اسعفوني يا اخوووان

  • بادئ الموضوع بادئ الموضوع xxxzoo122
  • تاريخ البدء تاريخ البدء
  • المشاهدات 866
X

xxxzoo122

زيزوومي نشيط
إنضم
6 ديسمبر 2007
المشاركات
161
مستوى التفاعل
0
النقاط
200
غير متصل
بسم الله الرحمن الرحيم​

السلام عليكم ورحمة الله وبركاته​

قبل كم يوم جات للكمبيوتر مشكله والي هي صار بطيئ وحتى عند تشغيل البرامج يقطع والصوت ايضا يقطع وصار في البوت يطول عشان يدخل الويندوز مع اني سويت جميع الطرق لحل المشكله لا كن دون جدوى
سويت بحث برنامج الكاسبر ما نفع شال كل الفيروسات بس ما برح بطيئ
واستخدمت برنامج ComboFix وهذا تقرير بعد استخدام برنامج ComboFix​

ComboFix 08-10-17.01 - user 10/18/2008 22:05:03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.399 [GMT 3:00]​
Running from: C:\Documents and Settings\user\سطح المكتب\ComboFix.exe​
* Created a new restore point​
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!​
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))​
.
C:\Documents and Settings\reedah.2005-80531CFD59.000\Application Data\addon.dat​
C:\WINDOWS\Downloaded Program Files\UGESW_0001_N122M1911NetInstaller.exe​
C:\WINDOWS\IE4 Error Log.txt​
C:\WINDOWS\system32\_004716_.tmp.dll​
C:\WINDOWS\system32\_004718_.tmp.dll​
C:\WINDOWS\system32\_004719_.tmp.dll​
C:\WINDOWS\system32\_004721_.tmp.dll​
C:\WINDOWS\system32\_004726_.tmp.dll​
C:\WINDOWS\system32\_004727_.tmp.dll​
C:\WINDOWS\system32\_004728_.tmp.dll​
C:\WINDOWS\system32\_004730_.tmp.dll​
C:\WINDOWS\system32\_004731_.tmp.dll​
C:\WINDOWS\system32\_004734_.tmp.dll​
C:\WINDOWS\system32\_004735_.tmp.dll​
C:\WINDOWS\system32\_004736_.tmp.dll​
C:\WINDOWS\system32\_004737_.tmp.dll​
C:\WINDOWS\system32\_004738_.tmp.dll​
C:\WINDOWS\system32\_004739_.tmp.dll​
C:\WINDOWS\system32\_004740_.tmp.dll​
C:\WINDOWS\system32\_004741_.tmp.dll​
C:\WINDOWS\system32\_004743_.tmp.dll​
C:\WINDOWS\system32\_004744_.tmp.dll​
C:\WINDOWS\system32\_004745_.tmp.dll​
C:\WINDOWS\system32\_004746_.tmp.dll​
C:\WINDOWS\system32\_004749_.tmp.dll​
C:\WINDOWS\system32\_004750_.tmp.dll​
C:\WINDOWS\system32\_004751_.tmp.dll​
C:\WINDOWS\system32\_004752_.tmp.dll​
C:\WINDOWS\system32\_004753_.tmp.dll​
C:\WINDOWS\system32\_004755_.tmp.dll​
C:\WINDOWS\system32\_004756_.tmp.dll​
C:\WINDOWS\system32\_004757_.tmp.dll​
C:\WINDOWS\system32\_004758_.tmp.dll​
C:\WINDOWS\system32\_004759_.tmp.dll​
C:\WINDOWS\system32\_004760_.tmp.dll​
C:\WINDOWS\system32\_004761_.tmp.dll​
C:\WINDOWS\system32\_004762_.tmp.dll​
C:\WINDOWS\system32\_004763_.tmp.dll​
C:\WINDOWS\system32\_004764_.tmp.dll​
C:\WINDOWS\system32\_004765_.tmp.dll​
C:\WINDOWS\system32\_004766_.tmp.dll​
C:\WINDOWS\system32\_004767_.tmp.dll​
C:\WINDOWS\system32\_004768_.tmp.dll​
C:\WINDOWS\system32\_004770_.tmp.dll​
C:\WINDOWS\system32\_004773_.tmp.dll​
C:\WINDOWS\system32\_004774_.tmp.dll​
C:\WINDOWS\system32\_004775_.tmp.dll​
C:\WINDOWS\system32\_004776_.tmp.dll​
C:\WINDOWS\system32\_004780_.tmp.dll​
C:\WINDOWS\system32\_004781_.tmp.dll​
C:\WINDOWS\system32\_004783_.tmp.dll​
C:\WINDOWS\system32\_004786_.tmp.dll​
C:\WINDOWS\system32\_004788_.tmp.dll​
C:\WINDOWS\system32\_004789_.tmp.dll​
C:\WINDOWS\system32\_004790_.tmp.dll​
C:\WINDOWS\system32\_004791_.tmp.dll​
C:\WINDOWS\system32\_004794_.tmp.dll​
C:\WINDOWS\system32\_004795_.tmp.dll​
C:\WINDOWS\system32\_004796_.tmp.dll​
C:\WINDOWS\system32\_004797_.tmp.dll​
C:\WINDOWS\system32\_004798_.tmp.dll​
C:\WINDOWS\system32\_004803_.tmp.dll​
C:\WINDOWS\system32\_004805_.tmp.dll​
C:\WINDOWS\system32\Bifrost​
C:\WINDOWS\system32\kakle.dll​
C:\WINDOWS\system32\Ultra.dll​
C:\WINDOWS\system32\winitn.dll​
.
((((((((((((((((((((((((( Files Created from 2008-09-18 to 2008-10-18 )))))))))))))))))))))))))))))))​
.
No new files created in this timespan​
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))​
.
2008-10-18 19:14 421,408 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat​
2008-10-18 19:14 --------- d-----w C:\Documents and Settings\user\Application Data\DMCache​
2008-10-18 19:11 44,684 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx​
2008-10-18 19:11 250,184 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx​
2008-10-18 19:11 18,590,240 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat​
2008-10-18 18:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP​
2008-10-18 18:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab​
2008-10-18 16:33 --------- d--h--w C:\Program Files\InstallShield Installation Information​
2008-10-18 16:22 --------- d-----w C:\Program Files\SoftwareDoctor​
2008-10-18 11:58 --------- d-----w C:\Program Files\Windows Live Safety Center​
2008-10-18 11:53 --------- d-----w C:\Program Files\PCBugDoctor​
2008-10-18 11:31 --------- d-----w C:\Program Files\Google​
2008-10-16 13:35 --------- d-----w C:\Program Files\Spyware Doctor​
2008-10-16 11:28 --------- d-----w C:\Documents and Settings\user\Application Data\PC Tools​
2008-10-16 06:07 --------- d-----w C:\Program Files\TuneUp Utilities 2008​
2008-10-16 06:06 --------- d-----w C:\Program Files\Startup Faster​
2008-10-14 18:18 --------- d-----w C:\Program Files\ONSPEED​
2008-10-14 18:14 --------- d-----w C:\Documents and Settings\user\Application Data\SlipStream​
2008-10-14 16:03 --------- d-----w C:\Documents and Settings\user\Application Data\ONSPEED_TOOLBAR​
2008-10-14 14:36 --------- d-----w C:\Documents and Settings\user\Application Data\Hide IP NG​
2008-10-14 14:24 880,032 ----a-w C:\WINDOWS\hideipng_5.exe​
2008-10-14 13:42 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE​
2008-10-14 13:24 --------- d-----w C:\Program Files\ExtraTools​
2008-10-12 08:40 --------- d-----w C:\Program Files\Circle Developement​
2008-10-11 02:22 --------- d-----w C:\Documents and Settings\user\Application Data\IDM​
2008-10-11 02:17 --------- d-----w C:\Documents and Settings\user\Application Data\URSoft​
2008-10-10 12:05 --------- d-----w C:\Program Files\Common Files\Adobe​
2008-10-10 10:18 --------- d-----w C:\Documents and Settings\user\Application Data\IEPro​
2008-10-10 08:44 --------- d-----w C:\Program Files\IEPro​
2008-10-10 08:28 --------- d-----w C:\Documents and Settings\user\Application Data\MiniDm​
2008-10-09 14:55 720,896 ----a-w C:\WINDOWS\iun6002.exe​
2008-10-09 14:55 --------- d-----w C:\Program Files\Abadisoft​
2008-10-08 22:25 --------- d-----w C:\Program Files\Common Files\xing shared​
2008-10-08 22:24 --------- d-----w C:\Program Files\Common Files\Real​
2008-10-08 22:03 --------- d-----w C:\Program Files\RelevantKnowledge​
2008-10-08 07:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ascentive​
2008-10-07 12:42 --------- d-----w C:\Documents and Settings\user\Application Data\Kaspersky_Key_Finder_(KKF​
2008-10-06 09:18 --------- d-----w C:\Program Files\Real_SC​
2008-10-02 03:13 --------- d-----w C:\Documents and Settings\user\Application Data\Nokia Multimedia Player​
2008-09-25 05:04 --------- d-----w C:\Program Files\Arabic Typing​
2008-09-25 03:10 --------- d-----w C:\Program Files\Maximum Software​
2008-09-21 06:49 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat​
2008-09-21 06:49 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat​
2008-09-21 06:19 --------- d-----w C:\Program Files\Kaspersky Lab​
2008-09-21 03:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files​
2008-09-20 03:31 --------- d-----w C:\Program Files\NetScream​
2008-09-19 03:44 --------- d-----w C:\Documents and Settings\user\Application Data\Uniblue​
2008-09-19 03:43 --------- d-----w C:\Program Files\Registry Easy​
2008-09-19 03:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software​
2008-09-19 03:32 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard​
2008-09-18 04:24 --------- d-----w C:\Program Files\Realtek AC97​
2008-09-17 09:55 --------- d-----w C:\Program Files\uTorrent​
2008-09-17 09:52 --------- d-----w C:\Documents and Settings\user\Application Data\uTorrent​
2008-09-17 07:58 --------- d-----w C:\Documents and Settings\user\Application Data\Apple Computer​
2008-09-17 06:13 --------- d-----w C:\Program Files\Invisible IP Map​
2008-09-16 19:16 --------- d-----w C:\Documents and Settings\user\Application Data\cleaner​
2008-09-16 11:24 --------- d-----w C:\Documents and Settings\user\Application Data\Steganos VPN​
2008-09-16 10:01 --------- d-----w C:\Program Files\VMNetSrv​
2008-09-16 09:00 --------- d-----w C:\Program Files\DirectX Happy Uninstall​
2008-09-16 08:29 --------- d-----w C:\Program Files\Internet Download Manager​
2008-09-15 04:46 --------- d-----w C:\Program Files\NetConceal​
2008-09-15 04:42 --------- d-----w C:\Program Files\GetAnonymous 2.2 Professional​
2008-09-15 04:13 --------- d-----w C:\Program Files\Proxy Switcher Standard​
2008-09-15 01:51 --------- d--h--w C:\Program Files\GLF52.tmp​
2008-09-14 14:39 --------- d-----w C:\Program Files\weblin​
2008-09-14 14:39 --------- d-----w C:\Documents and Settings\user\Application Data\zweitgeist​
2008-09-14 02:17 --------- d--h--w C:\Program Files\GLF3E.tmp​
2008-09-11 03:27 --------- d-----w C:\Documents and Settings\رضا\Application Data\PC Suite​
2008-09-10 15:46 --------- d-----w C:\Documents and Settings\user\Application Data\GameHouse​
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys​
2008-09-07 19:59 --------- d--h--w C:\Program Files\GLF56.tmp​
2008-09-07 19:57 --------- d-----w C:\Documents and Settings\user\Application Data\Nokia​
2008-09-07 18:35 --------- d-----w C:\Program Files\Nokia​
2008-09-07 18:35 --------- d-----w C:\Program Files\Common Files\Nokia​
2008-09-07 18:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations​
2008-09-07 17:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9​
2008-09-06 23:37 --------- d-----w C:\Program Files\Messenger Plus! Live​
2008-09-06 18:31 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller​
2008-09-06 18:31 --------- d-----w C:\Program Files\Windows Live​
2008-09-06 18:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller​
2008-09-06 04:50 --------- d-----w C:\Program Files\Extension Changer​
2008-09-06 01:20 --------- d-----w C:\Program Files\Download Direct​
2008-09-03 22:09 --------- d-----w C:\Documents and Settings\user\Application Data\PC Suite​
2008-09-02 02:59 --------- d-----w C:\Program Files\DSL Speed​
2008-07-21 05:59 3,192,832 --sh--w C:\F57.exe​
2008-07-21 05:59 3,192,832 --sh--w C:\F41.exe​
2008-07-18 12:25 114,688 ----a-w C:\WINDOWS\sliprt.dll​
2008-07-17 19:53 81,920 ----a-w C:\Documents and Settings\user\Application Data\ezpinst.exe​
2008-07-17 19:53 47,360 ----a-w C:\Documents and Settings\user\Application Data\pcouffin.sys​
2008-04-03 09:46 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat​
2008-03-09 04:25 236 ----a-w C:\Program Files\Common Files\dx.reg​
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))​
.
.
*Note* empty entries & legit default entries are not shown​
REGEDIT4​
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]​
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [09/12/2008 01:44 PM 2606512]​
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 06:59 PM 15360]​
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]​
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/09/2008 01:24 AM 185872]​
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/16/2008 02:01 PM 13529088]​
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [05/28/2007 04:58 PM 218640]​
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]​
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [04/14/2008 06:59 PM 15360]​
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [11/07/2007 05:35 PM 1294336]​
C:\Documents and Settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\​
REALTEK USB Wireless LAN Utility.lnk - C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe [2008-01-21 790528]​
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]​
"SynchronousMachineGroupPolicy"= 0 (0x0)​
"SynchronousUserGroupPolicy"= 0 (0x0)​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]​
"NoConfigPage"= 0 (0x0)​
"NoDevMgrPage"= 0 (0x0)​
"NoFileSysPage"= 0 (0x0)​
"NoVirtMemPage"= 0 (0x0)​
"DisableChangePassword"= 0 (0x0)​
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]​
"NoConfigPage"= 0 (0x0)​
"NoDevMgrPage"= 0 (0x0)​
"NoFileSysPage"= 0 (0x0)​
"NoVirtMemPage"= 0 (0x0)​
"DisableChangePassword"= 0 (0x0)​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]​
"NoRecentDocsNetHood"= 1 (0x1)​
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]​
"NoClose"= 0 (0x0)​
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]​
"VIDC.ACDV"= ACDV.dll​
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iPMS.exe]​
"Debugger"=dummy.dat​
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iPMS20.exe]​
"Debugger"=dummy.dat​
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]​
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup​
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Speed Launch.lnk]​
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^BlueSoleil.lnk]​
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^ONSPEED.lnk]​
backup=C:\WINDOWS\pss\ONSPEED.lnkCommon Startup​
[HKLM\~\startupfolder\C:^Documents and Settings^user^قائمة ابدأ^البرامج^بدء التشغيل^PowerInstall Key Updater.lnk]​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Axis Thunk Window Wma​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dart bind​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FastInternet​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]​
C:\WINDOWS\system32\dumprep 0 -k [X]​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProxyWay​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlipStream​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Evrox​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedStartup​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakMASTER​
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]​
--a------ 01/11/2008 10:16 PM 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]​
-ra------ 03/01/2007 10:37 AM 2321600 C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]​
-ra------ 08/09/2007 03:48 PM 528384 C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP]​
--a------ 05/28/2007 04:58 PM 218640 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]​
--a------ 03/12/2007 01:49 PM 153136 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]​
--a------ 04/14/2008 06:59 PM 15360 C:\WINDOWS\system32\ctfmon.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Modem Booster]​
--a------ 10/10/2003 12:53 PM 3911680 C:\Program Files\inKline Global\Modem Booster\ModemBtr.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]​
--a------ 04/14/2008 06:59 PM 1695232 C:\Program Files\Messenger\msmsgs.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]​
--a------ 10/18/2007 11:34 AM 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]​
--a------ 03/09/2007 06:53 PM 153136 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]​
--a------ 05/16/2008 02:01 PM 13529088 C:\WINDOWS\system32\nvcpl.dll​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]​
--a------ 05/16/2008 02:01 PM 86016 C:\WINDOWS\system32\nvmctray.dll​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]​
--a------ 12/10/2007 10:12 AM 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]​
--a------ 01/21/2008 08:37 PM 155648 C:\Program Files\QuickTime\qttask.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidTool]​
-ra------ 04/21/2005 11:19 AM 589824 C:\Program Files\VIA\RAID\raid_tool.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RRT-Auto]​
--a------ 09/07/2008 08:15 PM 140288 D:\برامج\بعض ادوات الاصلاح\RRT.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]​
-ra------ 05/30/2008 03:54 PM 21718312 C:\Program Files\Skype\Phone\Skype.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StormCodec_Helper]​
--a------ 11/26/2006 09:30 PM 97357 C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]​
--a------ 10/09/2008 01:24 AM 185872 C:\Program Files\Common Files\Real\Update_OB\realsched.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneUp MemOptimizer]​
--a------ 06/20/2008 09:09 AM 153856 C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows]​
--ah----- 09/28/2007 05:15 PM 98304 C:\WINDOWS\system32\shell23.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]​
--a------ 05/16/2008 02:01 PM 1630208 C:\WINDOWS\system32\nwiz.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]​
--a------ 04/16/2007 03:28 PM 577536 C:\WINDOWS\soundman.exe​
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]​
"DisableMonitoring"=dword:00000001​
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]​
"EnableFirewall"= 0 (0x0)​
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]​
"C:\\Program Files\\Ares\\Ares.exe"=​
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=​
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=​
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=​
"%windir%\\system32\\sessmgr.exe"=​
"C:\\Program Files\\Messenger\\msmsgs.exe"=​
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=​
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=​
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=​
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=​
"C:\\Program Files\\Internet Download Manager\\IDMan.exe"=​
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]​
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009​
R0 ViBus;ViBus;C:\WINDOWS\system32\DRIVERS\ViBus.sys [04/03/2008 03:42 PM 16896]​
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [09/21/2007 05:49 PM 9216]​
R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\DRIVERS\ViPrt.sys [04/03/2008 03:42 PM 53248]​
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [11/15/2006 04:23 PM 38144]​
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [04/14/2008 07:00 PM 14336]​
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/04/2007 02:58 PM 24344]​
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [07/18/2007 04:40 PM 264576]​
R3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [03/13/2008 05:38 AM 27136]​
S3 AVPsys;AVPsys;C:\WINDOWS\system32\drivers\tdi.sys [04/13/2008 10:00 PM 19072]​
S3 ncvhook;ncvhook;C:\WINDOWS\system32\DRIVERS\ncvhook.sys [09/30/2007 04:54 PM 3200]​
S3 tap0801;TAP-Win32 Adapter V8;C:\WINDOWS\system32\DRIVERS\tap0801.sys [02/15/2007 08:48 PM 26624]​
S3 tapavpn;Steganos Anonym VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapavpn.sys [10/19/2007 11:50 AM 24320]​
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [10/06/2008 10:01 PM 355584]​
S4 Anyplace Control Security;Anyplace Control Security;C:\WINDOWS\svcadmin.exe [06/15/2008 12:24 PM 104960]​
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs​
UxTuneUp​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{59f87e8f-3d36-11dd-a59e-00064f536eb4}]​
\Shell\AutoRun\command - F:\vva0hc0p.cmd​
\Shell\explore\Command - F:\vva0hc0p.cmd​
\Shell\open\Command - F:\vva0hc0p.cmd​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1964059-8da9-11dd-b0cf-00064f62f1f9}]​
\Shell\AutoRun\command - F:\LaunchU3.exe -a​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb451446-dd3c-11dc-8c0d-00064f536eb4}]​
\Shell\AutoRun\command - F:\LaunchU3.exe -a​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6d70427-5429-11dd-acb2-00064f536eb4}]​
\Shell\1\Command - RunDll32.exe .\SysInfo2.Dll,MyFun​
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RunDll32.exe .\SysInfo2.Dll,MyFun​
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f6d70429-5429-11dd-acb2-00064f536eb4}]​
\Shell\1\Command - RunDll32.exe .\SysInfo2.Dll,MyFun​
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RunDll32.exe .\SysInfo2.Dll,MyFun​
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621A56D8B0-ARE2IL-A0YE1-NTDJ4-RQRF07I4J980}]​
sysver.exe​
.
s of the 'Scheduled Tasks' folder​
2008-10-18 C:\WINDOWS\Tasks\1-Click Maintenance.job​
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [06/20/2008 09:09 AM]​
.
- - - - ORPHANS REMOVED - - - -​
MSConfigStartUp-NetSpeeder - C:\Program Files\Superhunter\NetSpeeder\NetSpeeder.exe​
MSConfigStartUp-Performance Center - C:\Program Files\Ascentive\Performance Center\ApcMain.exe​
MSConfigStartUp-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe​
MSConfigStartUp-Logitech Driver - sqld.exe​

.
------- Supplementary Scan -------​
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.sa/​
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8​
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore​
R1 -: HKCU-Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com;<local>​
R1 -: HKCU-Internet Settings,ProxyServer = 212.116.219.52:8082​
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000​
O8 -: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm​
O8 -: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm​
O8 -: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm​
O17 -: HKLM\CCS\Interface\{8B299325-DFEA-4D6B-A6C6-A4A40550B651}: NameServer = 67.138.54.100,207.225.209.66​
O17 -: HKLM\CCS\Interface\{FAA9FBBB-77A1-490F-BA69-757A90BC7439}: NameServer = 128.8.74.2,209.86.63.216​
O16 -: Microsoft XML Parser for Java - C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd​
- hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100​
.
.
------- File Associations -------​
.
txtfile=NOTEPAD %1​
vbefile\shell\edit\command=C:\WINDOWS\Notepad.exe %1​
vbsfile\shell\edit\command=C:\WINDOWS\Notepad.exe %1​
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-10-18 22:14:50​
Windows 5.1.2600 Service Pack 3 NTFS​
scanning hidden processes ...​
scanning hidden autostart entries ...​
scanning hidden files ...​
scan completed successfully​
hidden files: 0​
**************************************************************************
.
------------------------ Other Running Processes ------------------------​
.
C:\Program Files\Hotspot Shield\bin\openvpnas.exe​
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE​
C:\WINDOWS\system32\nvsvc32.exe​
C:\WINDOWS\system32\wscntfy.exe​
C:\Program Files\Internet Download Manager\IEMonitor.exe​
.
**************************************************************************
.
Completion time: 10/18/2008 22:24:22 - machine was rebooted​
ComboFix-quarantined-files.txt 2008-10-18 19:24:16​
Pre-Run: 23,595,577,344 bytes free​
Post-Run: 23,542,898,688 bytes free​
391 --- E O F --- 2008-10-17 16:33:01​



وهذا تقريري برنامج HijackThis​

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:22:53 ص, on 19/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\برامج\يعطيك تقرير عن الكمبيوتر\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com;<local>
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: StartupFaster
O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application ) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
}
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{8B299325-DFEA-4D6B-A6C6-A4A40550B651}: NameServer = 67.138.54.100,207.225.209.66
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAA9FBBB-77A1-490F-BA69-757A90BC7439}: NameServer = 128.8.74.2,209.86.63.216
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: text/plain - (no CLSID) - (no file)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 7494 bytes​

واستخدمت برنامج التنظيف الي موجود بالمنتدى ولاكن دون جدوى ياليت اخواني تحلون لي المشكله​

وجزاكم الله الف خير​
 

توقيع : xxxzoo122
ترتيب حسب التاريخ ترتيب حسب الأصوات
احذف

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) -

O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application ) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
}

O17 - HKLM\System\CCS\Services\Tcpip\..\{FAA9FBBB-77A1-490F-BA69-757A90BC7439}: NameServer =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O18 - Filter: text/plain - (no CLSID) - (no file)


طريقة الحذف
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



mg%20%284%29.png


=================================​

استخدم هذه الاداة للتنظيف
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


wh_15149054.png
واعمل الغاء تجزئة للاقراص
 
توقيع : فارس الملاك
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى