أيقونة القرص c و d و e لا تظهر :(

Dark Soul · 30 ديسمبر 2009

السلام عليكم ورحمة الله وبركاته

إخواني الله يجزاكم الخير..قبل فترة بطلت تطلع أ يقونة القرص C و D و E كما هو موجود في الصورة

أرجو منكم المساعدة :i:

MAAX · 30 ديسمبر 2009

هلاا بك

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

Dark Soul · 30 ديسمبر 2009

اتفضل أخي MAAX هذا التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:09:08 م, on 30/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analogue Vista Clock\Analogue Vista Clock.exe
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Amer\My Documents\Downloads\Zyzoom_HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Analogue Vista Clock] C:\Program Files\Analogue Vista Clock\Analogue Vista Clock.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Amer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 6626 bytes

anas2009 · 30 ديسمبر 2009

بعد اذن اخوي ماكس

اعمل التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Dark Soul · 30 ديسمبر 2009

عفوا بس مو حيطلع نفس التقرير الي سويته في الرد الأول ؟

anas2009 · 30 ديسمبر 2009

لا اخوي هذا تقرير يختلف عن الاول

Dark Soul · 30 ديسمبر 2009

اتفضل أخي أنس هذا التقرير

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

format · 30 ديسمبر 2009

شرح افضل الاعدادت للدكتر ويب
Dr.web

للتحميل البرنامج اضغط على صوره

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

الله يجزيك خير

.•°¤*(¯`°ღ FORMAT ღ°´¯)*¤°•.

Dark Soul · 30 ديسمبر 2009

المعذرة أخ فورمات
بس ايش دخل الدكتور ويب في المشكلة؟؟

format · 30 ديسمبر 2009

حاسس انه شغل فيروسات <<

واظنه مثل الاوترون <<

جرب الدكتر ويب واعمل فحص << للجهاز

MAAX · 30 ديسمبر 2009

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

Dark Soul · 30 ديسمبر 2009

فحصت الجهاز بس ما اكتشف شي :f:

الوفا طبعي · 31 ديسمبر 2009

عطنا اخوووي تقرير هاايجاك ..

الوفا طبعي · 31 ديسمبر 2009

اخوووي تذكر هل فيه برنامج حملته وبعدها اختفت الايقونة اذا عرفت البرنامج احذفه ..

واذا ماعرفته انسخ الملفات المهمة وسو استعادة النظام الى تاريخ قبل اختفاء الاقراص وانشاء الله تنحل المشكلة ..

Dark Soul · 31 ديسمبر 2009

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

اتفضل اخوي مااكس

ComboFix 09-12-29.06 - Amer 12/31/2009 0:49.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.223.99 [GMT 3:00]
Running from: c:\documents and settings\Amer\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira Firewall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Amer\Application Data\Desktopicon
c:\documents and settings\Amer\Application Data\Desktopicon\eBayShortcuts.exe
c:\windows\system32\AutoRun.inf
d:\downloads\Compressed\kaBRessky.exe

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-30 )))))))))))))))))))))))))))))))
.

2009-12-30 21:11 . 2009-12-30 21:40 6965272 ----a-w- c:\documents and settings\Amer\Application Data\IDM\DwnlData\Amer\kts9.0.0.192en_105\kts9.0.0.192en.exe
2009-12-30 20:22 . 2009-12-30 20:22 -------- d-----w- c:\documents and settings\Amer\DoctorWeb
2009-12-30 19:56 . 2009-12-30 19:56 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-30 19:51 . 2009-12-30 19:51 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\Runscanner.net
2009-12-29 11:55 . 2009-12-29 11:55 -------- d-----w- c:\documents and settings\Amer\Application Data\IObit
2009-12-26 16:46 . 2009-12-26 16:46 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-12-26 16:45 . 2009-12-26 16:45 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-26 16:21 . 2009-12-26 16:55 156553 ----a-w- c:\windows\hpoins14.dat
2009-12-26 16:21 . 2007-09-20 01:14 2000 ------w- c:\windows\hpomdl14.dat
2009-12-25 12:20 . 2006-12-08 13:36 37376 ----a-w- c:\windows\system32\dwmapi.dll
2009-12-25 12:20 . 2002-01-05 11:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-23 21:33 . 2009-12-23 21:33 -------- d-----w- c:\program files\VisualTaskTips
2009-12-23 11:50 . 2009-12-23 11:50 -------- d-----w- c:\program files\Fozisoft
2009-12-23 11:09 . 2009-12-17 23:08 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-22 20:09 . 2009-12-23 11:49 -------- d-----w- c:\program files\Rhymesaurus FREE Edition
2009-12-22 12:17 . 2009-12-22 12:17 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\Stardock
2009-12-22 11:29 . 2009-12-23 12:09 -------- d-----w- c:\windows\Icon_Patcher
2009-12-21 12:42 . 2009-12-23 11:49 -------- d-----w- c:\documents and settings\Amer\Application Data\Mozilla(2)
2009-12-21 12:36 . 2009-12-23 11:49 -------- d-----w- c:\windows\VistaMizer
2009-12-21 12:09 . 2009-12-21 12:09 -------- d-----w- C:\cybersoft v2
2009-12-18 17:56 . 2009-12-18 17:56 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\Cooliris
2009-12-18 17:55 . 2009-12-18 17:55 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\Radical Software Ltd
2009-12-18 17:55 . 2009-12-18 17:55 -------- d-----w- c:\documents and settings\Amer\Application Data\Radical Software Ltd
2009-12-16 11:54 . 2009-12-16 11:54 -------- d-----w- c:\documents and settings\Amer\Application Data\Media Player Classic
2009-12-16 11:52 . 2009-08-16 15:08 178176 ----a-w- c:\windows\system32\unrar.dll
2009-12-16 11:52 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-12-16 11:52 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-12-16 11:52 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-12-16 11:52 . 2009-10-13 18:00 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-12-16 11:52 . 2009-12-16 11:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-12-14 19:15 . 2009-12-14 19:15 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-12-14 12:20 . 2009-12-24 14:16 -------- d-----w- c:\program files\A1Click Ultra PC Cleaner
2009-12-11 19:17 . 2009-12-11 19:17 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-09 15:08 . 2009-12-09 15:08 -------- d-----w- c:\program files\Microsoft.NET
2009-12-08 16:47 . 2009-12-08 16:47 -------- d-----w- c:\documents and settings\Amer\Application Data\Avira
2009-12-08 11:29 . 2004-08-04 12:00 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-08 11:19 . 2009-12-08 11:19 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-07 13:03 . 2009-12-07 13:03 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-12-07 13:03 . 2009-12-07 13:03 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\EleFun Games
2009-12-07 11:52 . 2009-12-07 11:52 -------- d-----w- c:\documents and settings\Amer\Local Settings\Application Data\Mozilla
2009-12-07 03:56 . 2009-12-07 03:56 -------- d-----w- c:\documents and settings\Amer\Application Data\vlc
2009-12-07 03:54 . 2009-12-07 03:54 -------- d-----w- c:\program files\VideoLAN
2009-12-06 11:51 . 2009-12-06 11:51 -------- d-----w- c:\documents and settings\Amer\Application Data\Nero
2009-12-06 11:49 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-12-06 11:49 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-12-06 11:49 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-12-06 11:49 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-12-06 11:49 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-12-06 11:49 . 2009-12-06 11:49 -------- d-----w- c:\program files\Nero
2009-12-06 11:49 . 2009-12-06 11:49 -------- d-----w- c:\program files\Common Files\Nero
2009-12-06 11:49 . 2009-12-06 11:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-12-06 11:10 . 2009-12-29 12:21 -------- d-----w- c:\documents and settings\Amer\Application Data\BitTorrent
2009-12-06 11:06 . 2009-12-06 11:06 -------- d-----w- c:\program files\BitTorrent
2009-12-05 20:45 . 2009-12-05 20:45 -------- d-----w- c:\documents and settings\Amer\Application Data\HP
2009-12-05 18:40 . 2009-12-05 18:40 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-12-04 12:32 . 2009-12-04 12:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee
2009-12-04 12:31 . 2009-12-18 17:57 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-04 12:30 . 2004-08-03 19:58 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-12-04 12:30 . 2004-08-03 19:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-12-04 12:30 . 2004-08-03 20:10 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-12-04 12:30 . 2004-08-03 20:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-12-04 12:30 . 2004-08-03 20:10 15360 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-12-04 12:30 . 2004-08-03 20:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-12-04 12:30 . 2004-08-03 20:10 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-12-04 12:30 . 2004-08-03 20:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-12-04 12:30 . 2004-08-03 20:10 19328 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-12-04 12:30 . 2004-08-03 20:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-12-04 12:29 . 2004-08-03 20:10 85376 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-12-04 12:29 . 2004-08-03 20:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-12-04 12:29 . 2004-08-03 20:10 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-12-04 12:29 . 2004-08-03 20:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-12-04 12:28 . 2004-08-03 21:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-04 12:28 . 2004-08-03 21:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-12-02 18:48 . 2009-12-02 18:48 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-02 18:47 . 2009-12-06 15:31 -------- d-----w- c:\documents and settings\Amer\Application Data\skypePM
2009-12-02 05:50 . 2007-06-01 08:48 270336 ----a-w- c:\windows\tsnpstd3.exe
2009-12-02 05:50 . 2007-05-10 10:18 835584 ----a-w- c:\windows\vsnpstd3.exe
2009-12-02 05:50 . 2007-05-10 10:18 835584 ----a-w- c:\windows\vsnpstd3(2).exe
2009-12-02 05:50 . 2007-05-24 14:59 10343680 ----a-w- c:\windows\system32\drivers\snpstd3.sys
2009-12-02 05:50 . 2007-06-01 08:44 172032 ----a-w- c:\windows\system32\rsnpstd3.dll
2009-12-02 05:50 . 2007-05-31 06:00 57344 ----a-w- c:\windows\system32\vsnpstd3.dll
2009-12-02 05:50 . 2009-12-04 12:22 -------- d-----w- c:\program files\Common Files\snpstd3
2009-12-02 05:50 . 2005-11-23 10:55 53248 ----a-w- c:\windows\system32\csnpstd3.dll
2009-12-02 05:50 . 2005-11-23 10:55 53248 ----a-w- c:\windows\csnpstd3.dll
2009-12-02 05:50 . 2009-12-11 19:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-02 05:49 . 2009-12-02 05:49 -------- d-----w- c:\documents and settings\Amer\Application Data\InstallShield
2009-12-02 05:41 . 2007-03-24 13:41 135168 ----a-w- c:\windows\amcap.exe
2009-12-02 05:41 . 2007-02-10 12:40 20480 ----a-w- c:\windows\FixCamera.exe
2009-12-02 05:29 . 2009-12-02 05:29 -------- d-----w- c:\program files\CCleaner
2009-12-02 05:28 . 2009-12-02 05:28 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-12-02 05:23 . 2009-12-26 16:46 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-12-02 05:23 . 2009-12-02 05:23 -------- d-----w- c:\program files\Common Files\HP
2009-12-02 05:21 . 2009-12-02 05:21 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-02 05:20 . 2007-03-08 04:20 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-12-02 05:20 . 2007-03-08 04:20 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-12-02 05:20 . 2009-12-02 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-12-02 05:19 . 2007-03-30 15:07 267864 ----a-r- c:\windows\system32\hpzids01.dll
2009-12-02 05:19 . 2007-03-28 10:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2009-12-02 05:19 . 2007-03-28 11:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2009-12-02 05:19 . 2007-03-08 04:20 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-12-02 05:18 . 2007-03-08 04:20 309760 ----a-r- c:\windows\system32\difxapi.dll
2009-12-02 05:18 . 2007-03-17 16:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2009-12-02 05:18 . 2007-03-17 16:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2009-12-02 05:18 . 2007-03-17 16:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2009-12-02 05:18 . 2007-03-08 04:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2009-12-02 05:18 . 2004-08-03 19:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-02 05:18 . 2004-08-03 19:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-02 05:17 . 2009-12-26 16:39 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-02 05:14 . 2009-12-26 16:46 -------- d-----w- c:\program files\HP
2009-12-02 05:14 . 2004-08-03 20:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-02 05:14 . 2004-08-03 20:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-02 05:14 . 2004-08-03 20:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-02 05:14 . 2004-08-03 20:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-02 01:22 . 2009-12-23 11:50 -------- d--h--w- c:\windows\Icons
2009-12-02 00:56 . 2009-12-02 00:56 -------- d-----w- c:\documents and settings\Amer\Application Data\Styler
2009-12-02 00:56 . 2009-12-23 11:49 -------- d-----w- c:\program files\Styler
2009-12-01 23:07 . 2009-12-01 23:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-12-01 22:58 . 2009-12-24 14:16 -------- d-----w- c:\documents and settings\Amer\Application Data\Skype
2009-12-01 22:56 . 2009-12-01 22:56 -------- d-----w- c:\program files\Common Files\Skype
2009-12-01 22:56 . 2009-12-01 22:56 -------- d-----r- c:\program files\Skype
2009-12-01 22:54 . 2009-12-01 22:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-12-01 22:49 . 2009-12-03 18:52 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2009-12-01 22:49 . 2008-04-13 14:26 36396 ----a-w- c:\documents and settings\Amer\Application Data\BSplayer\AC3 Filter\uninstall.exe
2009-12-01 22:49 . 2007-07-05 00:33 892928 ----a-w- c:\documents and settings\Amer\Application Data\BSplayer\AC3 Filter\iconv.dll
2009-12-01 22:49 . 2007-08-18 06:54 20480 ----a-w- c:\documents and settings\Amer\Application Data\BSplayer\AC3 Filter\ac3config.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-30 20:12 . 2009-12-01 21:01 -------- d-----w- c:\documents and settings\Amer\Application Data\DMCache
2009-12-29 12:21 . 2009-12-01 21:01 -------- d-----w- c:\program files\Internet Download Manager
2009-12-26 16:20 . 2009-12-01 22:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-26 16:19 . 2009-12-01 20:48 -------- d-----w- c:\program files\Google
2009-12-23 12:03 . 2009-12-01 22:07 70656 ----a-w- c:\windows\notepad.exe
2009-12-23 11:50 . 2009-12-01 21:29 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-12-23 11:49 . 2009-12-01 22:15 -------- d-----w- c:\program files\Messenger Plus! Live
2009-12-23 11:35 . 2004-08-04 12:00 1108480 ----a-w- c:\windows\system32\setupapi(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 4408320 ----a-w- c:\windows\system32\xpsp2res(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 10830336 ----a-w- c:\windows\system32\shell32(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 2263040 ----a-w- c:\windows\system32\netshell(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 1477120 ----a-w- c:\windows\system32\msgina(2)(3).dll
2009-12-23 11:35 . 2009-12-01 19:21 394752 ----a-w- c:\windows\system32\wuapi(2)(2)(2).dll
2009-12-23 11:35 . 2004-08-04 12:00 840192 ----a-w- c:\windows\system32\rasdlg(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 189952 ----a-w- c:\windows\system32\credui(2)(3).dll
2009-12-23 11:35 . 2004-08-04 12:00 738304 ----a-w- c:\windows\system32\comctl32(2)(3).dll
2009-12-22 12:03 . 2004-08-04 12:00 1949184 ----a-w- c:\windows\system32\logonui(2)(2).exe
2009-12-17 23:14 . 2009-12-01 21:30 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-16 11:37 . 2009-12-01 21:01 -------- d-----w- c:\documents and settings\Amer\Application Data\IDM
2009-12-15 17:04 . 2009-12-15 17:04 2678 ----a-w- c:\windows\java\Packages\Data\5VRLVBFR.DAT
2009-12-15 17:04 . 2009-12-15 17:04 2678 ----a-w- c:\windows\java\Packages\Data\3LNR9Z9J.DAT
2009-12-15 17:04 . 2009-12-15 17:04 2678 ----a-w- c:\windows\java\Packages\Data\BD7V9JXF.DAT
2009-12-15 17:04 . 2009-12-15 17:04 2678 ----a-w- c:\windows\java\Packages\Data\0BBTJR9V.DAT
2009-12-15 17:04 . 2009-12-15 17:04 2678 ----a-w- c:\windows\java\Packages\Data\JJ1V139Z.DAT
2009-12-08 16:51 . 2009-12-01 19:56 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-01 22:08 . 2009-12-01 22:08 -------- d-----w- c:\program files\Ace Utilities
2009-12-01 22:06 . 2009-12-01 19:56 80760 ----a-w- c:\documents and settings\Amer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-01 21:37 . 2009-12-01 21:37 -------- d-----w- c:\program files\Common Files\Windows Live
2009-12-01 21:29 . 2009-12-01 21:29 -------- d-----w- c:\documents and settings\Amer\Application Data\TuneUp Software
2009-12-01 21:29 . 2009-12-01 21:28 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-12-01 21:28 . 2009-12-01 21:28 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-12-01 21:25 . 2009-12-01 21:25 -------- d-----w- c:\program files\FreeTime
2009-12-01 21:02 . 2009-12-01 21:02 198064 ----a-w- c:\documents and settings\Amer\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-12-01 20:19 . 2009-12-01 20:19 -------- d-----w- c:\program files\Analogue Vista Clock
2009-12-01 19:57 . 2009-12-01 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-01 19:56 . 2009-12-01 19:56 -------- d-----w- c:\program files\Avira
2009-12-01 19:25 . 2009-12-01 19:25 -------- d-----w- c:\program files\microsoft frontpage
2009-12-01 19:19 . 2009-12-01 19:19 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.

------- Sigcheck -------

[-] 2009-12-23 . C6C281E916D12BF2EAE49EC03D7435EE . 112640 . . [5.4.3790.2180] . . c:\windows\system32\wuauclt.exe
[-] 2009-12-23 . C6C281E916D12BF2EAE49EC03D7435EE . 112640 . . [5.4.3790.2180] . . c:\windows\system32\dllcache\wuauclt.exe

[-] 2009-12-23 . DA27A9A7E4535258E2CE35F366F80431 . 738304 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-12-23 . DA27A9A7E4535258E2CE35F366F80431 . 738304 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2009-12-23 . B3BD5F6533DC1692E1076ED28C7D8C6F . 3787264 . . [7.00.5730.13] . . c:\windows\system32\mshtml.dll
[-] 2009-12-23 . B3BD5F6533DC1692E1076ED28C7D8C6F . 3787264 . . [7.00.5730.13] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2004-08-04 . 376E0843B2356CA91CEC8D9837A56FF7 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll

[-] 2009-12-23 . B40EB7C75C2CEAAB5328A3BF0209A430 . 1655808 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2009-12-23 . B40EB7C75C2CEAAB5328A3BF0209A430 . 1655808 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Analogue Vista Clock"="c:\program files\Analogue Vista Clock\Analogue Vista Clock.exe" [2007-11-09 466944]
"Google Update"="c:\documents and settings\Amer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-12-01 135664]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2008-06-22 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 46592]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-06-01 270336]
"snpstd3"="c:\windows\vsnpstd3.exe" [2007-05-10 835584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-02-10 12:40 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 18:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-04 12:00 208952 ----a-w- c:\windows\ime\IMJP8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-04 12:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2007-06-01 08:48 270336 ----a-w- c:\windows\tsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [01/12/2009 10:56 م 97608]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [01/12/2009 10:56 م 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [01/12/2009 10:56 م 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [01/12/2009 10:56 م 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [01/12/2009 10:56 م 434945]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [02/12/2009 01:46 ص 93320]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18/12/2009 02:12 ص 1044808]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [01/12/2009 10:56 م 69632]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14/10/2009 07:24 ص 10064]

--- Other Services/Drivers In Memory ---

*Deregistered* - DwShield00001151

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-12-30 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]

2009-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-515967899-1417001333-1003Core.job
- c:\documents and settings\Amer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-01 20:25]

2009-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-343818398-515967899-1417001333-1003UA.job
- c:\documents and settings\Amer\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-01 20:25]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-DrvIcon - c:\docume~1\Amer\LOCALS~1\Temp\Rar$EX02.875\VistaDriveIcon\DrvIcon.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-12-31 00:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(920)
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(1008)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-12-31 00:59:30
ComboFix-quarantined-files.txt 2009-12-30 21:59

Pre-Run: 16,714,485,760 bytes free
Post-Run: 16,704,565,248 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 93FF8440147C34323FC325B29EF8C803

Dark Soul · 31 ديسمبر 2009

رجاء ساعدوني :f:

MAAX · 31 ديسمبر 2009

اعمل التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Dark Soul · 31 ديسمبر 2009

اتفضل التقرير

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Dark Soul · 31 ديسمبر 2009

إن شاء الله تكون لقيت الحل

Dark Soul · 1 يناير 2010

هل من حل يا إخوان ؟؟

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومي جديد

عضوشرف

زيزوومي جديد

زيزوومى مبدع

توقيع : anas2009

زيزوومي جديد

زيزوومى مبدع

توقيع : anas2009

زيزوومي جديد

زيزوومي ماسى

توقيع : format

زيزوومي جديد

زيزوومي ماسى

توقيع : format

عضوشرف

زيزوومي جديد

زيزوومي نشيط

زيزوومي نشيط

زيزوومي جديد

زيزوومي جديد

عضوشرف

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم