عندما افتح الوندوز بطلع شيئ غريب

M

makoo

زيزوومى مميز
إنضم
14 أبريل 2009
المشاركات
730
مستوى التفاعل
39
النقاط
530
غير متصل
السلام عليكم ..

مرات (لكن قليل عندما تحدث ) عندما افتح الوندوز أي بعدما اضع الرقم السري لحسابي
بطلع لي هذا

849236894.jpg




وهذه صورة مكبرة اكثر

288692458.jpg



لما تطلع لي هذه الايكونه بفتح الوندوز بلاقي كل شي محذوف وتغير
لما اعمل اعادة تشغيل للكمبيوتر برجع كل شي تمام

ما هذه المشكلة؟ ساعدوني وبارك الله فيكم ..​
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
توقيع : ساكن الروح
تأييد 0
اول شيئ عذرا لان الصور مش واضحة (لان الصور من جوالي) ولم استطع تصوير المشكلة من نفس الكمبيوتر لان الوندوز لم يفتح بعد ..

وهذا تقرير الهايجاك




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:14:43 م, on 05/02/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Bra'a\Desktop\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-746137067-152049171-839522115-1011\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-21-746137067-152049171-839522115-1011\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-746137067-152049171-839522115-1011\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 8149 bytes​
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

شرح تعطيل الكاسبر

طريقة تعطيل الكاسبر :: Pause Protection :: والتفعيل
الشرح مقدم من

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



i23132_1247448596.gif



 
توقيع : Technology G!rl
تأييد 0
تفضلي اختي هذا تقرير للاداة الي اعطتيني اياها



ComboFix 10-02-05.01 - Bra'a 02/05/2010 22:04:57.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.962.1033.18.2039.1565 [GMT 2:00]
Running from: c:\documents and settings\Bra'a\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((( Files Created from 2010-01-05 to 2010-02-05 )))))))))))))))))))))))))))))))
.
2010-02-03 15:54 . 2010-02-03 15:54 -------- d-----w- c:\documents and settings\Bra'a\Local Settings\Application Data\Threat Expert
2010-01-31 23:58 . 2010-02-01 19:45 -------- d-----w- c:\documents and settings\Bra'a\Local Settings\Application Data\Runscanner.net
2010-01-29 19:01 . 2010-02-03 12:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-21 15:12 . 2010-01-21 15:12 -------- d-----w- c:\program files\Common Files\xing shared
2010-01-21 10:44 . 2010-01-21 15:53 -------- d-----w- c:\documents and settings\Bra'a\Application Data\DMCache
2010-01-21 10:44 . 2010-01-21 10:58 -------- d-----w- c:\documents and settings\Bra'a\Application Data\IDM
2010-01-21 10:44 . 2010-01-21 15:55 -------- d-----w- c:\program files\Internet Download Manager
2010-01-20 17:04 . 2010-01-20 17:04 -------- d-----w- c:\program files\Conduit
2010-01-20 17:04 . 2010-01-20 17:04 -------- d-----w- c:\documents and settings\Bra'a\Local Settings\Application Data\Conduit
2010-01-15 22:10 . 2010-01-15 22:10 -------- d-----w- c:\documents and settings\D.H\Application Data\Switchball
2010-01-15 20:00 . 2010-01-15 20:00 -------- d-----w- c:\program files\GoldWave
2010-01-13 00:25 . 2010-02-05 20:04 -------- d-----w- c:\windows\system32\CatRoot2
2010-01-13 00:17 . 2010-01-13 00:17 -------- d-----w- C:\backups
2010-01-11 00:05 . 2010-01-24 17:05 -------- d-----w- c:\program files\Windows Live Safety Center
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-05 21:31 . 2010-01-03 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-02-05 04:06 . 2009-01-15 14:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-03 07:14 . 2009-06-04 16:10 547 ----a-w- c:\windows\AntiTrial.bin
2010-02-02 23:04 . 2009-01-09 23:21 -------- d-----w- c:\program files\Paltalk Messenger
2010-01-29 16:24 . 2009-07-26 22:36 -------- d-----w- c:\documents and settings\Bra'a\Application Data\Any Video Converter
2010-01-21 15:13 . 2008-12-22 12:54 -------- d-----w- c:\program files\Common Files\Real
2010-01-21 15:12 . 2008-12-22 12:54 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-20 16:13 . 2009-02-28 12:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-11 17:42 . 2008-12-22 09:38 33384 ----a-w- c:\documents and settings\Bra'a\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-05 18:33 . 2010-01-05 18:33 -------- d-----w- c:\documents and settings\Bra'a\Application Data\RetouchPilot
2010-01-05 10:00 . 2004-08-04 12:00 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2004-08-04 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-08-04 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-01-03 20:44 . 2010-01-03 20:44 -------- d-----w- c:\program files\AGEIA Technologies
2010-01-03 20:44 . 2010-01-03 20:20 -------- d-----w- c:\documents and settings\Bra'a\Application Data\GetRightToGo
2010-01-03 20:44 . 2010-01-03 20:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-03 20:06 . 2010-01-03 20:06 -------- d-----w- c:\documents and settings\Bra'a\Application Data\Switchball
2010-01-03 20:06 . 2010-01-03 20:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2010-01-03 16:35 . 2010-01-03 16:35 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2010-01-03 16:35 . 2010-01-03 16:35 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2010-01-03 16:35 . 2010-01-03 16:35 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2010-01-03 16:35 . 2010-01-03 16:35 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2010-01-03 16:35 . 2010-01-03 16:35 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2010-01-03 16:34 . 2010-01-03 16:34 80400 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-01-03 16:34 . 2010-01-03 16:34 80400 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\fssync.dll
2010-01-03 16:00 . 2010-01-03 16:00 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2010-01-03 16:00 . 2010-01-03 16:00 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2010-01-03 16:00 . 2008-12-22 12:59 -------- d-----w- c:\program files\Kaspersky Lab
2010-01-03 15:59 . 2008-12-22 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-01-03 14:51 . 2010-01-03 14:51 -------- d-----w- c:\program files\NextSecurity.NET
2010-01-03 14:51 . 2008-12-21 21:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-02 15:33 . 2010-01-02 15:33 -------- d-----w- c:\documents and settings\D.H\Application Data\PC Suite
2009-12-25 12:25 . 2009-12-24 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-25 10:52 . 2009-12-25 10:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-12-25 05:36 . 2008-12-22 12:54 -------- d-----w- c:\program files\Google
2009-12-24 20:27 . 2009-12-24 20:26 1975408 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\GoogleToolbarInstaller_en32_signed.exe
2009-12-24 18:04 . 2009-12-24 18:04 8704 ----a-w- c:\documents and settings\D.H\Application Data\Thinstall\AppData\1000000a00002h\dplaysvr.exe
2009-12-12 15:48 . 2009-12-12 15:48 -------- d-----w- c:\program files\MSXML 4.0
2009-12-12 02:45 . 2009-12-12 02:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-12-12 02:44 . 2009-12-12 02:09 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-12 02:44 . 2009-12-12 02:08 -------- d-----w- c:\program files\Nokia
2009-12-12 02:43 . 2009-12-12 02:43 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2009-12-12 02:43 . 2009-12-12 02:43 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-12 02:43 . 2009-12-12 02:43 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-12 02:42 . 2009-12-11 13:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-12-12 02:42 . 2009-12-12 02:44 24462216 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_ar.exe
2009-12-12 02:18 . 2009-12-12 02:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-12 02:17 . 2009-12-12 02:17 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-12 02:17 . 2009-12-11 13:57 -------- d-----w- c:\documents and settings\Bra'a\Application Data\PC Suite
2009-12-12 02:17 . 2009-12-11 13:57 -------- d-----w- c:\documents and settings\Bra'a\Application Data\Nokia
2009-12-12 02:17 . 2009-12-11 13:57 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-12-12 02:17 . 2009-12-12 02:17 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-12 02:17 . 2009-12-12 02:17 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-12 02:09 . 2009-12-12 02:09 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-12 02:08 . 2009-12-12 02:08 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-12 02:08 . 2009-12-12 02:08 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-12 02:08 . 2009-12-12 02:08 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-12 02:08 . 2009-12-12 02:08 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-12 02:08 . 2009-12-12 02:08 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-12 02:06 . 2009-12-12 02:08 34691976 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_ara_web.exe
2009-12-11 13:57 . 2009-12-11 13:57 -------- d-----w- c:\program files\DIFX
2009-12-11 13:56 . 2009-12-11 13:56 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-11 13:56 . 2009-12-11 13:56 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-11 13:56 . 2009-12-11 13:56 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-21 15:51 . 2004-08-04 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-14 13:06 . 2009-11-14 13:06 59992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
2008-03-09 04:25 . 2009-07-27 12:29 236 ---ha-w- c:\program files\Common Files\dx.reg
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-29 16859648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-10-03 39792]
"CTSysVol"="c:\program files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-21 198160]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-12-23 11552768]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Counter\\hl2.exe"=
"c:\\kav\\kav7.0\\english\\setup.exe"=
"e:\\Counter\\srcds.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"e:\\العاب الريد اليرت\\Red Alert 2\\GAME.EXE"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"e:\\Generals\\game.dat"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 08:18 م 36880]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [28/02/2009 02:06 م 54752]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 01:42 م 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/10/2009 06:39 م 19472]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 10:48 م 704864]
S3 NSPacket;NextSecurity Packet Driver;c:\windows\system32\drivers\nspacket.sys [03/01/2010 04:51 م 32768]
S3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.SYS [05/05/2006 03:59 م 131200]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.jo/
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2010-02-05 23:31
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-746137067-152049171-839522115-1003\Software\Behest\SermonRecorder\XData*Awkward]
"XData_V2"=hex:7d,43,7c,47,06,42,97,0c,2e,ec,32,bc,53,68,63,61,a7,4a,dc,72,1f,
46,da,ef,52,98,56,0f,f0,11,b7,a3,14,c0,10,60,16,3b,67,d4,27,3b,b4,c3,4c,c4,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4004)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\pctspk.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\PAStiSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-02-05 23:33:49 - machine was rebooted
ComboFix-quarantined-files.txt 2010-02-05 21:33
ComboFix2.txt 2010-01-31 22:33
Pre-Run: 25,830,801,408 bytes free
Post-Run: 25,922,621,440 bytes free
- - End Of File - - 19E2EE8DB6976796FA37F0D7227E3CC1
 
تأييد 0
توقيع : Technology G!rl
تأييد 0
هذا تقرير من برنامج ماولر

Malwarebytes' Anti-Malware 1.44
Database version: 3695
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
06/02/2010 02:00:19 ص
mbam-log-2010-02-06 (02-00-19).txt
Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 231399
Time elapsed: 22 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
 
تأييد 0
تأييد 0
حمل الملف التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وطبق عليه ها الشرح

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود
ثم نظف جهازك بهذه الاداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


وبلغنا اخر النتائج
 
توقيع : KoNaMi
تأييد 0
اخي KoNaMi طبقت مثل ما قلتلي

بعد ذلك هل انحلت مشكلتي ؟

لانه المشكلة الي بتصير عندي قليل ما تحدث ولا اعرف هل انحلت أو لا !


وطلب بسيط ايضاً هو ان عندي كمبيوتر ثاني وتأتي نفس المشكلة لكن قليل ايضا
هل اطبق على جهازي الاخر نفس الشيئ للحل الذي اعطيتموني اياه بهذا الموضوع ؟​
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى