[تم حل المشكلة]مشكلة في تثبيت برنامج USB_Disk_Security_V5.0.0.90

الحالة
مغلق و غير مفتوح للمزيد من الردود.
A

almohob

زيزوومي نشيط
إنضم
21 يوليو 2009
المشاركات
143
مستوى التفاعل
2
النقاط
170
غير متصل
السلام عليكم ورحمة الله وبركاته

مرحبا شباب

أنا عندي مشكلة في تثبيت برنامج USB_Disk_Security_V5.0.0.90
وهي إني إذا ثبته واكتمل التثبيت تظهر لي هذي النافذة
t9ckmv.jpg


وهذا التقرير للجهاز

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:05:54 م, on 08/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Zwunzi\zwunzi131.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zwunzi\zwunzi.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TTMessenger\spool\PDFSaver.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Documents and Settings\abu nawaf\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\Wyzo\wyzo.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [4shared Update] "C:\Program Files\4shared Desktop\checkUpdate.exe"
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [PrnStatusMX] C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\abu nawaf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TTMessengerPDF] "C:\Program Files\TTMessenger\spool\PDFSaver.exe"
O4 - HKCU\..\Run: [TTMessenger] "C:\Program Files\TTMessenger\ttmessenger2.exe"
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Torrent2Exe[6054afd3910e4b4e8ddeebda092690ca95d00a0f]] C:\Documents and Settings\abu nawaf\سطح المكتب\rter3[mininova].exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O8 - Extra context menu item: &Download all 4shared files - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: &Download using 4shared Desktop - C:\Program Files\4shared Desktop\down_link.htm
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: FreshDownload - {DBC41C54-16A1-4359-B75F-C2B7B59CCED0} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Zwunzi Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Zwunzi\zwunzi131.exe

--
End of file - 10442 bytes

بانتظاركم

بالتوفيق
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
ComboFix 09-12-08.04 - abu nawaf 12/09/2009 14:36:53.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.991.556 [GMT 3:00]
Running from: c:\documents and settings\abu nawaf\سطح المكتب\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\abu nawaf\Application Data\addons.dat
c:\windows\Bifrost\logg.dat
c:\windows\system32\clrviddc.dll
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Files Created from 2009-11-09 to 2009-12-09 )))))))))))))))))))))))))))))))
.

2009-12-08 17:05 . 2009-12-08 17:05 -------- d-----w- c:\program files\Trend Micro
2009-12-08 16:58 . 2009-12-08 16:59 -------- d-----w- c:\program files\USB Disk Security
2009-12-06 20:06 . 2009-12-06 20:06 -------- d-----w- c:\program files\FreeTime
2009-12-05 18:38 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2009-12-05 18:38 . 2009-12-05 18:38 -------- d-----w- c:\program files\NSS
2009-12-05 17:17 . 2009-12-05 17:18 -------- d-----w- c:\program files\QuickTime
2009-12-05 17:17 . 2009-12-05 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-12-05 12:40 . 2009-12-05 12:40 -------- d-----w- c:\program files\My Company Name
2009-11-22 08:03 . 2009-11-22 08:03 -------- d-----w- C:\TechSmith
2009-11-21 09:51 . 2009-12-09 11:41 -------- d--h--w- c:\windows\Bifrost
2009-11-18 10:52 . 2009-11-27 16:40 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\IDM
2009-11-18 10:52 . 2009-11-18 10:55 -------- d-----w- c:\program files\Internet Download Manager
2009-11-13 17:41 . 2009-11-13 19:48 -------- d-----w- c:\windows\system32\NtmsData
2009-11-11 14:10 . 2009-09-09 10:43 210352 ----a-w- c:\windows\system32\idmmbc.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-09 11:45 . 2009-10-09 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-09 11:45 . 2009-08-03 22:43 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\DMCache
2009-12-09 11:42 . 2009-08-11 00:23 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\uTorrent
2009-12-09 11:29 . 2004-08-04 12:00 75060 ----a-w- c:\windows\system32\perfc001.dat
2009-12-09 11:29 . 2004-08-04 12:00 383604 ----a-w- c:\windows\system32\perfh001.dat
2009-12-09 11:18 . 2009-09-14 20:15 -------- d-----w- c:\program files\Java
2009-12-09 11:14 . 2009-12-09 11:14 152576 ----a-w- c:\documents and settings\abu nawaf\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-09 11:14 . 2009-12-09 11:14 79488 ----a-w- c:\documents and settings\abu nawaf\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-08 18:48 . 2009-09-30 18:45 -------- d-----w- c:\program files\Wyzo
2009-12-08 14:06 . 2009-11-09 11:38 -------- d-----w- c:\program files\Zwunzi
2009-12-07 10:50 . 2009-11-09 11:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Zwunzi
2009-12-07 05:45 . 2009-12-07 10:49 58720 ----a-w- c:\documents and settings\All Users\Application Data\Zwunzi\zwunzi131.exe
2009-12-05 18:36 . 2009-08-30 16:27 -------- d-----w- c:\program files\Opera
2009-12-05 13:06 . 2009-08-03 12:11 352912 ----a-w- c:\documents and settings\abu nawaf\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-29 11:17 . 2009-11-09 11:37 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-11-26 17:19 . 2009-08-16 12:19 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\4shared Desktop
2009-11-22 12:03 . 2009-09-07 03:10 -------- d-----w- c:\program files\LeapFTP
2009-11-18 10:55 . 2009-11-18 10:55 198064 ----a-w- c:\documents and settings\abu nawaf\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-11-15 10:44 . 2009-11-15 10:44 1730452 ----a-w- c:\documents and settings\abu nawaf\Application Data\MessengerDiscovery 2\0\Update.exe
2009-11-11 10:29 . 2009-08-03 12:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-09 11:38 . 2009-08-09 15:07 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\MessengerDiscovery 2
2009-11-08 13:01 . 2009-08-04 10:25 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-08 13:00 . 2009-08-04 10:23 -------- d-----w- c:\program files\Windows Live
2009-11-08 12:57 . 2009-10-17 15:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-08 12:56 . 2009-10-17 15:45 -------- d-----w- c:\program files\Smarty Uninstaller Pro
2009-11-08 12:51 . 2009-11-08 12:51 3584 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-11-08 12:51 . 2009-11-08 12:51 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-11-08 12:51 . 2009-08-25 20:15 -------- d-----w- c:\program files\MSECache
2009-11-07 16:38 . 2009-11-07 16:38 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Marvell
2009-11-07 16:34 . 2009-08-21 13:29 -------- d-----w- c:\program files\Hewlett-Packard
2009-11-07 16:32 . 2009-11-07 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-11-07 16:32 . 2009-08-21 13:22 -------- d-----w- c:\program files\HP
2009-11-07 16:30 . 2009-11-07 16:30 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Hewlett-Packard
2009-11-07 16:29 . 2009-08-21 13:34 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\HP
2009-11-07 13:29 . 2009-11-07 13:29 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\AlMAdinahMushaf
2009-11-07 13:11 . 2009-11-07 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-11-07 13:11 . 2009-08-03 12:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-01 17:37 . 2009-11-01 17:37 -------- d-----w- c:\program files\Microsoft
2009-10-31 17:30 . 2009-10-31 17:30 -------- d-----w- c:\program files\Common Files\Apple
2009-10-29 12:06 . 2009-10-29 12:06 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-29 11:20 . 2009-10-29 11:20 -------- d-----w- c:\program files\Apple Software Update
2009-10-29 11:20 . 2009-10-29 11:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-29 07:40 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:10 . 2009-10-28 22:33 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-28 22:33 . 2009-10-28 22:33 1925024 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2009-10-26 10:27 . 2009-10-26 10:25 -------- d-----w- c:\program files\GreenBrowser
2009-10-24 14:04 . 2009-10-24 14:04 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Publish Providers
2009-10-24 14:04 . 2009-10-24 14:04 -------- d-----w- c:\program files\VSTplugins
2009-10-24 14:04 . 2009-10-24 14:04 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Sony
2009-10-24 14:00 . 2009-10-24 14:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-10-24 14:00 . 2009-10-24 14:00 -------- d-----w- c:\program files\Sony
2009-10-24 13:58 . 2009-10-24 13:58 -------- d-----w- c:\program files\Sony Setup
2009-10-21 05:38 . 2004-08-04 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-04 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 18:11 . 2009-10-20 18:11 57344 ----a-w- c:\windows\system32\drivers\WDelMgr20.exe
2009-10-20 18:03 . 2009-10-20 13:54 -------- d-----w- c:\program files\ObjectRescue Pro
2009-10-20 16:20 . 2004-08-04 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-20 15:53 . 2009-10-17 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-10-17 16:49 . 2009-10-17 16:46 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2009-10-17 15:43 . 2009-10-13 12:20 -------- d-----w- c:\program files\Mgutil
2009-10-17 11:21 . 2009-10-17 11:17 -------- d-----w- c:\program files\Jasc Software Inc
2009-10-17 11:18 . 2009-10-17 11:18 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Jasc
2009-10-14 12:54 . 2009-10-09 18:24 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-14 12:54 . 2009-10-09 18:24 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-13 13:15 . 2009-10-13 13:14 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-13 13:10 . 2009-10-13 13:10 14 ----a-w- c:\windows\system32\SysEngineDrive1.sys
2009-10-13 12:25 . 2009-08-07 10:06 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\COWON
2009-10-13 12:24 . 2009-09-06 00:45 -------- d-----w- c:\documents and settings\abu nawaf\Application Data\Paltalk
2009-10-13 12:18 . 2009-09-14 16:44 -------- d-----r- c:\program files\Skype
2009-10-13 12:18 . 2009-09-14 16:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-10-13 10:33 . 2004-08-04 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2004-08-04 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-04 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-11 01:17 . 2009-09-14 20:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-09 18:48 . 2009-10-09 18:48 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-10-09 18:39 . 2009-10-09 18:39 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-10-09 18:38 . 2009-10-09 18:38 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-10-09 18:38 . 2009-10-09 18:38 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-10-06 10:31 . 2009-10-06 10:21 172032 ------w- c:\windows\Setup1.exe
2009-10-06 10:31 . 2009-10-06 10:21 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-03 09:46 . 2009-10-03 09:46 152576 ----a-w- c:\documents and settings\abu nawaf\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-09-30 17:58 . 2009-09-30 17:58 3638 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_3D3DC91FC9DD2637D12FA2.exe
2009-09-30 17:58 . 2009-09-30 17:58 3638 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_31FAD3247F4B0F6385E90B.exe
2009-09-30 17:58 . 2009-09-30 17:58 10134 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_F8397BE02F4D062C7D8582.exe
2009-09-30 17:58 . 2009-09-30 17:58 10134 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_7EA93AB4D6B360FE8F56BE.exe
2009-09-30 17:58 . 2009-09-30 17:58 10134 ----a-r- c:\documents and settings\abu nawaf\Application Data\Microsoft\Installer\{B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A}\_380E8673AD6BA4E7CFE666.exe
2009-09-30 17:43 . 2009-09-30 17:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-09-22 10:29 . 2009-09-22 10:25 6112 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-09-22 10:29 . 2009-09-22 10:29 65385 ----a-w- c:\windows\BricoPackUninst.cmd
2009-09-22 10:29 . 2004-08-04 12:00 218624 ----a-w- c:\windows\system32\uxtheme.dll
2009-09-20 00:20 . 2009-09-20 00:20 0 ----a-w- c:\windows\system32\cd.dat
2009-09-15 20:04 . 2009-09-15 20:04 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2009-09-14 20:15 . 2009-09-14 20:15 152576 ----a-w- c:\documents and settings\abu nawaf\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-09-14 16:47 . 2009-09-14 16:47 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-09-11 14:17 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-30 23:47 . 2009-08-30 23:48 118784 ----a-w- c:\program files\opera\program\plugins\FDOperaPlugin.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\abu nawaf\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-03 133104]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-10-13 289072]
"TTMessengerPDF"="c:\program files\TTMessenger\spool\PDFSaver.exe" [2004-03-22 61440]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-11-18 3171760]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-10-08 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-10-08 126976]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 86016]
"SoundMan"="SOUNDMAN.EXE" [2005-12-14 577536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"4shared Update"="c:\program files\4shared Desktop\checkUpdate.exe" [2009-07-13 1337344]
"ToolBoxFX"="c:\program files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2006-06-15 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"PrnStatusMX"="c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe" [2007-07-13 1077248]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LeapFTP\\LeapFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27347:TCP"= 27347:TCP:BitComet 27347 TCP
"27347:UDP"= 27347:UDP:BitComet 27347 UDP

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 08:41 م 33808]
R1 NtFsLdf20;NtFsLdf20;c:\windows\system32\drivers\NtFsLdf20.sys [20/10/2009 09:11 م 31342]
R2 Zwunzi Service;Zwunzi Service;c:\documents and settings\All Users\Application Data\Zwunzi\zwunzi131.exe [07/12/2009 01:49 م 58720]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 05:46 م 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 08:59 م 19472]
S3 CENIXFMC;Cenix Digicom Digital Voice Recorder Service;c:\windows\system32\drivers\CenixFMC.sys [18/09/2009 07:55 م 18660]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Settings,ProxyOverride = local
IE: &Download all 4shared files - c:\program files\4shared Desktop\down_all.htm
IE: &Download using 4shared Desktop - c:\program files\4shared Desktop\down_link.htm
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{DBC41C54-16A1-4359-B75F-C2B7B59CCED0} - c:\program files\FreshDevices\FreshDownload\fd.exe
FF - ProfilePath - c:\documents and settings\abu nawaf\Application Data\Mozilla\Firefox\Profiles\hau0fgcx.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\abu nawaf\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\abu nawaf\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
.
------- File Associations -------
.
txtfile=NOTEPAD %1
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-TTMessenger - c:\program files\TTMessenger\ttmessenger2.exe
HKCU-Run-BlazeServoTool - c:\program files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe
HKCU-Run-Torrent2Exe[6054afd3910e4b4e8ddeebda092690ca95d00a0f] - c:\documents and settings\abu nawaf\سطح المكتب\rter3[mininova].exe
HKLM-Run-SystemInit - (no file)
HKLM-Run-Karen - (no file)
HKLM-Run-raVe - (no file)
HKLM-Run-SystemBackup - (no file)
HKLM-Run-Win32BaseServiceMOD - (no file)
HKLM-Run-startIE - (no file)
HKLM-Run-TkBellExe - c:\program files\K-Lite Codec Pack\Real\Update_OB\realsched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-12-09 14:45
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2712)
c:\windows\system32\WININET.dll
c:\program files\Zwunzi\zwunzi.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Zwunzi\zwunzi.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\documents and settings\abu nawaf\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-12-09 14:52:58 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-09 11:52
ComboFix2.txt 2009-08-08 23:51

Pre-Run: 35,511,435,264 bytes free
Post-Run: 37,736,988,672 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - BB22687F2CD5DCF656C728A6CF4A2B86
 
تأييد 0
تفضل أخوي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وإذا شفت أي مشاكل في الجهاز حاول تقولي عليها وطرق علاجها
مع الشكر الجزيل لك
 
تأييد 0
حمل الملف التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وطبق عليه هذا الشرح

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود
ثم نظف جهازك بهذه الاداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وبلغنا اخر النتائج
 
تأييد 0

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


أهلين أخوي
التولبار ما لقيته موجود
والنتائج كل شي تمام
وثبت البرنامج
ويعطيك العافية على مرورك اليومي ومتابعك
وأتعبناك معنا
 
تأييد 0
الله يبشرك بالخير

موفق
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى