أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

تم تحميل الصفحة في 0,1831364 ثانية
أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!
الحالة
مغلق و غير مفتوح للمزيد من الردود.
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
السلام عليكم ورحمة الله وبركاته

أنا عندي شريط ابدا ماتطلع فيه البرامج إللي أفتحها يعني لمن افتح برنامج ما اشوفه تحت ليش ؟؟

ومشكله ثانيه ::
كل ماشغلت برنامج الفوتو والكتابه تطلعلي هالصوره مع تغيير أسم مثلا إن كان فوتو يكتب فوتو أما إن كنت فاتحه مايكروسوت وورد يكتب مايكروسوفت وورد
والصوره بهالرابط

http://www.rofof.com/img2/6cxrpe28.jpg



==================

أخوي وحش أقصد (( ذبحـــــ غلاها ـــــــني ))

أنا ما حطيت مشكلتي إلا من شفت تفاعل وحلك للمشاكل بعد الله
وماشاء الله تبارك الله ومن هالابداع لأكثر وبالتوفيق
 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

:30: :30: :30:
الله يخليكم ليش المشاهدات اكثر والردود ماكو
:30::30::30:
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

وعليكم السلام

حل مشكلة اختفاء البرامج من قائمة ابدأ
Start من ابدأ

Run تشغيل

انسخ والصق هذا الأمر حمل ملف تكست وراح تحصل لامر وانسخ اللي فيه ثم لصق في صندوق التشغيل

ثم موافق

من هنا الرابط

اعد التشغيل

اذا لم تحل المشكلة اتبع التالي

حمل هذا الملف

من هنا

فيه ثلاث ملفات بأسم

Start menu

شغلهم بالترتيب

ووافق على التبديل على كل ملف

ثم اعد التشغيل

اذا لم تحل المشكلة


وعليكم السلام

عطنى تقرير هايجاك



حمل الآداة

إضغط هنـآ للتحميل

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​
 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

مشكور أخوي ... ويعطيك العافيه ..


الطريقه الاولى
مانفعت .. :34:


الطريقه الثانيه
أنا حملت البرنامج واشغله يقول إنسيلت أضغتها يصكر وما يسوي شي ؟؟


الطريقه الثالثه
نسخته وهذا أهو ::

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:53:27 م, on 28/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files\Zain e-GO\Zain e-GO\Zain e-GO.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart *** Printing\hpswp_clipbook.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\vgbpy.exe
C:\Documents and Settings\Administrator\My Documents\مشغل البر امج\هاي جاك.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart *** Printing\hpswp_printenhancer.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart *** Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [XP-D017BA83] C:\WINDOWS\system32\XP-D017BA83.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vbuzzer Messenger] C:\Program Files\vbuzzer\VBuzzer.exe
O4 - HKCU\..\Run: [softwarejoy] C:\DOCUME~1\ADMINI~1\APPLIC~1\HTMREA~1\remote user.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O4 - Startup: ،،،،،،.lnk = C:\WINDOWS\system32\XP-D017BA83.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Vbuzzer RSS list - C:\Program Files\vbuzzer\addurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: *** traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart *** Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock2.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{875701BB-B5B2-4CB1-838F-18AB1C96AA00}: NameServer = 10.40.155.33 10.40.155.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg
O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/03/clip_image001.gif
O24 - Desktop Component 2: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/04/clip_image002.jpg
O24 - Desktop Component 3: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/05/clip_image001.jpg
O24 - Desktop Component 4: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/02/clip_image001.jpg

--
End of file - 10013 bytes
 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

إضافه ....
أنا جربت الطريقه الثانيه ..
ويقول تم تعطيل تحرير التسجيل من قبل المستخدم ..؟
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

فيه فايروس وعندك ايميل بعد يرسل اكيد رسائل قد تكون مخله للمضافين عندك

ايقاف استعادة النظام ايقاف برنامج الانتي فايروس
اوكي استخدم هذي الاداة وعطني التقرير الي يطلع منها
اداة combofix
حمل الاداة
هنا
اتبع الشرح









ونظف جهازك بالاداة التاليه

ATF-Cleaner

حمل الاداة هذي اضغط هنا

 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

:::::::NOTE:::::::

Now I can't write in Arabic ???




==============



This is the document
----------------->>>>>>



ComboFix 09-06-26.02 - مريــــــــــــــــم 06/29/2009 1:50.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.965.1025.18.1789.1235 [GMT 3:00]
Running from: c:\documents and settings\Administrator\My Documents\مشغل البر امج\شرح.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\com.run
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\dp1.fne
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\eAPI.fne
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\internet.fne
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\krnln.fnr
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\RegEx.fnr
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\****l.fne
c:\docume~1\ADMINI~1\LOCALS~1\Temp\E_4\spec.fne
c:\documents and settings\Administrator\قائمة ابدأ\البرامج\بدء التشغيل\،،،،،،.lnk
c:\documents and settings\Guest\قائمة ابدأ\البرامج\بدء التشغيل\،،،،،،.lnk
c:\restore\S-1-5-21-1482476501-1644491937-682003330-1013
c:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
c:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\Taquito.exe
c:\windows\system32\com.run
c:\windows\system32\dp1.fne
c:\windows\system32\eAPI.fne
c:\windows\system32\internet.fne
c:\windows\system32\krnln.fnr
c:\windows\system32\og.dll
c:\windows\system32\og.edt
c:\windows\system32\RegEx.fnr
c:\windows\system32\****l.fne
c:\windows\system32\spec.fne
c:\windows\system32\ul.dll
c:\windows\system32\XP-D017BA83.EXE

.
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-28 )))))))))))))))))))))))))))))))
.

2009-06-28 22:05 . 2009-06-28 22:07 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-28 22:05 . 2009-06-28 22:05 -------- d-----w- c:\windows\LastGood
2009-06-28 21:39 . 2009-05-09 15:38 165240 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2009-06-28 18:15 . 2009-06-28 18:15 816640 ----a-w- c:\documents and settings\Administrator\Application Data\Htm real\vqwhabhd.exe
2009-06-28 18:12 . 2009-06-28 18:12 -------- d-----w- c:\program files\Htm real
2009-06-28 10:38 . 2009-06-28 10:38 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-06-27 18:48 . 2009-06-27 18:48 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\Google
2009-06-27 12:10 . 2009-06-27 12:10 1997440 ----a-w- c:\documents and settings\Administrator\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-06-19 13:42 . 2009-06-28 09:33 -------- d-----w- c:\program files\أحكام التجويد
2009-06-19 13:35 . 2009-06-19 13:37 -------- d-----w- c:\program files\Quran 3.0
2009-06-19 13:33 . 1998-06-17 21:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2009-06-19 13:27 . 2009-06-19 13:29 -------- d-----w- c:\windows\thkir
2009-06-19 13:27 . 2009-06-27 15:38 -------- d-----w- c:\program files\Al-Thkir
2009-06-19 13:23 . 2009-06-19 13:26 -------- d-----w- c:\program files\Ela-Salaty
2009-06-19 13:23 . 2009-06-19 13:23 -------- d-----w- c:\windows\Ela-Salaty
2009-06-18 18:53 . 2009-06-28 11:37 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-18 18:50 . 1998-10-29 13:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-06-18 06:00 . 2009-06-18 06:00 472584 ----a-w- c:\documents and settings\Administrator\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-15 17:50 . 2006-08-09 07:02 190976 ----a-w- c:\documents and settings\Administrator\Application Data\GRETECH\GomPlayer\GrLauncher.exe
2009-06-11 00:03 . 2009-05-07 15:42 344064 ----a-w- c:\windows\system32\localspl.dll
2009-06-11 00:00 . 2009-04-19 20:08 1846528 ----a-w- c:\windows\system32\win32k.sys
2009-06-03 20:32 . 2009-06-04 11:48 -------- d-----w- c:\program files\SweetIM
2009-05-30 18:01 . 2009-05-30 18:01 96645 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-30 18:01 . 2009-05-30 18:01 87941 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-30 18:00 . 2009-05-30 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-28 21:48 . 2009-04-29 19:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\HPAppData
2009-06-28 21:43 . 2001-09-19 11:00 59628 ----a-w- c:\windows\system32\perfc001.dat
2009-06-28 21:43 . 2001-09-19 11:00 331398 ----a-w- c:\windows\system32\perfh001.dat
2009-06-28 18:15 . 2009-05-29 05:30 417792 ----a-w- c:\documents and settings\Administrator\Application Data\Htm real\Download Frag Ace Thunk.exe
2009-06-28 18:15 . 2009-05-29 05:30 -------- d-----w- c:\documents and settings\Administrator\Application Data\Htm real
2009-06-28 18:12 . 2009-05-29 05:30 651264 ----a-w- c:\documents and settings\Administrator\Application Data\Htm real\remote user.exe
2009-06-28 18:11 . 2009-05-29 05:29 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-28 12:51 . 2009-03-10 17:42 62360 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-28 09:51 . 2009-04-24 19:19 -------- d-----w- c:\program files\Google
2009-06-28 09:33 . 2009-03-10 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-06-19 13:33 . 2009-03-10 17:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-18 18:45 . 2009-04-30 07:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\U3
2009-05-30 18:23 . 2009-05-14 22:04 32 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-05-30 18:23 . 2009-05-14 22:04 32 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-30 18:23 . 2009-05-14 22:04 32 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-30 18:23 . 2009-05-14 22:04 32 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-29 05:38 . 2009-05-29 05:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-05-29 05:30 . 2009-05-29 05:30 913408 ----a-w- c:\documents and settings\Administrator\Application Data\Htm real\vxghfsav.exe
2009-05-29 05:29 . 2009-05-29 05:29 -------- d-----w- c:\program files\Circle Dvelopement
2009-05-25 19:11 . 2009-03-10 18:36 -------- d-----w- c:\program files\Windows Live
2009-05-23 19:10 . 2009-05-23 19:10 2678 ----a-w- c:\windows\java\Packages\Data\N9VFHZRF.DAT
2009-05-23 19:10 . 2009-05-23 19:10 2678 ----a-w- c:\windows\java\Packages\Data\TJDV1731.DAT
2009-05-23 19:10 . 2009-05-23 19:10 2678 ----a-w- c:\windows\java\Packages\Data\QE6PVL3D.DAT
2009-05-23 19:10 . 2009-05-23 19:10 2678 ----a-w- c:\windows\java\Packages\Data\G13VHZDN.DAT
2009-05-23 19:10 . 2009-05-23 19:10 2678 ----a-w- c:\windows\java\Packages\Data\24I5ZN7D.DAT
2009-05-21 14:04 . 2009-05-21 14:01 -------- d-----w- c:\program files\MessengerPlus! 3
2009-05-21 05:24 . 2009-05-18 07:30 -------- d-----w- c:\documents and settings\Guest\Application Data\HPAppData
2009-05-21 01:09 . 2009-05-21 01:09 -------- d-----w- c:\program files\MSECache
2009-05-21 00:10 . 2009-05-11 19:36 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-21 00:00 . 2009-05-21 00:00 -------- d-----w- c:\program files\MSXML 4.0
2009-05-20 21:18 . 2009-05-18 17:47 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-05-20 13:13 . 2009-05-20 13:13 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-20 13:11 . 2009-05-20 12:35 -------- d-----w- c:\program files\TweakMASTER
2009-05-20 12:25 . 2009-05-18 17:47 -------- dcsh--w- c:\program files\Common Files\WindowsLiveInstaller
2009-05-20 12:19 . 2009-05-20 12:19 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-20 12:07 . 2009-05-20 12:07 -------- d-----w- c:\documents and settings\Guest\Application Data\CyberLink
2009-05-20 04:56 . 2009-05-11 00:01 -------- d-----w- c:\documents and settings\Guest\Application Data\U3
2009-05-18 16:48 . 2009-04-25 14:10 -------- d--h--r- c:\documents and settings\Administrator\Application Data\yahoo!
2009-05-18 16:48 . 2009-04-25 13:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-05-14 22:02 . 2009-05-14 22:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-14 19:03 . 2009-05-14 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Hagel Technologies
2009-05-13 22:35 . 2009-05-13 22:35 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-13 22:35 . 2009-03-10 18:43 -------- d-----w- c:\program files\Common Files\Real
2009-05-13 22:35 . 2009-03-10 18:41 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-11 19:36 . 2009-04-23 20:24 -------- d-----w- c:\program files\Microsoft
2009-05-11 19:36 . 2009-05-11 19:36 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-05-11 16:37 . 2009-05-11 16:37 0 ----a-w- c:\windows\nsreg.dat
2009-05-10 18:52 . 2009-05-10 18:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\Vbuzzer Messenger
2009-05-09 20:52 . 2009-05-09 20:52 -------- d-----r- c:\program files\Norton Support
2009-05-09 15:42 . 2009-05-09 15:39 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-05-09 15:38 . 2009-05-09 15:38 136840 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\SyKnAppS\patch25.dll
2009-05-09 15:38 . 2009-05-09 15:38 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG32.DLL
2009-05-09 15:38 . 2009-05-09 15:38 1176944 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX32A.DLL
2009-05-09 15:38 . 2009-05-09 15:38 447864 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\idsxpx86.dll
2009-05-09 15:38 . 2009-05-09 15:38 447864 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.dll
2009-05-09 15:38 . 2009-05-09 15:38 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ECMSVR32.DLL
2009-05-09 15:38 . 2009-05-11 16:37 546160 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
2009-05-09 15:38 . 2009-05-09 15:38 796016 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\CLT\cltLMSx.dll
2009-05-09 15:38 . 2009-05-09 15:38 2393648 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\CCERASER.DLL
2009-05-09 15:38 . 2009-05-09 15:38 -------- d-----w- c:\program files\Norton Internet Security
2009-05-09 15:38 . 2009-05-09 15:38 -------- d-----w- c:\program files\Windows Sidebar
2009-05-09 15:38 . 2009-05-09 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-05-09 15:35 . 2009-05-09 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-05-09 15:28 . 2009-05-09 15:28 -------- d-----w- c:\program files\NortonInstaller
2009-05-09 15:27 . 2009-05-09 15:22 -------- d-----w- c:\documents and settings\الغـــلا كلـــه\Application Data\HPAppData
2009-05-08 18:05 . 2009-05-08 18:05 57688 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 18:05 . 2009-05-08 18:05 -------- d-----w- c:\documents and settings\Guest\Application Data\ATI
2009-05-08 18:03 . 2009-05-08 18:03 57688 ----a-w- c:\documents and settings\الغـــلا كلـــه\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-08 18:03 . 2009-05-08 18:03 -------- d-----w- c:\documents and settings\الغـــلا كلـــه\Application Data\ATI
2009-05-08 18:02 . 2009-05-08 18:02 -------- d-----w- c:\documents and settings\الغـــلا كلـــه\Application Data\ESET
2009-05-08 17:05 . 2009-05-08 17:05 -------- d-----w- c:\documents and settings\Guest\Application Data\ESET
2009-05-04 20:21 . 2009-03-10 18:44 -------- d-----w- c:\program files\Real_SC
2009-05-04 20:18 . 2009-03-10 18:36 -------- d-----w- c:\program files\Paltalk Messenger
2009-04-29 04:51 . 2004-08-03 20:55 657920 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:51 . 2004-08-03 20:55 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-04-15 15:12 . 2004-08-03 20:55 584192 ----a-w- c:\windows\system32\rpcrt4.dll
.

------- Sigcheck -------

[7] 2004-08-03 20:56 14336 0ECD0853CADB84AE5DF7DA9BD1731CC7 c:\windows\system32\svchost.exe
[7] 2004-08-03 20:56 14336 0ECD0853CADB84AE5DF7DA9BD1731CC7 c:\windows\system32\dllcache\svchost.exe

[7] 2004-08-03 20:55 576512 EDE1D5F29B2752953F3D5D11004154C1 c:\windows\system32\user32.dll
[7] 2004-08-03 20:55 576512 EDE1D5F29B2752953F3D5D11004154C1 c:\windows\system32\dllcache\user32.dll

[7] 2004-08-03 20:56 82944 C3B9FD7B0D0824FC224684B73302A0FD c:\windows\system32\ws2_32.dll
[7] 2004-08-03 20:56 82944 C3B9FD7B0D0824FC224684B73302A0FD c:\windows\system32\dllcache\ws2_32.dll

[7] 2009-02-20 08:14 666624 B154F178CCA32FF0E56AF89567477B02 c:\windows\$hf_mig$\KB963027\SP2QFE\wininet.dll
[7] 2009-02-20 08:09 664576 4CCA22CDD450C498A634E8759D12A493 c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll
[7] 2009-02-20 07:51 666112 C2538A0FCF4642462D40E3216791E6CB c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[7] 2009-04-29 04:30 666624 5439FA7C66ADCCE81A4F445A3B984570 c:\windows\$hf_mig$\KB969897\SP2QFE\wininet.dll
[7] 2009-04-29 04:33 665088 26CAE8DB0304BD706FAE5B1EEBD9B580 c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[7] 2009-04-29 04:28 666624 0839F6073902D079CDB64BA86A2CC689 c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[7] 2004-08-03 20:55 654848 1E1CEF80A11BDAB92B2A83F885D214D5 c:\windows\$NtUninstallKB963027$\wininet.dll
[7] 2009-02-20 08:29 657920 93420320370C40E0E5301A746986A2E1 c:\windows\$NtUninstallKB969897$\wininet.dll
[7] 2009-04-29 04:51 657920 77C75CAB8FFEBDC2FC699CC364E0088A c:\windows\SoftwareDistribution\Download\085ce937b49878e010e773db2fd6cb55\sp2gdr\wininet.dll
[7] 2009-04-29 04:30 666624 5439FA7C66ADCCE81A4F445A3B984570 c:\windows\SoftwareDistribution\Download\085ce937b49878e010e773db2fd6cb55\sp2qfe\wininet.dll
[7] 2009-04-29 04:33 665088 26CAE8DB0304BD706FAE5B1EEBD9B580 c:\windows\SoftwareDistribution\Download\085ce937b49878e010e773db2fd6cb55\sp3gdr\wininet.dll
[7] 2009-04-29 04:28 666624 0839F6073902D079CDB64BA86A2CC689 c:\windows\SoftwareDistribution\Download\085ce937b49878e010e773db2fd6cb55\sp3qfe\wininet.dll
[7] 2009-04-29 04:51 657920 77C75CAB8FFEBDC2FC699CC364E0088A c:\windows\system32\wininet.dll
[7] 2009-04-29 04:51 657920 77C75CAB8FFEBDC2FC699CC364E0088A c:\windows\system32\dllcache\wininet.dll

[7] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2004-08-03 19:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\drivers\tcpip.sys

[7] 2004-08-03 20:56 501248 BA4E08425B62BE257AE4557DA058F1AA c:\windows\system32\winlogon.exe
[7] 2004-08-03 20:56 501248 BA4E08425B62BE257AE4557DA058F1AA c:\windows\system32\dllcache\winlogon.exe

[7] 2004-08-03 19:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys
[7] 2004-08-03 19:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys

[7] 2004-08-03 19:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys
[7] 2004-08-03 19:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys

[7] 2009-02-09 11:41 2064512 76D4AE381DB33DED1A38D541887BD1F0 c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2009-02-10 16:03 2067584 A4C3645FF33495D60C9210EF94113DEA c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 11:14 2067712 BF87F187CEBD49FA80AEF07431295048 c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2004-08-03 21:08 2016768 0CBE3942657196CB871738E5D4A9DA79 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2009-02-09 11:48 2059264 F053586033C0F793F80F95F8376CEA05 c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2009-02-09 11:48 2017280 68A0E2F6A8B6E9AB1D461686EC15CB3F c:\windows\system32\ntkrnlpa.exe
[7] 2009-02-09 11:48 2059264 F053586033C0F793F80F95F8376CEA05 c:\windows\system32\dllcache\ntkrnlpa.exe

[7] 2009-02-09 11:41 2187648 63B601A19C76DE3DFFB48C9153E5FB15 c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 11:22 2190592 BAC3C70CE9AAE5129516FEBFE001C873 c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-10 16:13 2190720 6140520CDCCE0CCC733DD19262411952 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2004-08-03 20:48 2149888 10AC039A4734D143A84763AEBACBCD89 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2009-02-09 11:48 2182016 8B35F1EDF5C5BA099BE4CA639DD84C47 c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2009-02-09 11:48 2137600 C1D2802B726CDFD99860CBC5600D5808 c:\windows\system32\ntoskrnl.exe
[7] 2009-02-09 11:48 2182016 8B35F1EDF5C5BA099BE4CA639DD84C47 c:\windows\system32\dllcache\ntoskrnl.exe

[7] 2004-08-03 20:56 1029632 932F97B77F2625F7FF7DFC97552548F8 c:\windows\explorer.exe
[7] 2004-08-03 20:56 1029632 932F97B77F2625F7FF7DFC97552548F8 c:\windows\system32\dllcache\explorer.exe

[7] 2009-02-09 09:50 110592 7BD0C03478A331554FF67E4559BD308E c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[7] 2009-02-09 11:21 110592 1427365EFF6F4758DDC88388045E8400 c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[7] 2009-02-09 11:14 110592 7FB6B5705BBDD9B92B2A99FFA25E4CE3 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2004-08-03 20:56 108032 706B1ED77D90DFAFC71AC86AFCC1CC03 c:\windows\$NtUninstallKB956572$\services.exe
[7] 2009-02-09 10:05 110592 E157D81294EDEC6F42792AB6551A3F93 c:\windows\system32\services.exe
[7] 2009-02-09 10:05 110592 E157D81294EDEC6F42792AB6551A3F93 c:\windows\system32\dllcache\services.exe

[7] 2004-08-03 20:56 13312 E0C58B25FA2A8AC9EA18A0A5ABB8A932 c:\windows\system32\lsass.exe
[7] 2004-08-03 20:56 13312 E0C58B25FA2A8AC9EA18A0A5ABB8A932 c:\windows\system32\dllcache\lsass.exe

[7] 2004-08-03 20:56 15360 B87D2319441038F62BDDAEEB6BCE156D c:\windows\system32\ctfmon.exe
[7] 2004-08-03 20:56 15360 B87D2319441038F62BDDAEEB6BCE156D c:\windows\system32\dllcache\ctfmon.exe

[7] 2004-08-03 20:56 57856 5917EF4B63693507C1BE9D1986D2E1DB c:\windows\system32\spoolsv.exe
[7] 2004-08-03 20:56 57856 5917EF4B63693507C1BE9D1986D2E1DB c:\windows\system32\dllcache\spoolsv.exe

[7] 2008-10-16 11:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\wuauclt.exe
[7] 2008-10-16 11:09 51224 E654B78D2F1D791B30D0ED9A8195EC22 c:\windows\system32\dllcache\wuauclt.exe

[7] 2004-08-03 20:56 24576 E5B1BAFAC265460493B1A12B65C1CF52 c:\windows\system32\userinit.exe
[7] 2004-08-03 20:56 24576 E5B1BAFAC265460493B1A12B65C1CF52 c:\windows\system32\dllcache\userinit.exe

[7] 2004-08-03 20:55 295424 4D42FE6F795DEA7917F329A40A175294 c:\windows\system32\termsrv.dll
[7] 2004-08-03 20:55 295424 4D42FE6F795DEA7917F329A40A175294 c:\windows\system32\dllcache\termsrv.dll

[7] 2009-03-21 13:54 1357312 6408A503EDF4ACBE0F56F252963572C1 c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[7] 2009-03-21 14:08 1357824 08000FB156274AEFD51A57299422D023 c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[7] 2009-03-21 13:59 1359872 AED671FD84652A2E59B1EDF57DC54048 c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2004-08-03 20:55 1351680 458F1764A02B43A053D0E2CEF2A6AE5B c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2009-03-21 14:19 1354240 066648E62711DF29186B3D9089E95486 c:\windows\system32\kernel32.dll
[7] 2009-03-21 14:19 1354240 066648E62711DF29186B3D9089E95486 c:\windows\system32\dllcache\kernel32.dll

[7] 2004-08-03 20:55 17408 A8C31D5B403B48E98F352DCBCFCEEB9E c:\windows\system32\powrprof.dll
[7] 2004-08-03 20:55 17408 A8C31D5B403B48E98F352DCBCFCEEB9E c:\windows\system32\dllcache\powrprof.dll

[7] 2004-08-03 20:55 110080 E3FE07E893352F48748790DA6FD04A42 c:\windows\system32\imm32.dll
[7] 2004-08-03 20:55 110080 E3FE07E893352F48748790DA6FD04A42 c:\windows\system32\dllcache\imm32.dll

[-] 2008-07-07 20:10 1547776 6E932D21E116B51ED9D5157E31C48E33 c:\windows\system32\sfcfiles.dll

[7] 2004-08-03 20:55 162304 79F957B2C78F8A27830A482CC7770BE0 c:\windows\system32\appmgmts.dll
[7] 2004-08-03 20:55 162304 79F957B2C78F8A27830A482CC7770BE0 c:\windows\system32\dllcache\appmgmts.dll

[7] 2004-08-03 21:45 24448 356C3EB547902E04CA7FEE05BCCE5C7B c:\windows\system32\dllcache\kbdclass.sys
[7] 2004-08-03 21:45 24448 356C3EB547902E04CA7FEE05BCCE5C7B c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-03 20:45 24448 356C3EB547902E04CA7FEE05BCCE5C7B c:\windows\system32\ReinstallBackups\0000\DriverFiles\i386\kbdclass.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"softwarejoy"="c:\docume~1\ADMINI~1\APPLIC~1\HTMREA~1\remote user.exe" [2009-06-28 651264]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-23 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 247088]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 108032]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 126976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 118784]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 150528]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-13 271888]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-06-23 142320]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1122304]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

c:\documents and settings\Administrator\çں‍ê، ں*§ڑ\ںé*©ںê¤\*§ک ں颬نïé\
Ela-Salaty.lnk - c:\program files\Ela-Salaty\Salaty.exe [2006-7-22 4722176]

c:\documents and settings\All Users\çں‍ê، ں*§ڑ\ںé*©ںê¤\*§ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-28 183296]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-12 655421]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 288088]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSTE08.exe
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe"=
"c:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\MOM.exe"=
"c:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"=
"c:\\Program Files\\Hewlett-Packard\\Shared\\HpqToaster.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"=
"c:\\Program Files\\Zain e-GO\\Zain e-GO\\Zain e-GO.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Smart *** Printing\\hpswp_clipbook.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\Source Engine\\OSE.EXE"=
"c:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\usnsvc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqbam08.exe"=
"c:\\PROGRA~1\\GRETECH\\GOMPLA~1\\GOM.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\Ela-Salaty\\Salaty.exe"=
"c:\\WINDOWS\\system32\\dumprep.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\PROGRA~1\\INSTAL~1\\{F0A37~1\\setup.exe"=
"c:\\Program Files\\Google\\Quick Search Box\\GoogleQuickSearchBox.exe"=
"c:\\Program Files\\Microsoft\\Office Live\\OfficeLiveSignIn.exe"=
"c:\\program files\\hp\\digital imaging\\{ae9a67f9-adf1-4a44-bab5-c1db302b37a2}\\setup\\hpzscr01.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 06:29 م 32784]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [28/03/2008 10:14 ص 24064]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1000000.07D\SymEFA.sys [09/05/2009 06:39 م 309296]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1000000.07D\BHDrvx86.sys [09/05/2009 06:39 م 254512]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1000000.07D\ccHPx86.sys [09/05/2009 06:39 م 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSxpx86.sys [09/05/2009 06:39 م 274808]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [09/05/2009 06:39 م 115560]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\fmnjkn.sys --> c:\windows\system32\drivers\fmnjkn.sys [?]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [10/03/2009 08:58 م 193840]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [09/05/2009 06:39 م 99376]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [25/03/2008 08:07 م 24592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Vbuzzer Messenger - c:\program files\vbuzzer\VBuzzer.exe
HKLM-Run-XP-D017BA83 - c:\windows\system32\XP-D017BA83.EXE


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Vbuzzer RSS list - c:\program files\vbuzzer\addurl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\windows\System32\mswsock2.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4qytwfjr.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - SweetIM Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-29 01:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll

- - - - - - - > 'lsass.exe'(892)
c:\windows\System32\mswsock2.dll
.
Completion time: 2009-06-28 2:01
ComboFix-quarantined-files.txt 2009-06-28 23:01

Pre-Run: 35,650,621,440 bytes free
Post-Run: 38,241,206,272 bytes free

377 --- E O F --- 2009-06-28 16:42
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

اللحين ماعليك الا تحمل الملف تكست هذا ثم فك الضغط بنفس المكان الموجودة به الأداة


ثم نأتي للملف الذي قمنا بحفظه نضع الماوس ثم سحب وإفلات على الأداة

إنظر للصورة المتحركة



وكذا راح تنتهي باذن الله مشكلتك


ونظف جهازك بالاداة التاليه

ATF-Cleaner

حمل الاداة هذي اضغط هنا



وماعليك اللغة ولايهمك راح نرجعها عربي لاتخاف بس اهم شي يضبط معك الجهاز وراح تزيلي جميع برامج الحماية

اللي عندك وتحملي برنامج ال Bit Defender​
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

من لوحة التحكم

Regional and language Option



نضع سيدي الوندوز ثم نضع علامة الصح أمام



من هنا ومن Detail ثم Advanced



ثم نضع علامة صح في المربع كما في الصورة



نطلع على هذه اللوحة ويجب أن تكون لوحة
المفاتيح للغة العربية 101



هنا نضع اللغة العربية المرغوب فيها لافرق بينهم









نضع نفس اللغة التي وضعناها في الشاشة السايقة

 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

اذا دشيت الرابط
يقول لا يمكن فتح الصفحه ???
 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

مشكور أخوي أدري تعبتك معاي بس والله إني خيخه بالاجهزه
وشكلي بسوي مثل كل مره بوديه لاقرب محل
ويعطيك الله الف الف عافيه وما قصرت
والله يجعله في موازين حسناتك ان كان اللي تسويه بصافي نيه
والله يعطيك على قد نيتك
ويرزقك من حيث لا تحتسب
واسفه مره ثانيه تعبتك
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

العفو اختي وتعبك راحة الله يعينك واعذريني على القصور​
 
إنضم
28 يونيو 2009
المشاركات
8
الإعجابات
0
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

يعلم الله ما جاء منك قصور
بس خبرك لك علي بالاجهزه
>> الاعتراف بالحق فضيله :15:
ومشكور مره ثانيه ..
 
إنضم
13 يوليو 2007
المشاركات
1,615
الإعجابات
65
النقاط
0
رد: أخوي (( ذبحنــ غلاها ـــي )) ممكن..!!

مجرد عضوة اذا ناوية تفرمتيه خلاص

اشتري سي دي ويندوز اكس بي من نفس المحل الفرمتة شي سهل بالمره وحرام تضيع فلوس ومشاوير وقت

وكم سي دي للبرامج مثل اسطوانة القعقاع واسطوانة لميكرواوفس 2007 او 2003 وتعاريف على حسب نوع جهازك

واي خدمة انا حاظر​
 
الحالة
مغلق و غير مفتوح للمزيد من الردود.

الأعضاء النشطين حاليآ الذين يشاهدون هذا الموضوع (1 عضو و 0 ضيف)

خيارات الاستايل

نوع الخط
مودك
اخفاء السايدر بار OFF
توسيط المنتدى OFF
فصل الأقسام OFF
الأقسام الفرعية OFF
عرض المشاركات
حجم الخط
معلومات العضو OFF
إخفاء التوقيع OFF

إرجاع خيارات الإستايل