אשכול: נדפקו לי כל מיני תכונות של Windows XP

משהו נידפק אצלי
אני לא יכל להיכנס למאפיינים (בשולחןעבודה)
שאני ניכנס ללוח הבקרה אני רוצה למחוק קובץ ניכנס להוספה או הסרה וזה לא ניכנס לי
ניכנס ללוח המקשים לא ניכנס
ולעוד כמה ..
ושאני מנסה להיכנס זה כותב במנהל משימות rundll21.exe
מה עושים ??

אהלן,
תוריד ותתקין HijackThis מהקישור הנ"ל: http://www.trendmicro.com/ftp/produc...HiJackThis.msi
לאחר מכן כנס לתוכנה, תלחץ על "Do a system scan and save a logfile"
לאחר שזה יסיים יפתח לך לוג בפנקס רשימות (Notepad)
תעתיק את הכל לכאן.

דבר נוסף שתעשה, תוריד DDS מכאן: http://download.bleepingcomputer.com/sUBs/dds.com
תסגור את האנטיוירוס שלך במידה וקיים ושמור את זה לשולחן עבודה.
תריץ את הקובץ ולאחר מכן יופיעו לך 2 קבצים, Attach.txt, DDS.txt
תעתיק את שניהם לפה.

זה עושה לי את זה:

ושאני לוחץ על אישור זה לא עושה כלום

אוקיי ומה לגבי השני?
לגבי השגיאה הזאת, תנסה להשתמש בזה במקום: http://www.trendmicro.com/ftp/produc...HijackThis.exe

HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:31, on 10/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\progra~1\avg\avg9\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\_ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\עדן\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.walla.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.walla.co.il/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O2 - BHO: [email protected] - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
O4 - HKLM\..\Run: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "c:\program files\mail.ru\guard\guardmailru.exe" /gui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [RGSC] c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe /silent
O4 - HKCU\..\Run: [Torrent2Exe] c:\docume~1\9e2d~1\locals~1\temp\torrent2exe\t2e.exe --autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\WinDir\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\WinDir\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {BA6272FD-A7AD-4498-9476-552040B7EDD4} (Image Uploader Combo Control) - http://mekusharim.walla.co.il/ImageUploader6.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://service.futuremark.com/openap...ivers/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: כלי הטעינה מראש של Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: שרת (Daemon) של מטמון קטגוריות רכיבים - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Mail.Ru\Guard\GuardMailRu.exe (file missing)
O23 - Service: שירות Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe (file missing)
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - Unknown owner - C:\WINDOWS\system32\msiexec.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 8898 bytes


DDS


DDS (Ver_10-12-05.01) - NTFSx86
Run by ’ƒ at 22:17:03.93 on Fri 12/10/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1255.972.1037.18.2046.1226 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\progra~1\avg\avg9\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\_ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\עדן\My Documents\Downloads\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\עדן\My Documents\Downloads\dds.com

============== Pseudo HJT Report ===============

uSearch Page =
uSearch Bar =
uStart Page = hxxp://www.walla.co.il/
mSearch Page =
mStart Page = hxxp://www.walla.co.il/
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant =
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBro0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBro0.dll
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - c:\program files\brothersoft_extreme\tbBro0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
uRun: [RGSC] c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe /silent
uRun: [Torrent2Exe] c:\docume~1\9e2d~1\locals~1\temp\torrent2exe\t2e.exe --autorun
uRun: [EA Core] "c:\program files\electronic arts\eadm\Core.exe" -silent
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [NvCplDaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
mRun: [Guard.Mail.ru.gui] "c:\program files\mail.ru\guard\guardmailru.exe" /gui
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uExplorerRun: [Policies] c:\windows\system32\windir\svchost.exe
mExplorerRun: [Policies] c:\windows\system32\windir\svchost.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {BA6272FD-A7AD-4498-9476-552040B7EDD4} - hxxp://mekusharim.walla.co.il/ImageUploader6.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://service.futuremark.com/openapi/receivers/FMSI.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {08B0E5JF-4FCB-11CF-AAA5-00401C6XX500} - c:\windows\system32\spynet\explorer.exe
mASetup: {WHD0DVNF-LQ6V-VFK8-34J4-50436JA7670F} - c:\windows\system32\windir\svchost.exe

============= SERVICES / DRIVERS ===============

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2010-2-27 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2010-2-27 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-8-6 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-8-6 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-8-6 243024]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2010-4-22 33824]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-8-6 308136]
S2 Guard.Mail.ru;Guard.Mail.ru;"c:\program files\mail.ru\guard\guardmailru.exe" --> c:\program files\mail.ru\guard\GuardMailRu.exe [?]
S2 gupdate;שירות Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-5 135664]
S3 AhnRptTfFRegFNT;AhnRptTfFRegFNT;\??\c:\docume~1\9e2d~1\locals~1\temp\nse5b.tmp\tffregnt.sys --> c:\docume~1\9e2d~1\locals~1\temp\nse5b.tmp\TfFRegNt.sys [?]
S3 cpuz130;cpuz130;\??\c:\docume~1\9e2d~1\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\9e2d~1\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\9e2d~1\locals~1\temp\nmkf58c.tmp --> c:\docume~1\9e2d~1\locals~1\temp\NMKF58C.tmp [?]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\documents and settings\עדן\שולחן העבודה\תיקיה חדשה (2)\ilvmoney1236.sys --> c:\documents and settings\עדן\שולחן העבודה\תיקיה חדשה (2)\IlvMoney1236.sys [?]
S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVENG.SYS [?]
S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVEX15.SYS [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]

=============== File Associations ===============

regfile="regedit.exe" "%1"

=============== Created Last 30 ================

2010-12-10 14:51:56 -------- d-----w- c:\program files\The KMPlayer
2010-12-09 16:44:20 15360 --sha-w- c:\windows\system32\_ctfmon.exe
2010-12-09 15:41:45 -------- d-----w- c:\docume~1\9e2d~1\locals~1\applic~1\PCHealth
2010-12-09 14:56:29 -------- d-----w- c:\program files\Bing Bar Installer
2010-12-09 11:24:31 -------- d-----w- c:\program files\GameSpy Arcade
2010-12-06 10:43:02 -------- d-----w- c:\docume~1\9e2d~1\locals~1\applic~1\Adobe
2010-11-30 17:11:28 -------- d-----w- c:\docume~1\9e2d~1\applic~1\2XL
2010-11-30 17:10:59 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-30 17:10:59 102400 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-30 17:10:59 -------- d-----w- c:\program files\OpenAL
2010-11-30 17:02:58 -------- d-----w- c:\program files\2XL Games
2010-11-30 05:13:46 -------- d-----w- c:\docume~1\9e2d~1\locals~1\applic~1\FizzyStory
2010-11-30 05:11:30 -------- d-----w- c:\docume~1\9e2d~1\locals~1\applic~1\Lukas_Stranks
2010-11-25 12:59:38 -------- d-----w- c:\docume~1\9e2d~1\applic~1\FSW2
2010-11-14 11:34:49 2747 ----a-w- C:\STF48B.tmp
2010-11-14 11:34:10 -------- d-----w- c:\docume~1\9e2d~1\locals~1\applic~1\Activision
2010-11-11 14:08:41 -------- d-----w- c:\windows\system32\Adobe

==================== Find3M ====================

2010-12-10 17:33:48 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-12-10 17:33:48 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-10 13:48:09 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2010-12-09 15:53:57 1292288 ----a-w- c:\windows\system32\ctfmon.exe
2010-12-08 17:16:55 139152 ----a-w- c:\docume~1\9e2d~1\applic~1\PnkBstrK.sys
2010-12-06 10:48:09 1704960 ----a-w- c:\windows\system32\wiaacmgr.exe
2010-12-06 10:48:09 1341440 ----a-w- c:\windows\system32\wextract.exe
2010-12-06 10:48:05 1327104 ----a-w- c:\windows\system32\utilman.exe
2010-12-06 10:47:54 1412096 ----a-w- c:\windows\system32\taskmgr.exe
2010-12-06 10:47:38 1347072 ----a-w- c:\windows\system32\sigverif.exe
2010-12-06 10:47:37 1354240 ----a-w- c:\windows\system32\shrpubw.exe
2010-12-06 10:47:32 1310208 ----a-w- c:\windows\system32\rundll32.exe
2010-12-06 10:47:20 1333248 ----a-w- c:\windows\system32\rasphone.exe
2010-12-06 10:47:19 1327104 ----a-w- c:\windows\system32\proquota.exe
2010-12-06 10:47:17 1292800 ----a-w- c:\windows\system32\perfmon.exe
2010-12-06 10:47:09 1309696 ----a-w- c:\windows\system32\odbcad32.exe
2010-12-06 10:46:56 1452032 ----a-w- c:\windows\system32\napstat.exe
2010-12-06 10:46:54 1355776 ----a-w- c:\windows\system32\msiexec.exe
2010-12-06 10:46:53 1283072 ----a-w- c:\windows\system32\msdtc.exe
2010-12-06 10:46:51 1349632 ----a-w- c:\windows\system32\magnify.exe
2010-12-06 10:46:40 1391616 ----a-w- c:\windows\system32\iexpress.exe
2010-12-06 10:46:38 1469952 ----a-w- c:\windows\system32\fsquirt.exe
2010-12-06 10:46:35 2575360 ----a-w- c:\windows\system32\dxdiag.exe
2010-12-06 10:46:33 1332224 ----a-w- c:\windows\system32\dvdplay.exe
2010-12-06 10:46:22 1338880 ----a-w- c:\windows\system32\cmstp.exe
2010-12-06 10:46:21 1315840 ----a-w- c:\windows\system32\cmmon32.exe
2010-12-06 10:46:19 1302016 ----a-w- c:\windows\system32\cmdl32.exe
2010-12-05 18:55:21 144384 ----a-w- c:\windows\system32\miccyhook.dll
2010-11-21 15:25:19 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-10 16:10:39 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-10-02 18:41:47 65004 ----a-w- c:\docume~1\9e2d~1\applic~1\עדן3SQLite3.dll
2010-09-18 10:22:56 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:52:55 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:52:55 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:52:55 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-12 11:51:57 1844 ----a-w- c:\windows\system32\ealregsnapshot1.reg

============= FINISH: 22:17:31.93 ===============

אני רואה שיש לך Norton Internet Security וגם AVG? באיזה מהם אתה משתמש?

בכל מקרה תבצע את הדברים הבאים:
פתח את HijackThis שוב פעם אבל הפעם תעשה "Do a system scan only"
תסמן ב-V את הבאים:

קוד:

R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O2 - BHO: [email protected] - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBro0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "c:\program files\mail.ru\guard\guardmailru.exe" /gui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [RGSC] c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe /silent
O4 - HKCU\..\Run: [Torrent2Exe] c:\docume~1\9e2d~1\locals~1\temp\torrent2exe\t2e.exe --autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\WinDir\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\WinDir\svchost.exe
O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab...i_4.1.71.0.cab
O16 - DPF: {BA6272FD-A7AD-4498-9476-552040B7EDD4} (Image Uploader Combo Control) - http://mekusharim.walla.co.il/ImageUploader6.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://service.futuremark.com/openap...ivers/FMSI.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: כלי הטעינה מראש של Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: שרת (Daemon) של מטמון קטגוריות רכיבים - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

ולאחר שסימנת תעשה Fix Checked.

תוריד ותתקין Malwarebytes Anti-Malware:
http://www.techspot.com/downloads/47...i-malware.html

תעשה Update לתוכנה שתהיה עם העדכונים האחרונים שלה ולאחר מכן תסמן Perform quick scan ותסרוק.
חכה שזה יסיים ולאחר מכן אתה צריך לקבל קובץ LOG לאחר שתסתיים הסריקה, תעתיק את הכל לפה.

תוריד את הקובץ הבא: http://www.fileflyer.com/view/mcqBIBQ
ותריץ אותו, לאחר מכן יפתח לך קובץ בשם eden.txt - תעתיק הכל לפה.

אחרי שאתה מסיים לעשות את כל אלה תבצע RESTART למחשב ותפרסם כאן שוב פעם לוג של HijackThis וגם של DDS. (והפעם תצרף 2 הקבצים של DDS... בפעם האחרונה לא צירפת קובץ אחד)
תענה על כל השאלות ותבצע את כל השלבים אחד לאחד.

זה כל הTXT
http://www.f2h.co.il/7491155946627
אני עכשיו עושה ריסט