أيقونة خطأ تطبيق ... ما الحل ؟؟

ن

نجم أحمر

زيزوومي جديد
إنضم
17 يناير 2009
المشاركات
88
مستوى التفاعل
0
النقاط
80
غير متصل
السلام عليكم
تظهر لي كل شوي هالايقونة هذه
12621852791.jpg


وهذا تقرير للجهاز
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:59:56 م, on 30/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\HyperTechnologies\Deep Freeze\DfServEx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\HyperTechnologies\Deep Freeze\_$Df\FrzState.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\honestech\honestech TVR 2.5\scheduleTV.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mobily Connect Card\Mobily Connect Card.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: TVR Scheduler.lnk = C:\Program Files\honestech\honestech TVR 2.5\scheduleTV.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &لوحة مفاتيح ظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: فحص عناوين المواقع (URL) - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{09D5C891-371F-4BFA-B675-5FE060669DA1}: NameServer = 84.23.101.84 84.23.101.85
O17 - HKLM\System\CS1\Services\Tcpip\..\{09D5C891-371F-4BFA-B675-5FE060669DA1}: NameServer = 84.23.101.84 84.23.101.85
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: DfLogon - C:\WINDOWS\SYSTEM32\LogonDll.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: DFServEx - Hyper Technologies Inc. - C:\Program Files\HyperTechnologies\Deep Freeze\DfServEx.exe
O23 - Service: خدمة تحديث Google (gupdate1ca4371a4537ec2) (gupdate1ca4371a4537ec2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8387 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
توقيع : anas2009
تأييد 0

بعدها اعمل التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



دبل كلك عليها تظهر قائمة بالبرامج المثبته

اعمل صوره وضعها بردك القادم​
 
توقيع : anas2009
تأييد 0
يعطيكم العافية
هذا التقرير كما طلبتم

Malwarebytes' Anti-Malware 1.42
نسخة قاعدة البيانات: 3456
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

30/12/2009 10:00:07 م
mbam-log-2009-12-30 (22-00-07).txt

نوع البحث: بحث شامل (C:\|D:\|E:\|F:\|)
تم فحص: 185598
الوقت المنقضى: 32 minute(s), 15 second(s)

عمليات الذاكرة المصابة: 0
وحدات الذاكرة المصابة: 0
مفاتيح التسجيل المصابة: 0
قيم التسجيل المصابة: 0
بيانات التسجيل المصابة: 1
مجلدات مصابة: 0
ملفات مصابة: 13

عمليات الذاكرة المصابة:
(لم يتم الكشف عن أية عناصر ضارة)

وحدات الذاكرة المصابة:
(لم يتم الكشف عن أية عناصر ضارة)

مفاتيح التسجيل المصابة:
(لم يتم الكشف عن أية عناصر ضارة)

قيم التسجيل المصابة:
(لم يتم الكشف عن أية عناصر ضارة)

بيانات التسجيل المصابة:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

مجلدات مصابة:
(لم يتم الكشف عن أية عناصر ضارة)

ملفات مصابة:
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0052514.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0052697.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0052735.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0052882.exe (Malware.Tool) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0052896.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\System Volume Information\_restore{254CD886-C2E1-4B06-AC26-A1D722507E89}\RP122\A0053038.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.
E:\بـرامــج\البرامج بشكل عام\Internet Download Manager 5.12 Build 8\internet.download.manager.5.xx.retail-patch.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
E:\بـرامــج\البرامج بشكل عام\Nero 8 Micro 8.1.1.0\Keygen\Plug-ins Keygen.0xe (Malware.Packer) -> Quarantined and deleted successfully.
E:\بـرامــج\البرامج بشكل عام\SnagIt 9\keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
E:\بـرامــج\البرامج بشكل عام\الريل بلير 11\RealPlayer v11.0 Build 6.0.14.536 Plus Beta\Premium Activator v1.0\Activator.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\بـرامــج\البرامج بشكل عام\محول الصوتيات الثامن\record Crack.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\بـرامــج\برامج حماية\كاسبر 2009\xp_simulation_setup\Tutorial.exe (Trojan.Agent) -> Quarantined and deleted successfully.
E:\من هنا أتعلم\فوتوشوب\دروس\تعلم الفوتوشوب مع أبوتميم.exe (Spyware.AdaEbook) -> Quarantined and deleted successfully.


وتفضل البرامج على صورتين

12622005021.jpg


12622005022.jpg
 
تأييد 0
up
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
هلا بك ..
تفضل

ComboFix 09-12-30.01 - User 12/31/2009 13:30:39.2.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1014.377 [GMT 3:00]
Running from: c:\documents and settings\User\سطح المكتب\ComboFix.exe
AV: برنامج Kaspersky لأمان الإنترنت *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: برنامج Kaspersky لأمان الإنترنت *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Bluetooth.lnk
F:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-31 )))))))))))))))))))))))))))))))
.

2009-12-30 18:16 . 2009-12-30 18:16 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes
2009-12-30 18:16 . 2009-12-03 13:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 18:16 . 2009-12-30 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-30 18:16 . 2009-12-03 13:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-30 18:16 . 2009-12-30 18:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 08:51 . 2003-01-27 17:31 63016 ----a-w- c:\windows\system32\perfc001.dat
2009-12-31 08:51 . 2003-01-27 17:31 337822 ----a-w- c:\windows\system32\perfh001.dat
2009-12-17 13:33 . 2009-11-30 15:32 79488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-22 14:54 . 2009-11-22 14:54 -------- d-----w- c:\program files\TubeSucker
2009-11-20 10:38 . 2009-11-20 10:38 -------- d-----w- c:\program files\SmartFTP Client 3.0 Setup Files
2009-11-20 10:14 . 2009-11-20 10:14 -------- d-----w- c:\documents and settings\User\Application Data\SmartFTP
2009-11-18 11:11 . 2009-11-18 11:11 -------- d-----w- c:\program files\GlobFX
2009-11-08 10:33 . 2009-11-08 10:33 -------- d-----w- c:\program files\platform 32 soap
2009-10-14 22:02 . 2009-08-29 14:46 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-10-14 22:02 . 2009-08-29 14:46 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-10-02 15:06 . 2009-05-22 17:33 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-08-29 15:44 . 2009-08-29 14:47 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
.

------- Sigcheck -------

[-] 2009-01-25 . 6E932D21E116B51ED9D5157E31C48E33 . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-09-20_02.34.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-31 10:36 . 2009-12-31 10:36 16384 c:\windows\temp\Perflib_Perfdata_23c.dat
- 2003-01-27 17:31 . 2009-09-20 02:00 62992 c:\windows\system32\perfc009.dat
+ 2003-01-27 17:31 . 2009-12-31 08:51 62992 c:\windows\system32\perfc009.dat
+ 2003-09-04 11:14 . 2003-09-04 11:14 94208 c:\windows\system32\Macromed\Flash\GetFlash.exe
+ 2009-09-21 02:06 . 2008-04-01 18:40 24720 c:\windows\system32\IVIresize.dll
+ 2009-10-12 08:59 . 2008-09-26 15:00 24448 c:\windows\system32\drivers\ewdcsc.sys
- 2009-05-23 01:32 . 2009-08-19 14:27 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-23 01:32 . 2009-10-11 16:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-23 01:32 . 2009-08-19 14:27 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-05-23 01:32 . 2009-10-11 16:39 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-09-22 20:40 . 2009-10-11 16:39 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-05-23 01:32 . 2009-08-19 14:27 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-11-10 08:17 . 2009-11-10 08:17 22528 c:\windows\Installer\25e7a4.msi
+ 2009-10-16 11:18 . 2009-03-08 13:08 58448 c:\windows\ie8\spuninst\iecustom.dll
- 2009-08-10 01:05 . 2009-03-08 13:08 58448 c:\windows\ie8\spuninst\iecustom.dll
- 2009-08-10 01:03 . 2007-08-13 15:36 44544 c:\windows\ie8\pngfilt.dll
+ 2009-10-16 11:16 . 2007-08-13 15:36 44544 c:\windows\ie8\pngfilt.dll
- 2009-08-10 01:03 . 2007-08-13 15:01 48128 c:\windows\ie8\mshtmler.dll
+ 2009-10-16 11:16 . 2007-08-13 15:01 48128 c:\windows\ie8\mshtmler.dll
- 2009-08-10 01:03 . 2007-08-13 15:32 45568 c:\windows\ie8\mshta.exe
+ 2009-10-16 11:16 . 2007-08-13 15:32 45568 c:\windows\ie8\mshta.exe
- 2009-08-10 01:03 . 2007-08-13 15:36 12288 c:\windows\ie8\msfeedssync.exe
+ 2009-10-16 11:16 . 2007-08-13 15:36 12288 c:\windows\ie8\msfeedssync.exe
- 2009-08-10 01:03 . 2007-08-13 15:54 50688 c:\windows\ie8\msfeedsbs.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 50688 c:\windows\ie8\msfeedsbs.dll
- 2009-08-10 01:03 . 2007-08-13 15:44 40960 c:\windows\ie8\licmgr10.dll
+ 2009-10-16 11:16 . 2007-08-13 15:44 40960 c:\windows\ie8\licmgr10.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 27136 c:\windows\ie8\jsproxy.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 27136 c:\windows\ie8\jsproxy.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 92672 c:\windows\ie8\inseng.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 92672 c:\windows\ie8\inseng.dll
- 2009-08-10 01:03 . 2007-08-13 15:36 36352 c:\windows\ie8\imgutil.dll
+ 2009-10-16 11:16 . 2007-08-13 15:36 36352 c:\windows\ie8\imgutil.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 55296 c:\windows\ie8\iesetup.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 55296 c:\windows\ie8\iesetup.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 43008 c:\windows\ie8\iernonce.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 43008 c:\windows\ie8\iernonce.dll
- 2009-08-10 01:03 . 2007-08-13 15:45 78336 c:\windows\ie8\ieencode.dll
+ 2009-10-16 11:16 . 2007-08-13 15:45 78336 c:\windows\ie8\ieencode.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 54784 c:\windows\ie8\ie4uinit.exe
+ 2009-10-16 11:16 . 2007-08-13 15:39 54784 c:\windows\ie8\ie4uinit.exe
- 2009-08-10 01:03 . 2007-08-13 15:36 61952 c:\windows\ie8\icardie.dll
+ 2009-10-16 11:16 . 2007-08-13 15:36 61952 c:\windows\ie8\icardie.dll
- 2009-08-10 01:03 . 2007-08-13 15:18 60416 c:\windows\ie8\hmmapi.dll
+ 2009-10-16 11:16 . 2007-08-13 15:18 60416 c:\windows\ie8\hmmapi.dll
+ 2009-10-16 11:16 . 2007-08-13 15:42 17408 c:\windows\ie8\corpol.dll
- 2009-08-10 01:03 . 2007-08-13 15:42 17408 c:\windows\ie8\corpol.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 71680 c:\windows\ie8\admparse.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 71680 c:\windows\ie8\admparse.dll
+ 2009-09-23 00:29 . 2002-03-16 23:00 7420 c:\windows\UA000106.DLL
+ 2002-03-17 00:00 . 2002-03-17 00:00 7420 c:\windows\UA000035.DLL
+ 2009-10-02 15:06 . 2009-10-02 15:06 5632 c:\windows\system32\pndx5032.dll
- 2009-05-22 17:36 . 2009-05-23 12:31 5632 c:\windows\system32\pndx5032.dll
- 2009-05-22 17:36 . 2009-05-23 12:31 6656 c:\windows\system32\pndx5016.dll
+ 2009-10-02 15:06 . 2009-10-02 15:06 6656 c:\windows\system32\pndx5016.dll
+ 2006-06-05 11:14 . 2006-06-05 11:14 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
+ 2006-06-05 11:14 . 2006-06-05 11:14 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 11:14 . 2006-06-05 11:14 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
- 1999-03-25 22:00 . 1999-03-25 22:00 101888 c:\windows\system32\VB6STKIT.DLL
+ 2000-07-15 05:00 . 2000-07-15 05:00 101888 c:\windows\system32\vb6stkit.dll
+ 2004-01-30 12:07 . 2004-01-30 12:07 245408 c:\windows\system32\unicows.dll
- 2009-05-22 17:36 . 2009-05-23 12:32 185920 c:\windows\system32\rmoc3260.dll
+ 2009-10-02 15:07 . 2009-10-02 15:07 185920 c:\windows\system32\rmoc3260.dll
- 2009-05-22 17:36 . 2009-05-23 12:31 278528 c:\windows\system32\pncrt.dll
+ 2009-05-22 17:36 . 2009-10-02 15:06 278528 c:\windows\system32\pncrt.dll
+ 2003-01-27 17:31 . 2009-12-31 08:51 401712 c:\windows\system32\perfh009.dat
- 2003-01-27 17:31 . 2009-09-20 02:00 401712 c:\windows\system32\perfh009.dat
+ 2009-09-21 02:06 . 2008-04-01 18:40 209040 c:\windows\system32\IVIresizeW7.dll
+ 2009-09-21 02:06 . 2008-04-01 18:40 192656 c:\windows\system32\IVIresizePX.dll
+ 2009-09-21 02:06 . 2008-04-01 18:40 196752 c:\windows\system32\IVIresizeP6.dll
+ 2009-09-21 02:06 . 2008-04-01 18:40 196752 c:\windows\system32\IVIresizeM6.dll
+ 2009-09-21 02:06 . 2008-04-01 18:40 204944 c:\windows\system32\IVIresizeA6.dll
+ 2009-10-12 08:59 . 2008-09-26 15:01 621056 c:\windows\system32\drivers\mod7700.sys
+ 2009-10-12 08:59 . 2008-09-26 15:01 113664 c:\windows\system32\drivers\ewusbnet.sys
+ 2009-10-12 08:59 . 2008-09-26 15:01 101376 c:\windows\system32\drivers\ewusbmdm.sys
+ 2009-09-21 15:58 . 2009-09-21 15:58 274432 c:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-09-21 10:53 . 2009-09-21 10:53 884224 c:\windows\Installer\17e4011.msi
+ 2009-09-23 01:09 . 2009-09-23 01:09 292878 c:\windows\Installer\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\ARPPRODUCTICON.exe
- 2009-05-23 11:09 . 2009-05-23 11:10 292878 c:\windows\Installer\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}\ARPPRODUCTICON.exe
+ 2009-12-30 18:31 . 2009-12-30 18:31 295606 c:\windows\Installer\{AC76BA86-7AD7-1025-7B44-A80000000000}\SC_Reader.exe
- 2009-08-10 01:03 . 2007-08-13 15:54 818688 c:\windows\ie8\wininet.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 818688 c:\windows\ie8\wininet.dll
- 2009-08-10 01:03 . 2007-08-13 15:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2009-10-16 11:16 . 2007-08-13 15:45 206336 c:\windows\ie8\winfxdocobj.exe
- 2009-08-10 01:03 . 2007-08-13 15:54 231424 c:\windows\ie8\webcheck.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 231424 c:\windows\ie8\webcheck.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 765952 c:\windows\ie8\vgx.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 765952 c:\windows\ie8\vgx.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 413696 c:\windows\ie8\vbscript.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 413696 c:\windows\ie8\vbscript.dll
+ 2009-10-16 11:16 . 2007-08-13 15:44 105984 c:\windows\ie8\url.dll
- 2009-08-10 01:03 . 2007-08-13 15:44 105984 c:\windows\ie8\url.dll
+ 2009-10-16 11:18 . 2009-01-07 15:20 380448 c:\windows\ie8\spuninst\updspapi.dll
- 2009-08-10 01:05 . 2009-01-07 15:20 380448 c:\windows\ie8\spuninst\updspapi.dll
- 2009-08-10 01:05 . 2009-01-07 15:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-10-16 11:18 . 2009-01-07 15:20 231456 c:\windows\ie8\spuninst\spuninst.exe
+ 2009-10-16 11:16 . 2006-09-06 14:42 213216 c:\windows\ie8\spuninst.exe
- 2009-08-10 01:03 . 2006-09-06 14:42 213216 c:\windows\ie8\spuninst.exe
+ 2009-10-16 11:16 . 2007-08-13 15:44 101376 c:\windows\ie8\occache.dll
- 2009-08-10 01:03 . 2007-08-13 15:44 101376 c:\windows\ie8\occache.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 670720 c:\windows\ie8\mstime.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 670720 c:\windows\ie8\mstime.dll
- 2009-08-10 01:03 . 2007-08-13 15:44 192000 c:\windows\ie8\msrating.dll
+ 2009-10-16 11:16 . 2007-08-13 15:44 192000 c:\windows\ie8\msrating.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 156160 c:\windows\ie8\msls31.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 156160 c:\windows\ie8\msls31.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 475648 c:\windows\ie8\mshtmled.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 475648 c:\windows\ie8\mshtmled.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 458752 c:\windows\ie8\msfeeds.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 458752 c:\windows\ie8\msfeeds.dll
- 2009-08-10 01:03 . 2007-08-13 15:38 491520 c:\windows\ie8\jscript.dll
+ 2009-10-16 11:16 . 2007-08-13 15:38 491520 c:\windows\ie8\jscript.dll
- 2009-08-10 01:03 . 2007-08-13 15:43 622080 c:\windows\ie8\iexplore.exe
+ 2009-10-16 11:16 . 2007-08-13 15:43 622080 c:\windows\ie8\iexplore.exe
- 2009-08-10 01:03 . 2007-08-13 15:54 180736 c:\windows\ie8\ieui.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 180736 c:\windows\ie8\ieui.dll
- 2009-08-10 01:03 . 2007-08-13 15:34 266752 c:\windows\ie8\iertutil.dll
+ 2009-10-16 11:16 . 2007-08-13 15:34 266752 c:\windows\ie8\iertutil.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 287744 c:\windows\ie8\ieproxy.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 287744 c:\windows\ie8\ieproxy.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 191488 c:\windows\ie8\iepeers.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 191488 c:\windows\ie8\iepeers.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 382976 c:\windows\ie8\iedkcs32.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 382976 c:\windows\ie8\iedkcs32.dll
+ 2009-10-16 11:16 . 2007-07-11 09:27 383488 c:\windows\ie8\ieapfltr.dll
- 2009-08-10 01:03 . 2007-07-11 09:27 383488 c:\windows\ie8\ieapfltr.dll
- 2009-08-10 01:03 . 2007-08-13 14:56 161792 c:\windows\ie8\ieakui.dll
+ 2009-10-16 11:16 . 2007-08-13 14:56 161792 c:\windows\ie8\ieakui.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 229376 c:\windows\ie8\ieaksie.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 229376 c:\windows\ie8\ieaksie.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 152064 c:\windows\ie8\ieakeng.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 152064 c:\windows\ie8\ieakeng.dll
- 2009-08-10 01:03 . 2007-08-13 15:35 214528 c:\windows\ie8\dxtrans.dll
+ 2009-10-16 11:16 . 2007-08-13 15:35 214528 c:\windows\ie8\dxtrans.dll
- 2009-08-10 01:03 . 2007-08-13 15:35 346624 c:\windows\ie8\dxtmsft.dll
+ 2009-10-16 11:16 . 2007-08-13 15:35 346624 c:\windows\ie8\dxtmsft.dll
- 2009-08-10 01:03 . 2007-08-13 15:39 123904 c:\windows\ie8\advpack.dll
+ 2009-10-16 11:16 . 2007-08-13 15:39 123904 c:\windows\ie8\advpack.dll
+ 2004-12-03 08:26 . 2004-12-03 08:26 356352 c:\windows\eSellerateEngine.dll
+ 2009-09-22 20:25 . 2009-10-11 16:37 1177052 c:\windows\system32\Restore\rstrlog.dat
+ 2009-09-23 01:09 . 2009-09-23 01:09 4416000 c:\windows\Installer\778231.msi
+ 2009-12-30 18:31 . 2009-12-30 18:31 3683840 c:\windows\Installer\191d89.msi
- 2009-08-10 01:03 . 2007-08-13 15:54 1162240 c:\windows\ie8\urlmon.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 1162240 c:\windows\ie8\urlmon.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 3578368 c:\windows\ie8\mshtml.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 3578368 c:\windows\ie8\mshtml.dll
- 2009-08-10 01:03 . 2007-08-13 15:54 6049280 c:\windows\ie8\ieframe.dll
+ 2009-10-16 11:16 . 2007-08-13 15:54 6049280 c:\windows\ie8\ieframe.dll
+ 2009-10-16 11:16 . 2007-02-12 13:10 2451312 c:\windows\ie8\ieapfltr.dat
- 2009-08-10 01:03 . 2007-02-12 13:10 2451312 c:\windows\ie8\ieapfltr.dat
+ 2009-08-29 05:08 . 2009-08-29 05:08 11069440 c:\windows\system32\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-30 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-30 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-30 137752]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-23 148888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-02 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-5-22 50688]
SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-22 113664]
TVR Scheduler.lnk - c:\program files\honestech\honestech TVR 2.5\scheduleTV.exe [2009-8-22 311296]
«©م، ¢¬نïé Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DfLogon]
2002-08-26 10:17 49152 ----a-w- c:\windows\system32\LogonDll.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\W32X86\\3\\HP1006MC.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 DepFrzHi;DepFrzHi;c:\windows\system32\drivers\DepFrzHi.sys [26/08/2002 01:16 م 12288]
R0 DepFrzLo;DepFrzLo;c:\windows\system32\drivers\DepFrzLo.sys [26/08/2002 01:15 م 52709]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15/12/2008 08:41 م 33808]
R2 DFServEx;DFServEx;c:\program files\HyperTechnologies\Deep Freeze\DFServEx.exe [26/08/2002 01:15 م 288256]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [16/09/2009 04:43 ص 54752]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13/05/2009 05:46 م 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16/05/2009 08:59 م 19472]
S2 gupdate1ca4371a4537ec2;خدمة تحديث Google (gupdate1ca4371a4537ec2);c:\program files\Google\Update\GoogleUpdate.exe [02/10/2009 06:04 م 133104]
S3 fsssvc;خدمة أمان العائلة في Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 10:48 م 704864]
S3 TridVid;Trident Analog Video;c:\windows\system32\drivers\TridVid.sys [19/08/2009 05:49 م 201216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-12-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1292428093-682003330-1003Core.job
- c:\documents and settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-07 14:54]

2009-12-31 c:\windows\Tasks\User_Feed_Synchronization-{4FCC5DB1-D356-43E9-B62B-2865C7BDD001}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]

2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-02 15:04]

2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-02 15:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\xnadajzm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\User\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-12-31 13:37
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-436374069-1292428093-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\k“*9D'E'* *:J1 *'DE1*Q()]
"Order"=hex:08,00,00,00,02,00,00,00,78,00,00,00,01,00,00,00,01,00,00,00,6c,00,
00,00,fb,ff,ff,ff,5e,00,32,00,6e,00,00,00,9d,3b,ab,6e,20,00,53,50,45,45,44,\

[HKEY_USERS\S-1-5-21-436374069-1292428093-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\کs“*9D'E'* *:J1 *'DE1*Q()]
"Order"=hex:08,00,00,00,02,00,00,00,78,00,00,00,01,00,00,00,01,00,00,00,6c,00,
00,00,fb,ff,ff,ff,5e,00,32,00,6e,00,00,00,82,3b,28,a2,20,00,53,50,45,45,44,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{29e24508-f5a3-4e92-820d-e150ca60bd39}]
@Denied: (Full) (Everyone)
"Model"=dword:000000d5
"Therad"=dword:0000000f
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,04,7a,b1,b5,76,9b,27,47,a6,cc,f7,99,c0,1e,5f,3c,90,77,26,2f,d3,e7,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ad,e5,5f,33,94,8c,5e,3c,98,3e,b3,99,50,9a,e1,b8,a4,31,53,f3,53,
17,66,68,d6,eb,40,26,7d,39,0d,5c,79,f5,76,2f,48,e8,c8,f4,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1320)
c:\windows\system32\LogonDll.dll

- - - - - - - > 'explorer.exe'(3072)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
c:\windows\system32\igfxres.dll
c:\windows\system32\igfxress.dll
c:\windows\system32\igfxsrvc.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\HyperTechnologies\Deep Freeze\_$Df\FrzState.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\TechSmith\SnagIt 9\TSCHelp.exe
c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
c:\program files\TechSmith\SnagIt 9\snagiteditor.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2009-12-31 13:41:09 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-31 10:41
ComboFix2.txt 2009-09-20 02:38

Pre-Run: 15,794,782,208 bytes free
Post-Run: 17,057,218,560 bytes free

- - End Of File - - CED15B58DBDB8A923FFE59D73F7C6D4D
 
تأييد 0
لا زالت المشكلة موجودة :/
 
تأييد 0
فعل تحديثات الوندوز

اضغط على إبدأ >> تشغيل >> واكتب wuaucpl.cpl واضغط على موافق , واعمل كما بالصوره

zyzoom-f05d365a13.png
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى