الحالة
مغلق و غير مفتوح للمزيد من الردود.

الخاطر المجروح

زيزوومي جديد
إنضم
23 فبراير 2008
المشاركات
44
مستوى التفاعل
4
النقاط
40
غير متصل
عندي مشكله تطلع لي رساله اذا شغلت متصفح الانترنت Internet Explorer 8

علماً انها كانت تطلع لي هاذي المشكله قبل عند فتح الشات الصوتي فارجو حل هاذي المشكله وجزاكم الله الف خير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وهاذا تقرير عن جهازي

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:48:54 AM, on 8/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Topos\cFosSpeed\spd.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Simple DNS Plus\sdnsmain.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\QSound\QMAX II\CPL.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Documents and Settings\hi PC-TECH\Desktop\Desktop\USB Safely Remove Portable\Appdata\USBSafelyRemove.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\LowTek CopyFaster\copyfast.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\MyFreeWeather\myweather.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Documents and Settings\hi PC-TECH\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\Integrator.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Avant Browser\avant.exe
C:\Documents and Settings\hi PC-TECH\Desktop\WoOoW\HiJackThis.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: zyzoom Toolbar - {3aaa6ede-0f45-43da-8b81-608a1d8108a2} - C:\Program Files\zyzoom\tbzyz0.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ??C?I ?CE? Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: zyzoom Toolbar - {3aaa6ede-0f45-43da-8b81-608a1d8108a2} - C:\Program Files\zyzoom\tbzyz0.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: ??C?I E???? C?II?? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: zyzoom Toolbar - {3aaa6ede-0f45-43da-8b81-608a1d8108a2} - C:\Program Files\zyzoom\tbzyz0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [QMAXII] C:\Program Files\QSound\QMAX II\CPL.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [cFosSpeed] C:\Program Files\Topos\cFosSpeed\cFosSpeed.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Army browse cdrom vga] C:\Documents and Settings\All Users\Application Data\Mfcd upload army browse\2 Great.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Documents and Settings\hi PC-TECH\Desktop\Desktop\USB Safely Remove Portable\Appdata\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LowTek CopyFaster] "C:\Program Files\LowTek CopyFaster\copyfast.exe" /startup
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [myweather] "C:\Program Files\MyFreeWeather\myweather.exe" /autorun
O4 - HKCU\..\Run: [Netlog 24] "C:\Program Files\Netlog 24\Notifier\Netlog24Notifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\hi PC-TECH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Battery Doubler.lnk = C:\Program Files\Dachshund Software\Battery Doubler\Battery Doubler.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{7AAAD35B-67C2-4F48-B908-C73A79E1751A}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A9C99B02-A1B1-46A9-A099-2CB6655A59AC}: NameServer = 127.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\Topos\cFosSpeed\spd.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Simple DNS Plus (sdnsplus) - JH Software - C:\Program Files\Simple DNS Plus\sdnsmain.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 14047 bytes
 


عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

في إنتظارك
 
توقيع : إكس زيرو
شكراً لك اخي على الرد السريع
تم عمل المطلوب مشكلة المتصفح انحلت خلاص مايطلع الخطا بس مشكله الشات مابرح يطلع الخطا وهاذا التقرير
ComboFix 09-07-31.02 - hi PC-TECH 08/01/2009 3:24.4.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.2038.1236 [GMT 3:00]
Running from: c:\documents and settings\hi PC-TECH\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 )))))))))))))))))))))))))))))))
.
2009-07-31 23:19 . 2009-07-31 23:20 2119680 ----a-w- c:\documents and settings\hi PC-TECH\Local Settings\Application Data\cooliris-win-ie-release-1.11.2.27471.en-US.msi
2009-07-31 01:03 . 2009-07-31 01:03 -------- d-----w- c:\program files\Common Files\Skype
2009-07-27 18:46 . 2009-07-27 18:46 -------- d-----w- c:\program files\Common Files\PCSuite
2009-07-27 18:44 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-07-27 18:44 . 2009-07-27 18:44 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-27 18:43 . 2009-07-27 18:41 34008688 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ara.exe
2009-07-27 18:42 . 2009-07-27 18:42 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-07-27 18:42 . 2009-07-27 18:42 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-07-27 18:42 . 2009-07-27 18:42 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-07-27 18:42 . 2009-07-27 18:42 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-07-22 19:59 . 2009-07-22 19:59 -------- d-sh--w- c:\documents and settings\hi PC-TECH\PrivacIE
2009-07-22 19:57 . 2009-07-22 19:57 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-07-22 19:57 . 2009-07-22 19:57 -------- d-sh--w- c:\documents and settings\hi PC-TECH\IETldCache
2009-07-22 19:52 . 2009-07-22 19:52 -------- d-----w- c:\windows\ie8updates
2009-07-22 19:49 . 2009-07-22 19:51 -------- dc-h--w- c:\windows\ie8
2009-07-22 19:44 . 2009-07-01 07:08 101376 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-22 19:41 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-22 19:41 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-22 19:41 . 2009-04-30 21:22 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-22 19:41 . 2009-04-30 21:22 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-18 18:52 . 2009-07-18 18:52 -------- d-----w- c:\program files\Photo To Cartoon
2009-07-18 18:46 . 2009-07-18 18:47 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\translateclient
2009-07-18 18:38 . 2009-07-18 18:38 -------- d-----w- c:\program files\PhotoZoom Pro 3
2009-07-16 15:33 . 2009-07-16 15:33 18118056 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Uniblue\DriverScanner\Download\pci_ven_8086_dev_27a26_14_10_4926.exe
2009-07-16 14:44 . 2006-12-01 23:26 57856 -c--a-w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\Windows\winsxs\7z1v718o.6n8\mfcm80u.dll
2009-07-16 14:29 . 2009-07-24 22:54 958464 ----a-w- c:\documents and settings\All Users\Application Data\Mfcd upload army browse\2 Great.exe
2009-07-16 10:17 . 2009-07-17 14:07 -------- d-----w- c:\documents and settings\hi PC-TECH\Local Settings\Application Data\Temp
2009-07-12 15:59 . 2009-07-12 16:00 -------- d-----w- c:\program files\Hotspot Shield
2009-07-12 12:46 . 2009-07-12 12:46 -------- d-----w- c:\documents and settings\hi PC-TECH\Local Settings\Application Data\SRS Labs
2009-07-12 12:46 . 2009-07-12 12:46 -------- d-----w- c:\documents and settings\All Users\Application Data\SRS Labs
2009-07-12 12:46 . 2007-07-26 06:25 39808 ----a-r- c:\windows\system32\drivers\SRS_SSCFilter_i386.sys
2009-07-12 12:46 . 2007-07-26 06:25 42112 ----a-r- c:\windows\system32\drivers\csiidecoder_kern_i386.sys
2009-07-12 12:46 . 2007-07-26 06:25 47360 ----a-r- c:\windows\system32\drivers\Surroundhp_kern_i386.sys
2009-07-12 12:46 . 2007-07-26 06:25 47104 ----a-r- c:\windows\system32\drivers\tshd4_kern_i386.sys
2009-07-12 12:46 . 2007-07-26 06:25 32000 ----a-r- c:\windows\system32\drivers\wowhd_kern_i386.sys
2009-07-11 17:35 . 2006-11-15 13:23 38144 ----a-w- c:\windows\system32\drivers\eappkt.sys
2009-07-11 17:33 . 2007-05-21 12:29 235648 ----a-w- c:\windows\system32\drivers\RTL8187.sys
2009-07-11 17:33 . 2009-07-11 17:34 -------- d-----w- c:\program files\REALTEK USB Wireless LAN Driver and Utility
2009-07-11 17:33 . 2009-07-11 17:33 -------- d-----w- c:\windows\system32\REALTEK USB Wireless LAN Driver and Utility
2009-07-11 02:03 . 2009-07-11 02:03 -------- d-----w- c:\windows\OPTIONS
2009-07-06 12:03 . 2009-07-06 12:32 -------- d-----w- c:\program files\All2Chat
2009-07-03 01:43 . 2009-07-03 01:43 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\iRecordMax Audio Editor
2009-07-03 01:39 . 2009-07-03 01:43 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\iRecordMax Sound Recorder
2009-07-02 17:42 . 2002-12-27 16:33 20569 ----a-w- c:\windows\system32\PXC25pm.dll
2009-07-02 08:09 . 2009-07-02 08:09 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Ambient Design
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-02 10:43 . 2008-08-29 11:53 77176 ----a-w- c:\windows\Fonts\SC_OUHOD.ttf
2016-12-30 05:32 . 2008-08-29 11:53 90072 ----a-w- c:\windows\Fonts\SC_REHAN.ttf
2016-12-30 05:06 . 2008-08-29 11:53 70064 ----a-w- c:\windows\Fonts\SC_TARABLUS.ttf
2016-12-30 05:05 . 2008-08-29 11:53 102264 ----a-w- c:\windows\Fonts\SC_SHMOOKH01.ttf
2016-12-30 05:05 . 2008-08-29 11:53 66792 ----a-w- c:\windows\Fonts\SC_SHARJAH.ttf
2016-12-30 05:04 . 2008-08-29 11:53 66852 ----a-w- c:\windows\Fonts\SC_LUJAYN.ttf
2016-12-30 05:03 . 2008-08-29 11:53 64908 ----a-w- c:\windows\Fonts\SC_KHALID.ttf
2016-12-30 05:03 . 2008-08-29 11:53 63168 ----a-w- c:\windows\Fonts\SC_HANI.ttf
2016-12-30 05:02 . 2008-08-29 11:53 81648 ----a-w- c:\windows\Fonts\SC_GULF.ttf
2016-12-30 05:02 . 2008-08-29 11:53 75820 ----a-w- c:\windows\Fonts\SC_DUBAI.ttf
2016-12-30 05:01 . 2008-08-29 11:53 70368 ----a-w- c:\windows\Fonts\SC_AMEEN.ttf
2016-12-30 05:00 . 2008-08-29 11:53 86304 ----a-w- c:\windows\Fonts\SC_ALYERMOOK.ttf
2009-08-01 00:29 . 2008-08-29 11:14 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\DMCache
2009-07-31 23:36 . 2001-10-13 10:11 78 ----a-w- c:\windows\battery.dat
2009-07-31 23:36 . 2009-05-12 01:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-07-31 23:34 . 2009-05-12 01:12 958496 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-07-31 23:34 . 2009-05-12 01:12 6452 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-07-31 23:34 . 2009-05-12 01:12 5505056 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-07-31 23:34 . 2009-05-12 01:12 50376 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-07-31 23:21 . 2008-08-29 12:09 -------- d-----w- c:\program files\PicLensIE
2009-07-31 15:38 . 2009-05-11 23:02 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Skype
2009-07-31 15:38 . 2009-05-11 23:03 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\skypePM
2009-07-31 01:03 . 2009-05-11 23:02 -------- d-----r- c:\program files\Skype
2009-07-31 01:02 . 2009-05-11 23:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-07-31 00:19 . 2008-08-29 10:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-27 18:46 . 2008-08-29 12:11 -------- d-----w- c:\program files\Common Files\Nokia
2009-07-27 18:44 . 2008-08-29 09:45 -------- d-----w- c:\program files\DIFX
2009-07-27 18:43 . 2008-08-29 11:43 -------- d-----w- c:\program files\Nokia
2009-07-27 18:42 . 2008-08-29 11:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-07-27 16:12 . 2008-08-29 12:03 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\uTorrent
2009-07-27 15:24 . 2009-05-23 01:06 237 ---ha-w- c:\windows\sysreg.dat
2009-07-27 00:21 . 2008-08-29 14:23 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\BSplayer PRO
2009-07-24 15:14 . 2009-06-20 03:01 165232 ---ha-w- c:\documents and settings\hi PC-TECH\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll
2009-07-21 10:29 . 2009-05-12 01:58 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-07-20 12:18 . 2008-08-29 11:43 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\window setup rect
2009-07-20 12:17 . 2009-06-05 20:33 -------- d-----w- c:\program files\CrystalDiskInfo
2009-07-18 14:19 . 2009-06-30 17:01 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\cleaner
2009-07-16 14:57 . 2009-07-16 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner
2009-07-16 14:51 . 2009-07-16 14:44 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-07-16 14:51 . 2009-07-16 14:51 -------- d-----w- c:\program files\Uniblue
2009-07-16 14:51 . 2009-07-16 14:51 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Uniblue
2009-07-16 14:29 . 2008-08-29 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Mfcd upload army browse
2009-07-16 14:26 . 2008-08-29 11:40 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-11 17:34 . 2008-08-29 09:49 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-07-11 17:33 . 2008-08-29 08:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-11 07:36 . 2009-05-31 17:39 -------- d-----w- c:\program files\MyFreeWeather
2009-07-04 04:43 . 2009-05-31 20:26 -------- d-----w- c:\program files\LowTek CopyFaster
2009-07-04 04:43 . 2008-08-29 11:04 -------- d-----w- c:\program files\FairStars Audio Converter
2009-07-04 04:43 . 2008-08-29 10:17 -------- d-----w- c:\program files\مشغل الفلاش العربي
2009-07-02 17:57 . 2008-09-01 12:32 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Thinstall
2009-07-02 04:28 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-07-02 04:28 . 2009-05-12 01:58 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-07-02 04:28 . 2009-05-12 01:58 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-06-30 20:52 . 2008-08-29 11:14 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\IDM
2009-06-30 18:29 . 2009-06-30 18:29 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-30 18:29 . 2009-06-30 18:29 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-30 18:29 . 2008-12-18 22:28 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-30 17:01 . 2009-06-30 17:01 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\CyberScrub
2009-06-29 13:20 . 2009-06-29 12:22 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\IMVUClient
2009-06-29 05:37 . 2008-08-29 11:44 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Nokia
2009-06-28 06:30 . 2009-06-29 04:17 52224 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Mozilla\Firefox\Profiles\gqfmlnww.default\extensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\FFExternalAlert.dll
2009-06-28 06:30 . 2009-06-29 04:17 114688 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Mozilla\Firefox\Profiles\gqfmlnww.default\extensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\npmozax.dll
2009-06-28 04:32 . 2009-06-28 04:32 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-28 04:29 . 2008-08-29 10:59 -------- d-----w- c:\program files\Unlocker
2009-06-28 04:14 . 2009-06-28 04:14 203776 ----a-w- c:\windows\system32\clrviddc.dll
2009-06-28 04:14 . 2009-06-28 04:14 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-28 04:14 . 2008-08-29 12:27 -------- d-----w- c:\program files\Common Files\Real
2009-06-28 04:14 . 2008-08-29 11:07 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-28 04:14 . 2008-08-29 11:07 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-28 04:08 . 2009-06-24 10:46 390664 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Real\RealPlayer\setup\AU_setup.exe
2009-06-28 04:04 . 2009-06-28 04:00 -------- d-----w- c:\program files\Real
2009-06-26 12:25 . 2009-06-26 12:25 204 ----a-w- c:\windows\AntiTrial.bin
2009-06-25 16:23 . 2009-06-25 16:23 -------- d-----w- c:\program files\Debugging Tools for Windows
2009-06-25 15:02 . 2008-08-29 10:34 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\TeamViewer
2009-06-25 11:12 . 2009-06-25 11:12 37888 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Thinstall\Express English\4000005200002i\AcroRd32.exe
2009-06-25 09:39 . 2009-06-25 09:39 -------- d-----w- c:\program files\Avant Browser
2009-06-22 11:39 . 2009-05-12 01:39 -------- d-----w- c:\program files\IncrediMail
2009-06-21 08:01 . 2008-12-16 02:25 -------- d-----w- c:\program files\Java
2009-06-21 08:00 . 2009-06-21 08:00 152576 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-20 03:00 . 2009-06-20 03:00 -------- d-----w- c:\program files\Microsoft Virtual PC
2009-06-19 02:48 . 2008-12-18 22:27 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-06-19 02:16 . 2009-06-18 10:18 -------- d-----w- c:\program files\MAGIX
2009-06-19 02:15 . 2009-06-18 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2009-06-18 10:19 . 2009-06-18 10:19 -------- d-----w- c:\program files\Common Files\xara
2009-06-18 10:19 . 2009-06-18 10:19 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2009-06-17 21:37 . 2009-06-17 21:37 -------- d-----w- c:\program files\GoldWave
2009-06-17 14:21 . 2009-06-17 14:21 90112 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\Thinstall\Windows Live Essentials\4000003b900002i\msnmsgr.exe
2009-06-14 18:55 . 2008-08-29 11:14 -------- d-----w- c:\program files\Internet Download Manager
2009-06-14 12:14 . 2009-06-14 12:14 4096 ----a-w- c:\windows\d3dx.dat
2009-06-13 18:26 . 2009-06-13 18:26 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\Intenium
2009-06-11 11:50 . 2009-06-11 11:50 16 ----a-w- c:\windows\system32\RgsData.dat
2009-06-07 14:56 . 2009-06-07 14:56 159744 ----a-w- c:\windows\system32\Netlog24Uninstaller.exe
2009-06-07 14:56 . 2009-06-07 14:56 -------- d-----w- c:\program files\Netlog 24
2009-06-06 17:41 . 2009-06-06 17:41 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-06-06 17:41 . 2009-06-06 17:41 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-06-06 17:41 . 2009-06-06 17:41 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-06-06 17:40 . 2009-06-06 17:41 24433136 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_1.6.13AR.exe
2009-06-06 17:21 . 2008-08-29 11:44 -------- d-----w- c:\documents and settings\hi PC-TECH\Application Data\PC Suite
2009-05-30 21:25 . 2009-05-30 21:22 2926768 ----a-w- c:\documents and settings\hi PC-TECH\Application Data\IDM\idmupdt.exe
2009-05-21 08:33 . 2008-12-16 00:39 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-18 16:28 . 2009-05-11 21:12 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2008-08-29 14:36 . 2008-08-29 14:36 0 --sh--w- c:\windows\S9AC590A3.tmp
2005-09-26 23:35 . 2005-09-26 23:35 293376 --sha-r- c:\windows\system32\ShellExt\plugin.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3aaa6ede-0f45-43da-8b81-608a1d8108a2}"= "c:\program files\zyzoom\tbzyz0.dll" [2009-07-02 2094616]
[HKEY_CLASSES_ROOT\clsid\{3aaa6ede-0f45-43da-8b81-608a1d8108a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3aaa6ede-0f45-43da-8b81-608a1d8108a2}]
2009-07-02 09:35 2094616 ----a-w- c:\program files\zyzoom\tbzyz0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3aaa6ede-0f45-43da-8b81-608a1d8108a2}"= "c:\program files\zyzoom\tbzyz0.dll" [2009-07-02 2094616]
[HKEY_CLASSES_ROOT\clsid\{3aaa6ede-0f45-43da-8b81-608a1d8108a2}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3AAA6EDE-0F45-43DA-8B81-608A1D8108A2}"= "c:\program files\zyzoom\tbzyz0.dll" [2009-07-02 2094616]
[HKEY_CLASSES_ROOT\clsid\{3aaa6ede-0f45-43da-8b81-608a1d8108a2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-30 2815408]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2007-10-17 36864]
"USB Safely Remove"="c:\documents and settings\hi PC-TECH\Desktop\Desktop\USB Safely Remove Portable\Appdata\USBSafelyRemove.exe" [2007-12-18 700928]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"LowTek CopyFaster"="c:\program files\LowTek CopyFaster\copyfast.exe" [2000-06-17 86096]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2008-11-20 155904]
"myweather"="c:\program files\MyFreeWeather\myweather.exe" [2009-07-11 1585152]
"Netlog 24"="c:\program files\Netlog 24\Notifier\Netlog24Notifier.exe" [2009-06-07 1380352]
"Google Update"="c:\documents and settings\hi PC-TECH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-07-09 133104]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-29 68856]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2005-10-12 118784]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-03 1228800]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"QMAXII"="c:\program files\QSound\QMAX II\CPL.exe" [2003-01-22 380928]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-07-21 208616]
"VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-10-05 280779]
"cFosSpeed"="c:\program files\Topos\cFosSpeed\cFosSpeed.exe" [2009-02-11 876760]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-28 198160]
"Army browse cdrom vga"="c:\documents and settings\All Users\Application Data\Mfcd upload army browse\2 Great.exe" [2009-07-24 958464]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2006-03-24 282624]
c:\documents and settings\hi PC-TECH\Start Menu\Programs\Startup\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
REALTEK USB Wireless LAN Utility.lnk - c:\program files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe [2009-7-11 794624]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Netlog 24"="c:\program files\Netlog 24\Notifier\Netlog24Notifier.exe"
"myweather"="c:\program files\MyFreeWeather\myweather.exe" /autorun
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImage\TrueImageMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImLc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP المنفذ 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP المنفذ 37675
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R0 SscVF;SscVF;c:\windows\system32\drivers\sscvf.sys [5/12/2009 2:31 AM 80640]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\eappkt.sys [7/11/2009 8:35 PM 38144]
R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys [11/19/2004 5:07 PM 101488]
R2 sdnsplus;Simple DNS Plus;c:\program files\Simple DNS Plus\sdnsmain.exe [3/16/2007 1:26 PM 435210]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [6/30/2009 9:29 PM 603904]
R2 Vcs;Vcs support;c:\windows\system32\drivers\Vcs.sys [6/11/2009 2:50 PM 6852]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 6:06 PM 24592]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [1/25/2008 12:12 PM 25088]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\DRIVERS\br3gmdm.sys --> c:\windows\system32\DRIVERS\br3gmdm.sys [?]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [7/11/2009 8:33 PM 235648]
S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [6/18/2009 1:19 PM 548864]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-01 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
2009-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-1417001333-1003Core.job
- c:\documents and settings\hi PC-TECH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-09 08:48]
2009-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-776561741-1417001333-1003UA.job
- c:\documents and settings\hi PC-TECH\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-09 08:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {7AAAD35B-67C2-4F48-B908-C73A79E1751A} = 127.0.0.1
TCP: {A9C99B02-A1B1-46A9-A099-2CB6655A59AC} = 127.0.0.1
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\hi PC-TECH\Application Data\Mozilla\Firefox\Profiles\gqfmlnww.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - arab stars Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=2&q=
FF - component: c:\documents and settings\hi PC-TECH\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\hi PC-TECH\Application Data\Mozilla\Firefox\Profiles\gqfmlnww.default\extensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\FFExternalAlert.dll
FF - plugin: c:\documents and settings\hi PC-TECH\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-08-01 03:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0e,27,3c,a0,a9,05,c0,fe,12,3b,04,89,c9,da,76,f7,2e,b1,f3,6d,0f,
60,7d,12,b1,fe,c2,58,ac,4d,6b,33,06,87,3a,2a,1a,95,b7,fa,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{dd765d46-43de-48ba-961a-6f0a52d4250d}]
@Denied: (Full) (Everyone)
"Model"=dword:00000167
"Therad"=dword:00000016
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,72,06,27,14,71,57,e7,ca,8e,7f,6b,e5,0f,5d,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(948)
c:\windows\system32\relog_ap.dll
- - - - - - - > 'explorer.exe'(4604)
c:\windows\system32\WININET.dll
c:\program files\VisualTaskTips\VttHooks.dll
c:\windows\system32\QMaxIIwd.dll
c:\windows\system32\QMaxIIwo.dll
c:\windows\system32\QMaxIIfx.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-01 3:30
ComboFix-quarantined-files.txt 2009-08-01 00:30
ComboFix2.txt 2009-07-18 14:33
ComboFix3.txt 2009-07-13 21:13
ComboFix4.txt 2009-07-01 22:37
Pre-Run: 5,484,859,392 bytes free
Post-Run: 5,584,330,752 bytes free
397 --- E O F --- 2008-08-30 18:16
 
أريد منك تحميل هذه الملفات على هذا الموقع لتأكد من خلوها من الفيروسات :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


الملفات :

c:\windows\system32\dllcache\iecompat.dll

c:\windows\system32\dllcache\xpshims.dll

c:\windows\system32\dllcache\ieproxy.dll

c:\windows\system32\dllcache\iertutil.dll

c:\windows\system32\dllcache\ieframe.dll

وأكتب النتيجة

وما هو نوع الخطأ الذي يظهر لك ؟
 
توقيع : إكس زيرو
1- يجب ان يكون عنوان الموضوع يدل على محتوى المشكلة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


مغلق
 
توقيع : Demo-dashDemo-dash is verified member.
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى