[استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)

تم تحميل الصفحة في 1,8241690 ثانية
[استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)
الحالة
مغلق و غير مفتوح للمزيد من الردود.
إنضم
14 يناير 2007
المشاركات
309
الإعجابات
21
النقاط
18
السلام عليكم ورحمة الله وبركاته


قواكم الله جميع ولاحرمكم ربي اجر مساعدتنا وواقفاتكم معنا عسانا مانعدم شوفتكم جمييع


لااطول عليكم اليوم سويت تقرير هايجاك وطلع لي علامة X جنب هالايقونة .. ودي تشوفونها وتعطوني ارائكم مع العلم اني امس حطيت فلاش وطلع مفيرس وكل مااسوي له مسح بالافاست يطلع لي وقت بدء تشغيل الجهاز ويقول لي ان هذا مساره C:\WINDOWS\system32 ورحت له لقيت ايقونته هذي شكلها وقلت اوريكم قبل كل شي

هذي صورة الايقونة




وهذا تقرير الهايجاك ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:59:03 م, on 24/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\VM303_STI.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscript.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\okok\SuperTrend\SuperTrend.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ash***Sv.exe
C:\Program Files\lg_swupdate\Gilautouc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\autoupdate.exe" Gilautouc
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [اختصار صفحة خصائص High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [CTFMON] C:\WINDOWS\system32\wscript.exe /E:vbs C:\WINDOWS\system32\winjpg.jpg
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [regdiit] C:\WINDOWS\system32\winxp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SuperTrend] C:\Documents and Settings\okok\SuperTrend\SuperTrend.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Download with ImTOO YouTube Video Converter - C:\Program Files\ImTOO\YouTube Video Converter\upod_link.HTM
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://98.126.41.234:1999/talk.cab
O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504781} (BMC Control) - http://66.228.123.202/bmc.cab
O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) - http://75.126.208.164/imscp/talka.cab
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) - http://98.126.41.234:1999/ReadUid.CAB
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) - http://174.36.238.30/saudi1999/talks3n.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! *** Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ash***Sv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6514 bytes


بإنتظـار ردكم :)
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: [استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)

وعليكم السلام دحوم ابك تطبق التالي وبعدين راح
نفحص جهازك بالهايجاك
ايقاف استعادة النظام ايقاف برنامج الانتي فايروس
اوكي استخدم هذي الاداة وعطني التقرير الي يطلع منها
اداة combofix
حمل الاداة
هنا
اتبع الشرح







 
إنضم
14 يناير 2007
المشاركات
309
الإعجابات
21
النقاط
18
رد: [استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)

رحم الله والديك اخوي ذبحني

انا بحياتي ماسويت استعادة نظام وماعمري ضغطت عليها وماعندي استعادة نظام لكن لحظات ان شاء الله ويجيك التقرير


موفق خير
 
إنضم
14 يناير 2007
المشاركات
309
الإعجابات
21
النقاط
18
رد: [استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)

هذا تقرير الاداة

ComboFix 09-06-23.01 - okok 06/25/2009 1:09.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1022.678 [GMT 3:00]
Running from: c:\documents and settings\okok\سطح المكتب\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090205-1] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\bifrost
C:\autorun.inf
c:\program files\Bifrost\server.exe
c:\windows\system32\winitn.dll
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-05-24 to 2009-06-24 )))))))))))))))))))))))))))))))
.

2009-06-24 22:03 . 2004-08-03 21:55 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-06-24 22:03 . 2004-08-03 21:55 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-06-24 22:03 . 2004-08-03 21:45 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-06-24 22:03 . 2004-08-03 21:45 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-06-24 22:03 . 2001-08-17 11:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-06-24 22:03 . 2001-08-17 11:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-06-24 07:40 . 2009-06-24 07:40 -------- d-----w- c:\program files\Java
2009-06-24 07:40 . 2009-06-24 07:40 152576 ----a-w- c:\documents and settings\okok\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-06-17 15:35 . 2007-08-24 16:45 101120 ----a-r- c:\windows\system32\drivers\ewusbmdm.sys
2009-06-17 15:35 . 2007-08-24 16:45 24448 ----a-r- c:\windows\system32\drivers\ewdcsc.sys
2009-06-17 15:35 . 2009-06-17 15:36 -------- d-----w- c:\program files\ALJAWAL 3.5G HSDPA
2009-06-17 08:03 . 2004-08-03 20:10 78464 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys
2009-06-17 08:03 . 2004-08-03 20:10 78464 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2009-06-15 20:24 . 2004-08-03 21:55 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-15 13:56 . 2009-06-15 13:56 835584 ----a-w- c:\windows\system32\maae.dll
2009-06-15 13:56 . 2009-06-15 13:56 729088 ----a-w- c:\windows\system32\maad.dll
2009-06-15 13:56 . 2009-06-15 13:56 450560 ----a-w- c:\windows\system32\maai.dll
2009-06-15 13:56 . 2009-06-15 13:56 311296 ----a-w- c:\windows\system32\maaf.dll
2009-06-15 13:56 . 2009-06-15 13:56 196608 ----a-w- c:\windows\system32\maag.dll
2009-06-15 13:56 . 2009-06-15 13:56 1040384 ----a-w- c:\windows\system32\maah.dll
2009-06-15 13:56 . 2009-06-15 13:56 335872 ----a-w- c:\windows\system32\maac.dll
2009-06-15 13:56 . 2009-06-15 13:56 315392 ----a-w- c:\windows\system32\maab.dll
2009-06-15 13:56 . 2009-06-15 13:56 1843200 ----a-w- c:\windows\system32\maaa.dll
2009-06-15 13:56 . 2009-06-15 13:56 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-06-15 13:56 . 2009-06-15 13:56 53760 ----a-w- c:\windows\system\ppacklib.dll
2009-06-15 13:55 . 2009-06-15 19:55 -------- d-----w- c:\program files\ArabicSounde
2009-06-13 18:59 . 2009-06-13 18:59 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-13 18:27 . 2009-06-14 16:40 -------- d-----w- c:\program files\Total Video Converter
2009-06-13 16:08 . 2009-06-13 16:08 8704 ----a-w- c:\documents and settings\okok\Application Data\Thinstall\Blaze Video Magic 2.0\40000050900003h\mpeg.exe
2009-06-13 16:08 . 2009-06-13 16:08 8704 ----a-w- c:\documents and settings\okok\Application Data\Thinstall\Blaze Video Magic 2.0\300000003400002h\dwwin.exe
2009-06-13 16:08 . 2009-06-13 16:08 8704 ----a-w- c:\documents and settings\okok\Application Data\Thinstall\Blaze Video Magic 2.0\4000008b500003h\fplayer.exe
2009-06-13 16:06 . 2009-06-13 16:06 -------- d-----w- c:\documents and settings\okok\Application Data\Thinstall
2009-06-06 11:22 . 2009-06-24 08:02 -------- d-----w- c:\documents and settings\okok\SuperTrend
2009-06-05 02:46 . 2009-06-05 02:46 -------- d-----w- c:\documents and settings\okok\Local Settings\Application Data\ACD Systems
2009-06-05 02:46 . 2009-06-05 02:46 -------- d-----w- c:\documents and settings\okok\Application Data\ACD Systems
2009-06-04 11:58 . 2009-06-04 11:58 -------- d-----w- c:\documents and settings\okok\amsn_received
2009-06-04 11:58 . 2009-06-04 12:19 -------- d-----w- c:\documents and settings\okok\amsn
2009-05-26 09:21 . 2009-05-26 09:21 -------- d-----w- c:\documents and settings\okok\Application Data\Vso
2009-05-26 09:21 . 2009-05-26 09:21 81920 ----a-w- c:\documents and settings\okok\Application Data\ezpinst.exe
2009-05-26 09:21 . 2009-05-26 09:21 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-05-26 09:21 . 2009-05-26 09:21 47360 ----a-w- c:\documents and settings\okok\Application Data\pcouffin.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 22:04 . 2001-09-19 12:00 58920 ----a-w- c:\windows\system32\perfc001.dat
2009-06-24 22:04 . 2001-09-19 12:00 328690 ----a-w- c:\windows\system32\perfh001.dat
2009-06-24 22:01 . 2009-05-07 16:39 -------- d-----w- c:\program files\lg_swupdate
2009-06-24 12:47 . 2009-05-09 21:46 -------- d-----w- c:\program files\AmiBroker
2009-06-24 07:40 . 2009-05-08 02:26 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-20 03:58 . 2009-06-20 03:58 2359350 ---ha-w- c:\program files\بدون عنوان.bmp
2009-06-13 18:43 . 2009-05-07 15:35 98904 ----a-w- c:\documents and settings\okok\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-13 16:10 . 2007-03-21 21:04 10017 ----a-w- c:\documents and settings\okok\Application Data\Thinstall\Blaze Video Magic 2.0\%Common AppData%\BlazeVideo\VideoMagic2\BlazeVideoMagic.dll
2009-05-23 08:34 . 2009-05-23 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Ashampoo
2009-05-21 16:14 . 2009-05-21 16:14 30601 ----a-w- c:\windows\java\x.exe
2009-05-21 00:14 . 2009-05-21 00:14 8192 ----a-w- c:\windows\system32\svchst..exe
2009-05-20 22:41 . 2009-05-20 22:41 1409 ----a-w- c:\windows\Fonts\wave2.FOT
2009-05-19 02:29 . 2009-05-19 02:05 -------- d-----w- c:\documents and settings\okok\Application Data\HideIP
2009-05-18 16:16 . 2009-05-18 16:16 4286 ----a-r- c:\documents and settings\okok\Application Data\Microsoft\Installer\{BD346D48-B143-47DD-ACF8-6099E78743DA}\_8A6C2B8A7A25EFE82889E6.exe
2009-05-18 16:16 . 2009-05-18 16:16 4286 ----a-r- c:\documents and settings\okok\Application Data\Microsoft\Installer\{BD346D48-B143-47DD-ACF8-6099E78743DA}\_6FEFF9B68218417F98F549.exe
2009-05-18 16:16 . 2009-05-18 16:16 4286 ----a-r- c:\documents and settings\okok\Application Data\Microsoft\Installer\{BD346D48-B143-47DD-ACF8-6099E78743DA}\_47F14B397EC14ACA300DC1.exe
2009-05-18 16:16 . 2009-05-18 16:16 4286 ----a-r- c:\documents and settings\okok\Application Data\Microsoft\Installer\{BD346D48-B143-47DD-ACF8-6099E78743DA}\_1F5083D1173DF326E71D75.exe
2009-05-18 16:16 . 2009-05-18 16:16 -------- d-----w- c:\program files\Alalef
2009-05-14 02:16 . 2009-05-14 02:16 2232 ----a-w- c:\windows\java\Packages\Data\VFZ7HBHJ.DAT
2009-05-14 02:16 . 2009-05-14 02:16 155995 ----a-w- c:\windows\java\Packages\BTVJ3XZ5.ZIP
2009-05-14 02:16 . 2009-05-14 02:16 2678 ----a-w- c:\windows\java\Packages\Data\86K93VPV.DAT
2009-05-14 02:16 . 2009-05-14 02:16 2678 ----a-w- c:\windows\java\Packages\Data\3Z7D3ZPZ.DAT
2009-05-14 02:16 . 2009-05-14 02:16 2678 ----a-w- c:\windows\java\Packages\Data\SVH7TRNT.DAT
2009-05-14 02:16 . 2009-05-14 02:16 2678 ----a-w- c:\windows\java\Packages\Data\RTVZTBZ1.DAT
2009-05-14 02:16 . 2009-05-14 02:16 2678 ----a-w- c:\windows\java\Packages\Data\73VFNZLV.DAT
2009-05-13 22:23 . 2009-05-13 22:23 -------- d-----w- c:\program files\MSECache
2009-05-12 15:19 . 2009-05-11 20:33 -------- d-----w- c:\program files\AptiStock
2009-05-12 14:35 . 2009-05-12 14:35 -------- d-----w- c:\documents and settings\okok\Application Data\Media Player Classic
2009-05-10 01:55 . 2009-05-07 19:01 -------- d-----w- c:\program files\Circl Developement
2009-05-09 17:45 . 2009-05-09 17:45 -------- d-----w- c:\program files\Trend Micro
2009-05-09 06:40 . 2009-05-07 16:39 565248 ----a-w- c:\windows\system32\CS.dll
2009-05-08 11:31 . 2009-05-08 11:31 152576 ----a-w- c:\documents and settings\okok\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-08 01:14 . 2009-05-08 01:14 -------- d-----w- c:\documents and settings\okok\Application Data\ImTOO Software Studio
2009-05-08 01:13 . 2009-05-08 01:13 -------- d-----w- c:\program files\ImTOO
2009-05-08 00:00 . 2009-05-08 00:00 -------- d-----w- c:\program files\LtUcx
2009-05-07 23:46 . 2009-05-07 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-07 22:13 . 2009-05-07 22:13 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-05-07 22:13 . 2009-05-07 22:13 -------- d-----w- c:\program files\TechSmith
2009-05-07 22:10 . 2009-05-07 22:10 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-07 22:02 . 2009-05-07 22:02 -------- d-----w- c:\program files\Foxit Software
2009-05-07 22:02 . 2009-05-07 22:02 -------- d-----w- c:\documents and settings\okok\Application Data\Foxit
2009-05-07 19:01 . 2009-05-07 19:01 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-07 19:01 . 2009-05-07 19:01 -------- d-----w- c:\program files\Windows Live
2009-05-07 19:01 . 2009-05-07 16:29 -------- d-----w- c:\program files\MSN Messenger
2009-05-07 16:51 . 2009-05-07 16:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-07 16:50 . 2009-05-07 16:50 -------- d-----w- c:\program files\Marvell
2009-05-07 16:50 . 2009-05-07 16:38 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-07 16:48 . 2009-05-07 16:41 -------- d-----w- c:\program files\Intel
2009-05-07 16:47 . 2009-05-07 16:47 -------- d-----w- c:\program files\Synaptics
2009-05-07 16:42 . 2009-05-07 16:41 -------- d-----w- c:\program files\ATI Technologies
2009-05-07 16:34 . 2009-05-07 16:34 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-07 16:34 . 2009-05-07 16:34 -------- d-----w- c:\program files\Common Files\Real
2009-05-07 16:34 . 2009-05-07 15:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-07 16:34 . 2009-05-07 15:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-07 16:34 . 2009-05-07 16:34 -------- d-----w- c:\program files\Real
2009-05-07 16:33 . 2009-05-07 16:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-07 16:28 . 2009-05-07 16:27 -------- d-----w- c:\documents and settings\okok\Application Data\BSplayer Pro
2009-05-07 16:28 . 2009-05-07 16:28 -------- d-----w- c:\program files\mpegable
2009-05-07 16:28 . 2009-05-07 16:28 47104 ------w- c:\windows\AKDeInstall.exe
2009-05-07 16:27 . 2009-05-07 16:27 -------- d-----w- c:\program files\***teh
2009-05-07 16:26 . 2009-05-07 16:26 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-05-07 16:26 . 2009-05-07 16:26 172032 ------w- c:\windows\Setup1.exe
2009-05-07 16:26 . 2009-05-07 16:26 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-07 16:25 . 2009-05-07 16:25 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-05-07 16:25 . 2009-05-07 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-05-07 16:25 . 2009-05-07 16:25 -------- d-----w- c:\program files\ACD Systems
2009-05-07 16:12 . 2009-05-07 15:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-07 15:52 . 2009-05-07 15:52 -------- d-----w- c:\program files\Alwil Software
2009-05-07 15:42 . 2009-05-07 15:42 -------- d-----w- c:\program files\Microsoft Works
2009-05-07 15:26 . 2009-05-07 15:26 -------- d-----w- c:\program files\microsoft frontpage
2009-05-07 15:22 . 2009-05-07 15:22 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-09 07:26 . 2009-05-23 07:50 26816 ----a-w- c:\windows\system32\drivers\sfilter.sys
2009-04-09 07:26 . 2009-05-23 07:50 11840 ----a-w- c:\windows\system32\drivers\FDelFile.sys
.

((((((((((((((((((((((((((((( [email protected]_07.04.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-24 22:00 . 2009-06-24 22:00 16384 c:\windows\Temp\Perflib_Perfdata_520.dat
+ 2009-06-24 22:00 . 2009-06-24 22:00 16384 c:\windows\Temp\Perflib_Perfdata_114.dat
+ 2001-09-19 12:00 . 2009-06-24 22:04 58930 c:\windows\system32\perfc009.dat
- 2001-09-19 12:00 . 2009-05-26 01:49 58930 c:\windows\system32\perfc009.dat
+ 2001-09-19 12:00 . 2009-06-24 22:04 392630 c:\windows\system32\perfh009.dat
- 2001-09-19 12:00 . 2009-05-26 01:49 392630 c:\windows\system32\perfh009.dat
+ 2009-06-24 07:41 . 2009-06-24 07:40 148888 c:\windows\system32\javaws.exe
+ 2009-06-24 07:41 . 2009-06-24 07:40 144792 c:\windows\system32\javaw.exe
+ 2009-06-24 07:41 . 2009-06-24 07:40 144792 c:\windows\system32\java.exe
+ 2009-05-07 18:13 . 2009-06-14 10:40 354568 c:\windows\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584]
"SuperTrend"="c:\documents and settings\okok\SuperTrend\SuperTrend.exe" [2009-06-10 4575232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-07 185872]
"LG Intelligent Update"="c:\program files\lg_swupdate\autoupdate.exe" [2009-05-09 102400]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-04-28 344064]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-29 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-29 688218]
"BigDog303"="c:\windows\VM303_STI.EXE" [2005-06-23 61440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 136600]
"اختصار صفحة خصائص High Definition Audio"="HDAShCut.exe" - c:\windows\system32\HdAShCut.exe [2005-01-07 61952]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-11-09 88358]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe]
"Debugger"=c:\windows\system32\wscript.exe /E:vbs c:\windows\system32\winjpg.jpg

[HKLM\~\startupfolder\C:^Documents and Settings^okok^قائمة ابدأ^البرامج^بدء التشغيل^Alalef Pro User.lnk]
path=c:\documents and settings\okok\قائمة ابدأ\البرامج\بدء التشغيل\Alalef Pro User.lnk
backup=c:\windows\pss\Alalef Pro User.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\MostsharPro\\MostsharPro.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07/05/2009 06:52 م 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07/05/2009 06:52 م 20560]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [07/05/2009 07:44 م 1287296]
S3 FDelFile;FDelFile;\??\c:\program files\Perfect Uninstaller\FDelFile.sys --> c:\program files\Perfect Uninstaller\FDelFile.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - HIDSERV
*Deregistered* - UserIO
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-regdiit - c:\windows\system32\winxp.exe


.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyServer = socks=
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Download with ImTOO YouTube Video Converter - c:\program files\ImTOO\YouTube Video Converter\upod_link.HTM
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {7253A666-804A-1107-A4DC-00E04C504781} - hxxp://66.228.123.202/bmc.cab
DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} - hxxp://75.126.208.164/imscp/talka.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://98.126.41.234:1999/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://174.36.238.30/saudi1999/talks3n.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-25 01:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog303 = c:\windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)[email protected]??????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-842925246-1682526488-725345543-1003\RemoteAccess\Profile\x *]
"EnableAutodisconnect"=dword:00000001
"EnableExitDisconnect"=dword:00000001
"DisconnectIdleTime"=dword:00000014
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-06-24 1:13
ComboFix-quarantined-files.txt 2009-06-24 22:13

Pre-Run: 29,218,189,312 bytes free
Post-Run: 29,314,379,776 bytes free

235
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: [استفسـار] HoBeeZ ، ®§-ذبحـ»غــلاها«ــني-§® مطلوبين للأهميه(مرفق تقرير هايجاك)

اللحين ماعليك الا تحمل الملف تكست هذا ثم فك الضغط بنفس المكان الموجودة به الأداة


ثم نأتي للملف الذي قمنا بحفظه نضع الماوس ثم سحب وإفلات على الأداة

إنظر للصورة المتحركة



انصحك اخوي تحمل برنامج الانتي فايروس BitDefender وبعد تحميله بدلا من الافستا قم بعمل سكان للجهاز

وكذا راح تنتهي باذن الله مشكلتك​
 
الحالة
مغلق و غير مفتوح للمزيد من الردود.

الأعضاء النشطين حاليآ الذين يشاهدون هذا الموضوع (1 عضو و 0 ضيف)

خيارات الاستايل

نوع الخط
مودك
اخفاء السايدر بار OFF
توسيط المنتدى OFF
فصل الأقسام OFF
الأقسام الفرعية OFF
عرض المشاركات
حجم الخط
معلومات العضو OFF
إخفاء التوقيع OFF

إرجاع خيارات الإستايل