorer 4040 C:\Program Files\internet explorer\iexplore.exe
<verified> Java(TM) Quick Starter Service 876 C:\Program Files\Java\jre6\bin\jqs.exe
<verified> cFosSpeed Window 2420 C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
<verified> cFosSpeed Service 804 C:\Program Files\Topos\cFosSpeed\spd.exe
<verified> Bluetooth Support Server 940 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
<verified> Bluetooth Stack COM Server 3676 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
<verified> Bluetooth Tray Application 3296 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
<verified> Windows Live Communications Platform 832 C:\Program Files\Windows Live\Contacts\wlcomm.exe
<verified> Windows Live Messenger 3848 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<verified> Windows Explorer 796 C:\WINDOWS\Explorer.EXE
<verified> AEFltrs MFC Application 228 C:\WINDOWS\system32\AESTFltr.exe
<verified> Application Layer Gateway Service 2624 C:\WINDOWS\System32\alg.exe
<verified> Client Server Runtime Process 964 C:\WINDOWS\system32\csrss.exe
<verified> CTF Loader 3048 C:\WINDOWS\system32\ctfmon.exe
<verified> hkcmd Module 1648 C:\WINDOWS\system32\hkcmd.exe
<verified> persistence Module 2072 C:\WINDOWS\system32\igfxpers.exe
<verified> igfxsrvc Module 2080 C:\WINDOWS\system32\igfxsrvc.exe
<verified> LSA Shell (Export Version) 1044 C:\WINDOWS\system32\lsass.exe
<verified> Run a DLL as an App 1496 C:\WINDOWS\system32\RUNDLL32.EXE
<verified> ‎‎Services and Controller app 1032 C:\WINDOWS\system32\services.exe
<verified> Windows NT Session Manager 904 C:\WINDOWS\System32\smss.exe
<verified> Spooler SubSystem App 1984 C:\WINDOWS\system32\spoolsv.exe
<verified> Generic Host Process for Win32 Services 676 C:\WINDOWS\system32\svchost.exe
<verified> Generic Host Process for Win32 Services 1564 C:\WINDOWS\system32\svchost.exe
<verified> Generic Host Process for Win32 Services 1464 C:\WINDOWS\system32\svchost.exe
<verified> Generic Host Process for Win32 Services 1348 C:\WINDOWS\System32\svchost.exe
<verified> Generic Host Process for Win32 Services 1296 C:\WINDOWS\system32\svchost.exe
<verified> Generic Host Process for Win32 Services 1208 C:\WINDOWS\system32\svchost.exe
<verified> WMI 2244 C:\WINDOWS\system32\wbem\wmiprvse.exe
<verified> Windows NT Logon Application 988 C:\WINDOWS\system32\winlogon.exe


Network activity
----------------
Process iexplore.exe (3308) connected on port 80 (HTTP) - s7.addthis.com
Process iexplore.exe (3308) connected on port 80 (HTTP) - mu-in-f139.google.com
Process iexplore.exe (3308) connected on port 80 (HTTP) - s7.addthis.com
Process msnmsgr.exe (3848) connected on port 1863 (MSN) - by2msg3010814.phx.gbl

Process svchost.exe (1296) listens on ports: 135 (RPC)


Autoruns and critical files
---------------------------
<unsigned> Dell Webcam Central Application C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
<unsigned> QuickSet C:\Program Files\Dell\QuickSet\quickset.exe
<unsigned> Accelerator Core Services C:\Program Files\ONSPEED\onspeedcore.exe
<unsigned> Accelerator Winsock2 Layered Service Provider C:\Program Files\ONSPEED\sliplsp.dll
<unsigned> Dell Wireless WLAN Card Wireless Network Tray Appl C:\WINDOWS\system32\WLTRAY.exe

<verified> مثبِّت Google C:\Documents and Settings\RORO\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
<verified> RealNetworks Scheduler C:\Program Files\Common Files\Real\Update_OB\realsched.exe
<verified> Alps Pointing-device Driver C:\Program Files\DellTPad\Apoint.exe
<verified> IDT PC Audio C:\Program Files\IDT\WDM\sttray.exe
<verified> Java(TM) Platform SE binary C:\Program Files\Java\jre6\bin\jusched.exe
<verified> cFosSpeed Window C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
<verified> AEFltrs MFC Application C:\WINDOWS\system32\AESTFltr.exe
<verified> Crypto API32 C:\WINDOWS\system32\crypt32.dll
<verified> Crypto Network Related API C:\WINDOWS\system32\cryptnet.dll
<verified> Offline Network Agent C:\WINDOWS\system32\cscdll.dll
<verified> CTF Loader C:\WINDOWS\system32\ctfmon.exe
<verified> DIMS Notification Handler C:\WINDOWS\system32\dimsntfy.dll
<verified> hkcmd Module C:\WINDOWS\system32\hkcmd.exe
<verified> Internet Download Manager LSP dll C:\WINDOWS\system32\idmmbc.dll
<verified> igfxdev Module C:\WINDOWS\system32\igfxdev.dll
<verified> persistence Module C:\WINDOWS\system32\igfxpers.exe
<verified> igfxTray Module C:\WINDOWS\system32\igfxtray.exe
<verified> Logon Visualizer C:\WINDOWS\system32\klogon.dll
<verified> ‎‎Windows Logon UI C:\WINDOWS\system32\logonui.exe
<verified> Microsoft Windows Sockets 2.0 Service Provider C:\WINDOWS\system32\mswsock.dll
<verified> Microsoft Windows Rsvp 1.0 Service Provider C:\WINDOWS\system32\rsvpsp.dll
<verified> Secondary Logon Service Notification DLL C:\WINDOWS\system32\sclgntfy.dll
<verified> إشعارات مزايا برامج Windows الأصلية C:\WINDOWS\system32\WgaLogon.dll
<verified> LDAP RnR Provider DLL C:\WINDOWS\system32\winrnr.dll
<verified> Common DLL to receive Winlogon notifications C:\WINDOWS\system32\wlnotify.dll


Browser plugins
---------------
<unsigned> Java(TM) Quick Starter binary C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
<unsigned> Imaging Component C:\Program Files\ONSPEED\components\NOWImaging.dll
<unsigned> Prefetch Dynamic Link Library c:\program files\onspeed\prefetch.dll
<unsigned> ONSPEED Toolbar c:\program files\onspeed_toolbar\onspeed_toolbar.dll
<unsigned> RealJukebox Netscape Plugin C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
<unsigned> 6.0.12.69 C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

<verified> WindowsLiveLogin.dll C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
<verified> IDM BHO Module C:\Program Files\Internet Download Manager\IDMIECC.dll
<verified> Java(TM) Platform SE binary C:\Program Files\Java\jre6\bin\jp2ssv.dll
<verified> IE Virtual Keyboard C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
<verified> Windows Messenger C:\Program Files\Messenger\msmsgs.exe
<verified> RealPlayer(tm) LiveConnect-Enabled Plug-In C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
<verified> BitDefender QuickScan Client ActiveX C:\WINDOWS\Downloaded Program Files\ActiveQscan.ocx
<verified> Adobe® Flash® Player ActiveX Installer C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
<verified> Windows Presentation Foundation (WPF) plug-in for c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
<verified> Network Diagnostic for Windows XP C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
<verified> Internet Explorer C:\WINDOWS\system32\ieframe.dll
<verified> NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll


Scan
----
The following file(s) must be uploaded for server-side scanning:
C:\WINDOWS\system32\winhttp.dll
C:\WINDOWS\system32\ntdll.dll
C:\WINDOWS\system32\jsproxy.dll
C:\WINDOWS\system32\rpcss.dll
C:\WINDOWS\system32\wbem\fastprox.dll
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\mtxclu.dll
C:\WINDOWS\system32\lsasrv.dll
C:\WINDOWS\system32\pdh.dll
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ar\ShFusRes.dll
C:\WINDOWS\system32\advapi32.dll
C:\WINDOWS\system32\DRIVERS\cfosspeed.sys
C:\WINDOWS\system32\wbem\wmiprvsd.dll

Upload started - 13 file(s)
Upload: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe - 208616 bytes, hash: 24419db0ad42b68caffa6bf903be364a
Upload: C:\WINDOWS\system32\jsproxy.dll - 25600 bytes, hash: 0872f49ea1912ee6f283ee3814c51025
Upload: C:\WINDOWS\system32\mtxclu.dll - 66560 bytes, hash: 2ff721f4d918f7caa868f1f055501c78
Upload: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ar\ShFusRes.dll - 95232 bytes, hash: c5db51beb239f1bef4856872db4cc00b
Upload: C:\WINDOWS\system32\pdh.dll - 283136 bytes, hash: 7b8a46004d2b198e87064b61fb47d0b1
Upload: C:\WINDOWS\system32\winhttp.dll - 354304 bytes, hash: 0c876c6080ad82c2835aa6a89cd3ab2e
Upload: C:\WINDOWS\system32\rpcss.dll - (recommended) 401408 bytes, hash: 1d07888e58486533d87582985d047186
Upload: C:\WINDOWS\system32\wbem\wmiprvsd.dll - 453120 bytes, hash: b5b5ddf4529ae0569f38a425da2a3df3
Upload: C:\WINDOWS\system32\wbem\fastprox.dll - (recommended) 473600 bytes, hash: 2a10b7fe00fcf8ddf9b83232b38446bb
Upload: C:\WINDOWS\system32\advapi32.dll - (recommended) 681472 bytes, hash: 8e7b90b422257c12037fa8ad3a9bcf71
Upload: C:\WINDOWS\system32\ntdll.dll - (recommended) 694272 bytes, hash: ed78396fdf760dfb865acc38376bb39d
Upload: C:\WINDOWS\system32\lsasrv.dll - 723456 bytes, hash: 9001aaf385b1f4ae0db301b4a9b44d94
Upload: C:\WINDOWS\system32\DRIVERS\cfosspeed.sys - (recommended) 787672 bytes, hash: 6878a031630562443f67124aa6ed443f
Upload speed - 14 KB/s
Upload finished - 13 uploaded, 0 failed

The uploaded file(s) were found clean.
 
توقيع : ابو خآلد
تأييد 0
واخيرا تم حل المشكله


مع انه خبراء زيزوم كلهم ماعرفو لهاااااااااغريبه غريبه غريبه

المشكله حليتها بنفسي صدفه والله دخلت الانترنت اكسبلور ورحت خيارات متخدمه وسويت اعاده الظبط التعيين .. واختفت المشكله الي كنت اعاني منهااااااااا الحمد الله


وانا صارلي اسبوع كل شوي اسوي تقرير بكل برنامج ..
 
توقيع : ابو خآلد
تأييد 0
الله يوفقك اخوي
بس على فكرة كان عندك اصابات وتم حذفها :wink:
موفق
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى