اختفاء ايقونة الملف اوالملفات الشغالة من البر بجانب الساعة ...

boubaker segni · 30 نوفمبر 2008

الاخوة الكرام ارجو مساعدتي لتجاوز مشكلتين الاولى ظهور ايقونة ليست من الملف اوم بنزعها يدويا لكنها تعود الى thumbs.db الملف بمجرد غلقه وفتحه
……………………………………………………………….
الاشكال الثاني هو عدم ظهور الملف او الملفات الشغالة على البار اي بجانب الساعة ولا اتمكن من رويتها الا بالضغط على alt/tab
…………………………………………………………………
hijackthis وهذا تقرير من برنامج
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:14, on 30/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe
C:\Program Files\Keenfinder\keenfinder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Virtual Flash Drive\vserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Keenfinder\keenfinder.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\spider.exe
C:\PROGRA~1\WINDOW~2\wmplayer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\zyzoom.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RESEAU')
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keenfinder Service - Keenfinder.com - C:\Program Files\Keenfinder\keenfinder.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Virtual flash drive anti-delete server - Unknown owner - C:\Program Files\Virtual Flash Drive\vserver.exe

--
End of file - 11630 bytes

السّاجد لله · 30 نوفمبر 2008

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

اعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم

boubaker segni · 30 نوفمبر 2008

الاخوة الكرام لكم جزيل الشكر على المساعة والتعجيل فيها امدكم الآن بتقرير هيجاكذيس و كمبو فيكس
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:55:36, on 30/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Keenfinder\keenfinder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Virtual Flash Drive\vserver.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Keenfinder\keenfinder.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Soufien segni\Bureau\Zyzoom_HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keenfinder Service - Keenfinder.com - C:\Program Files\Keenfinder\keenfinder.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Virtual flash drive anti-delete server - Unknown owner - C:\Program Files\Virtual Flash Drive\vserver.exe
--
End of file - 10100 bytes
..........................................................................
ComboFix 08-11-29.03 - Soufien segni 2008-11-30 16:43:56.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.216.1036.18.121 [GMT 1:00]
Running from: c:\documents and settings\Soufien segni\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Soufien segni\Application Data\acy.Suite.5.0.126-RES-Patch.exe
c:\documents and settings\Soufien segni\Application Data\BITS
c:\documents and settings\Soufien segni\Application Data\BITS\BITS.ini
c:\documents and settings\Soufien segni\Application Data\BITS\DHTTable.dat
c:\documents and settings\Soufien segni\Application Data\BITS\ProxyList.ini
c:\windows\system32\avrt.dll
c:\windows\system32\d3d10core.dll
c:\windows\system32\D3DX10d_39.dll
.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-30 )))))))))))))))))))))))))))))))
.
2009-11-27 14:20 . 2008-09-12 11:44 206,256 --a------ c:\windows\system32\idmmbc.dll
2008-11-30 13:59 . 2008-11-30 13:59 236 --a------ C:\sqmdata12.sqm
2008-11-30 13:59 . 2008-11-30 13:59 200 --a------ C:\sqmnoopt12.sqm
2008-11-30 13:59 . 2008-11-30 13:59 120 --a------ C:\sqmnoopt13.sqm
2008-11-30 13:59 . 2008-11-30 13:59 120 --a------ C:\sqmdata13.sqm
2008-11-30 12:32 . 2008-11-30 12:32 <REP> d-------- c:\program files\Trend Micro
2008-11-30 11:20 . 2008-11-30 11:20 <REP> d-------- c:\program files\DFX
2008-11-29 11:13 . 2008-11-29 11:13 <REP> d-------- c:\program files\RelevantKnowledge
2008-11-29 11:11 . 2008-11-29 11:17 <REP> d-------- c:\program files\FileSubmit
2008-11-29 11:10 . 2008-11-30 09:13 <REP> d-------- c:\program files\Keenfinder
2008-11-28 23:02 . 2008-11-28 23:04 <REP> d-------- c:\program files\Virtual Flash Drive
2008-11-28 23:02 . 2008-11-28 23:02 6,784 --a------ c:\windows\system32\drivers\usbminiport.sys
2008-11-28 23:02 . 2008-11-28 23:02 6,784 --a------ c:\windows\system32\drivers\usbbus.sys
2008-11-28 23:02 . 2008-11-28 23:02 5,632 --a------ c:\windows\system32\cocpyinf.dll
2008-11-28 20:07 . 2001-08-23 17:18 715,530 --a--c--- c:\windows\system32\dllcache\OLDB64.tmp
2008-11-28 20:07 . 2001-08-23 17:47 86,097 --a--c--- c:\windows\system32\dllcache\OLDB8F.tmp
2008-11-28 20:07 . 2008-04-14 02:58 79,360 --a--c--- c:\windows\system32\dllcache\OLDB9A.tmp
2008-11-28 19:22 . 2008-11-28 19:22 <REP> d-------- c:\program files\Uniblue
2008-11-28 19:21 . 2008-11-28 19:22 <REP> d--h-c--- c:\documents and settings\All Users\Application Data\{2840BBCB-9BEC-47F6-BA0F-10D3C34BF151}
2008-11-28 12:19 . 2008-11-28 12:19 272 --a------ C:\sqmdata11.sqm
2008-11-28 12:19 . 2008-11-28 12:19 200 --a------ C:\sqmnoopt11.sqm
2008-11-28 09:34 . 2001-08-17 21:28 794,654 --a--c--- c:\windows\system32\dllcache\usr1801.sys
2008-11-28 09:27 . 2001-08-23 16:57 286,848 --a--c--- c:\windows\system32\dllcache\stlnata.sys
2008-11-28 09:26 . 2001-08-23 17:18 899,914 --a--c--- c:\windows\system32\dllcache\r2mdkxga.sys
2008-11-28 09:25 . 2008-04-14 03:33 363,520 --a--c--- c:\windows\system32\dllcache\psisdecd.dll
2008-11-28 09:24 . 2001-08-23 13:00 4,399,505 --a--c--- c:\windows\system32\dllcache\nls302en.lex
2008-11-28 09:24 . 2001-08-17 20:20 126,080 --a--c--- c:\windows\system32\dllcache\nm5a2wdm.sys
2008-11-28 09:24 . 2001-08-17 20:20 87,040 --a--c--- c:\windows\system32\dllcache\nm6wdm.sys
2008-11-28 09:21 . 2001-08-17 21:28 802,683 --a--c--- c:\windows\system32\dllcache\ltsm.sys
2008-11-28 09:20 . 2001-08-23 17:47 372,824 --a--c--- c:\windows\system32\dllcache\iconf32.dll
2008-11-28 09:19 . 2001-08-23 17:46 1,733,120 --a--c--- c:\windows\system32\dllcache\g400d.dll
2008-11-28 09:18 . 2001-08-17 20:14 952,007 --a--c--- c:\windows\system32\dllcache\diwan.sys
2008-11-28 09:17 . 2001-08-23 17:04 980,034 --a--c--- c:\windows\system32\dllcache\cicap.sys
2008-11-28 09:16 . 2001-08-17 21:28 871,388 --a--c--- c:\windows\system32\dllcache\bcmdm.sys
2008-11-28 09:15 . 2001-08-23 17:46 382,592 --a--c--- c:\windows\system32\dllcache\atidrab.dll
2008-11-28 09:14 . 2001-08-17 21:28 762,780 --a--c--- c:\windows\system32\dllcache\3cwmcru.sys
2008-11-27 20:55 . 2008-11-27 20:55 <REP> d-------- c:\windows\system32\fr
2008-11-27 20:55 . 2008-11-27 20:55 <REP> d-------- c:\windows\l2schemas
2008-11-27 20:54 . 2008-11-27 20:55 <REP> d-------- c:\windows\system32\bits
2008-11-27 20:52 . 2008-11-27 20:55 <REP> d-------- c:\windows\ServicePackFiles
2008-11-27 20:16 . 2008-11-27 20:16 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\Grisoft
2008-11-27 20:15 . 2008-11-27 20:15 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2008-11-27 20:15 . 2007-05-30 13:10 10,872 --a------ c:\windows\system32\drivers\AvgAsCln.sys
2008-11-27 19:49 . 2008-11-27 19:49 <REP> d-------- c:\documents and settings\LocalService\Bureau
2008-11-27 18:49 . 2008-11-27 18:49 603,904 --a------ c:\windows\system32\TUProgSt.exe
2008-11-27 18:48 . 2008-11-28 16:46 <REP> d-------- c:\program files\TuneUp Utilities 2009
2008-11-27 18:48 . 2008-11-27 18:48 <REP> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-11-27 18:45 . 2008-11-27 18:47 <REP> d-------- c:\program files\Quran
2008-11-27 11:32 . 2008-11-27 11:32 <REP> d-------- c:\program files\VS Revo Group
2008-11-27 10:42 . 2008-11-27 11:05 206 --a------ c:\windows\EurekaLog.ini
2008-11-27 10:39 . 2008-11-27 11:32 <REP> d-------- c:\program files\Your Uninstaller 2008
2008-11-27 10:39 . 2008-11-27 10:39 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\URSoft
2008-11-27 10:17 . 2008-11-27 10:17 8,704 --ahs---- c:\windows\system32\Thumbs.db
2008-11-26 21:12 . 2008-11-26 21:12 <REP> d-------- c:\program files\SuperCopier2
2008-11-25 22:55 . 2008-11-25 22:55 <REP> d-------- c:\program files\aljazeera news
2008-11-25 21:56 . 2008-11-26 21:29 <REP> d-------- c:\program files\TeraCopy
2008-11-25 21:56 . 2008-11-26 21:14 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\TeraCopy
2008-11-25 13:04 . 2008-04-14 03:33 3,166,208 --a--c--- c:\windows\system32\dllcache\msgr3en.dll
2008-11-24 23:23 . 2008-11-24 23:23 <REP> d-------- c:\program files\MSXML 6.0
2008-11-24 20:03 . 2008-11-24 20:03 236 --a------ C:\sqmdata10.sqm
2008-11-24 20:03 . 2008-11-24 20:03 200 --a------ C:\sqmnoopt10.sqm
2008-11-24 18:50 . 2008-11-27 11:31 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2008-11-24 11:25 . 2008-08-14 14:23 2,191,232 --a--c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-24 11:25 . 2008-08-14 14:23 2,068,096 --a--c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-24 10:57 . 2008-06-14 18:33 272,768 --------- c:\windows\system32\drivers\bthport.sys
2008-11-24 10:57 . 2008-06-14 18:33 272,768 --a--c--- c:\windows\system32\dllcache\bthport.sys
2008-11-23 21:18 . 2008-11-23 21:18 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\CyberScrub
2008-11-23 21:18 . 2007-02-07 11:08 84 --a------ c:\windows\csact.ini
2008-11-23 21:12 . 2008-11-23 21:25 34,308 --a------ c:\windows\system32\Chip.dll
2008-11-23 14:48 . 2008-11-23 14:48 98,304 --a------ c:\windows\system32\CmdLineExt.dll
2008-11-23 14:27 . 2008-11-23 14:27 <REP> d-------- c:\program files\Rockstar Games
2008-11-21 15:28 . 2008-11-21 15:28 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\RetouchPilot
2008-11-21 15:18 . 2008-11-27 17:08 <REP> d-------- c:\program files\Retouch Pilot
2008-11-20 18:02 . 2008-11-20 18:02 248 --a------ C:\sqmdata08.sqm
2008-11-20 18:02 . 2008-11-20 18:02 212 --a------ C:\sqmnoopt08.sqm
2008-11-20 18:02 . 2008-11-20 18:02 200 --a------ C:\sqmnoopt09.sqm
2008-11-20 18:02 . 2008-11-20 18:02 200 --a------ C:\sqmdata09.sqm
2008-11-19 21:08 . 2008-11-19 21:08 236 --a------ C:\sqmdata07.sqm
2008-11-19 21:08 . 2008-11-19 21:08 200 --a------ C:\sqmnoopt07.sqm
2008-11-19 18:28 . 2008-11-19 18:33 <REP> d-------- C:\Downloads
2008-11-19 18:14 . 2008-11-19 18:14 236 --a------ C:\sqmdata06.sqm
2008-11-19 18:14 . 2008-11-19 18:14 200 --a------ C:\sqmnoopt06.sqm
2008-11-19 18:05 . 2008-11-19 18:05 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-19 14:43 . 2008-11-29 11:11 <REP> d-------- c:\windows\Icons
2008-11-19 14:43 . 2008-11-19 14:43 <REP> d-------- c:\program files\Fichiers communs\dotretouch
2008-11-19 14:43 . 2008-11-19 14:43 1,829 --a------ c:\windows\unins000.dat
2008-11-19 10:59 . 2008-11-19 10:59 <REP> d-------- C:\profiles
2008-11-18 21:30 . 2008-11-21 22:53 <REP> d-------- c:\program files\LimeWire
2008-11-18 16:42 . 2008-11-18 16:42 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\ACD Systems
2008-11-18 16:41 . 2008-11-18 16:41 <REP> d-------- c:\program files\Fichiers communs\ACD Systems
2008-11-18 16:41 . 2008-11-18 16:41 <REP> d-------- c:\program files\ACD Systems
2008-11-18 16:41 . 2008-11-18 16:41 <REP> d-------- c:\documents and settings\All Users\Application Data\ACD Systems
2008-11-18 16:27 . 2008-11-18 16:27 <REP> d--h----- c:\windows\PIF
2008-11-18 16:26 . 2008-11-18 16:36 <REP> d-------- c:\documents and settings\All Users\Application Data\webcamXP5
2008-11-17 18:30 . 2008-11-24 19:17 <REP> d-------- c:\documents and settings\All Users\Application Data\Uniblue
2008-11-17 15:43 . 2008-11-24 19:17 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\Uniblue
2008-11-17 14:15 . 2008-11-17 15:16 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-11-17 14:11 . 2008-11-27 09:22 <REP> d-------- c:\program files\Google
2008-11-16 23:17 . 2008-11-17 10:26 230,424 --a------ C:\img1-001.raw
2008-11-16 21:18 . 2006-11-21 21:24 1,488,688 --a------ c:\windows\system32\legitcheckcontrol.dll.bak
2008-11-16 21:18 . 2008-02-04 18:23 693,792 --a------ c:\windows\system32\OGACheckControl.DLL
2008-11-16 21:18 . 2007-03-15 18:17 310,784 --a------ c:\windows\system32\wgatray.exe.bak
2008-11-16 21:18 . 2007-03-15 18:17 183,808 --a------ c:\windows\system32\wgalogon.dll.bak
2008-11-16 20:28 . 2008-11-16 20:28 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\TERMINAL Studio
2008-11-16 20:27 . 2008-11-16 20:27 <REP> d-------- c:\program files\Astro Gemini Software
2008-11-16 20:27 . 2007-10-09 14:56 12,636,160 --a------ c:\windows\system32\Dinosaurs 3D Screensaver.scr
2008-11-16 20:27 . 2007-01-17 12:57 528,384 --a------ c:\windows\system32\Astro Gemini Screensaver Manager.scr
2008-11-16 20:27 . 2007-10-09 14:57 3,160 --a------ c:\windows\system32\Dinosaurs3DScreensaver.html
2008-11-16 18:03 . 2008-11-16 18:04 <REP> d-------- c:\documents and settings\Soufien segni\Shared
2008-11-16 18:03 . 2008-11-16 18:14 <REP> d-------- c:\documents and settings\Soufien segni\Incomplete
2008-11-16 18:02 . 2008-11-16 18:02 <REP> d-------- c:\program files\P2P_Energy
2008-11-16 18:02 . 2008-11-19 10:19 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\LimeWireTurbo
2008-11-16 14:28 . 2008-11-16 14:28 236 --a------ C:\sqmdata05.sqm
2008-11-16 14:28 . 2008-11-16 14:28 200 --a------ C:\sqmnoopt05.sqm
2008-11-16 09:46 . 2008-11-28 22:57 69 --a------ c:\windows\NeroDigital.ini
2008-11-16 04:02 . 2008-11-16 04:02 <REP> d-------- c:\documents and settings\Soufien segni\Application Data\XericDesign
2008-11-16 04:01 . 2008-11-17 15:53 <REP> d-------- c:\program files\QuickTime
2008-11-16 04:01 . 2008-11-16 04:01 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-16 03:38 . 2008-04-13 19:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-16 03:38 . 2008-04-13 19:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-11-16 03:25 . 2008-11-16 03:25 0 --a------ c:\windows\OpPrintServer.INI
2008-11-16 03:21 . 2008-11-16 03:24 <REP> d-------- c:\program files\Canon
2008-11-16 03:21 . 2008-11-16 03:21 <REP> d--h----- C:\BJPrinter
2008-11-16 03:21 . 2004-04-23 17:00 116,736 --a------ c:\windows\system32\CNMLM6e.DLL
2008-11-16 03:21 . 2004-03-12 04:06 86,016 -ra------ c:\windows\system32\CNMCP6e.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-23 13:27 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-12 14:59 --------- d-----w c:\program files\Fichiers communs\InstallShield
2008-11-11 21:40 --------- d-----w c:\program files\Java
2008-11-11 19:56 --------- d-----w c:\program files\SAGEM
2008-11-11 19:28 --------- d-----w c:\program files\Intel
2008-11-11 19:12 --------- d---a-w c:\documents and settings\Soufien segni\Application Data\gtopala
2008-11-11 19:12 --------- d---a-w c:\documents and settings\Soufien segni\Application Data\aignes
2008-11-11 19:06 --------- d-----w c:\program files\Fichiers communs\Java
2008-11-11 19:05 --------- d-----w c:\program files\WMV9_VCM
2008-11-11 19:04 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-11 19:00 218,376 ----a-w c:\windows\system32\klogon.dll
2008-11-11 18:58 25,601 ----a-w c:\windows\system32\drivers\klopp.dat
2008-11-11 18:52 --------- d-----w c:\program files\WSTARTUP
2008-11-11 18:52 --------- d-----w c:\program files\UTILS
2008-11-11 18:52 --------- d-----w c:\program files\JEUX
2008-11-11 18:46 --------- d-----w c:\program files\microsoft frontpage
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
2008-10-28 22:36 823,296 ----a-w c:\windows\system32\divx_xx07.dll
2008-10-28 22:35 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
2008-10-28 22:35 802,816 ----a-w c:\windows\system32\divx_xx11.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\system32\DivX.dll
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-17 06:09 602,112 ----a-w c:\windows\system32\nvapi.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-25 08:03 81,920 ----a-w c:\windows\system32\dpl100.dll
2008-09-25 08:03 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
2008-09-25 08:03 57,344 ----a-w c:\windows\system32\dpv11.dll
2008-09-25 08:03 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
2008-09-25 08:03 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-09-25 08:03 344,064 ----a-w c:\windows\system32\dpus11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu11.dll
2008-09-25 08:03 294,912 ----a-w c:\windows\system32\dpu10.dll
2008-09-25 08:03 196,608 ----a-w c:\windows\system32\dtu100.dll
2008-09-25 08:03 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-09-19 21:57 129,784 ------w c:\windows\system32\pxafs.dll
2008-09-19 21:57 120,056 ------w c:\windows\system32\pxcpyi64.exe
2008-09-19 21:57 118,520 ------w c:\windows\system32\pxinsi64.exe
2008-09-19 21:55 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-09-19 21:55 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-09-19 21:54 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-09-18 14:47 940,304 ----a-w c:\windows\system32\msjava.dll
2008-09-18 14:47 73,728 ----a-w c:\windows\system32\CompressATI2.dll
2008-09-18 14:47 430,088 ----a-w c:\windows\system32\D3D10SDKLayers.DLL
2008-09-18 14:47 1,171,456 ----a-w c:\windows\system32\msvcr80d.dll
2008-09-15 15:26 1,846,528 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:15 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-08 23:03 51,712 ----a-w c:\windows\system32\sirenacm.dll
2008-09-05 14:56 287,744 ----a-w c:\windows\WLXPGSS.SCR
2008-09-04 17:16 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:11 826,368 ----a-w c:\windows\system32\wininet.dll
2008-08-14 13:23 2,147,328 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:23 2,025,984 ----a-w c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_LOCAL_MACHINE\~\Browser Helper s\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2008-09-15 06:47 1784856 --a------ c:\program files\P2P_Energy\tbP2P_.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2008-09-15 1784856]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\program files\P2P_Energy\tbP2P_.dll" [2008-09-15 1784856]
[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-11-25 935856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-17 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-10-10 7286784]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2008-11-11 206088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.HFYU"= huffyuv.dll
"msacm.l3codec"= l3codecp.acm
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"SuperCopier2.exe"=c:\program files\SuperCopier2\SuperCopier2.exe
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"SoundMan"=SOUNDMAN.EXE
"snpstd"=c:\windows\vsnpstd.exe
"CameraFixer"=c:\windows\CameraFixer.exe
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R0 usbport;VUSB Miniport;c:\windows\system32\DRIVERS\usbminiport.sys [2008-11-28 6784]
R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-11-14 56344]
R2 Keenfinder Service;Keenfinder Service;"c:\program files\Keenfinder\keenfinder.exe" "c:\program files\Keenfinder\keenfinder.dll" Service []
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2008-11-27 603904]
R2 Virtual flash drive anti-delete server;Virtual flash drive anti-delete server;c:\program files\Virtual Flash Drive\vserver.exe [2008-11-28 126976]
S3 fsssvc;Windows Live Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-09-04 512536]
.
s of the 'Scheduled Tasks' folder
2008-11-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-11-30 16:50:19
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4056)
c:\program files\Keenfinder\keenfinder.dll
c:\program files\Windows Media Player\wmpband.dll
c:\program files\P2P_Energy\tbP2P_.dll
c:\progra~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
c:\program files\Internet Download Manager\idmmkb.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\program files\Keenfinder\keenfinder.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
c:\program files\Keenfinder\keenfinder.exe
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2008-11-30 16:53:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-30 15:52:47
Pre-Run: 31 400 460 288 octets libres
Post-Run: 31,381,991,424 octets libres
333 --- E O F --- 2008-11-28 19:07:27

ابـــو عــبــد الــلــه · 1 ديسمبر 2008

كيف الوضع معك ...

اختفاء ايقونة الملف اوالملفات الشغالة من البر بجانب الساعة ...

boubaker segni

زيزوومي جديد

السّاجد لله

زيزوومى فضى

توقيع : السّاجد لله

boubaker segni

زيزوومي جديد

ابـــو عــبــد الــلــه

زيزوومى فضى

توقيع : ابـــو عــبــد الــلــه

NTLite Business 2025.8.10552 X64