مشكلتي المتصفح enternet explorer عندما افتحه .. لااستطيع الدخول الى الصفحات في الاننترنت وباقي المتص

[احمدسالمين]

صباح الخير احبائي ارجو ان يكون الجميع بخير .. الحقيقه انا مشكلتي المتصفح enternet explorer عندما افتحه .. لااستطيع الدخول الى الصفحات في الاننترنت وعندما استخدم الفيرفوكس فانه اوكي اي ليست هناك مشكلة .. علما باني لغيته ونزلت الاحدث internet explorerوالمشكله لازالت قائمة .. ارجو من لدية خبرة في هذا الامر مساعدتي ودمتم بخير احبائي .. مرفق تقرير الهايجاك
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Zain e-GO\Zain e-GO\Mobile Connect.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\acer\My Documents\Downloads\Programs\Zyzoom_HijackThis.exe
C:\Documents and Settings\acer\My Documents\Downloads\Programs\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8580
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EC7E23F-7774-428C-ADA4-2E149F660CA1}: NameServer = 10.40.155.33 10.40.155.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EC7E23F-7774-428C-ADA4-2E149F660CA1}: NameServer = 10.40.155.33 10.40.155.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6978 bytes

 

[boob77]

اعمل التالي قبل تقرير الهاجيك

حمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

يجب ان تكون جميع النوافذ مغلقة تماما
لا تلمس الماوس نهائيا عند الاستخدام
--------------------------------------------

 

[احمدسالمين]

تسلم يامراقبنا العزيز .. جاري عمل اللازم

 

[احمدسالمين]

تفضل طال عمرك هذا مرفق التقرير ..
ComboFix 08-10-12.01 - acer 10/14/2008 4:26:20.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.242 [GMT 3:00]
Running from: C:\Documents and Settings\acer\My Documents\Downloads\Programs\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\acer\Local Settings\Temporary Internet Files\SuggestedSites.dat
C:\WINDOWS\system32\NCTAVIFile.dll
C:\WINDOWS\system32\NCTQuickTimeFile.dll
C:\WINDOWS\system32\NCTRMFile.dll
C:\WINDOWS\system32\NCTVideoCoreM.dll

.
((((((((((((((((((((((((( Files Created from 2008-09-14 to 2008-10-14 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-12 02:27 --------- d-----w C:\Documents and Settings\acer\Application Data\Ulead Systems
2008-10-12 02:26 --------- d-----w C:\Program Files\Common Files\SONY Digital Images
2008-10-12 02:25 --------- d-----w C:\Program Files\Ulead Systems
2008-10-12 02:24 --------- d-----w C:\Program Files\Common Files\Ulead Systems
2008-10-12 02:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-10-11 06:35 --------- d-----w C:\Program Files\IObit
2008-10-10 00:57 155,995 ----a-w C:\WINDOWS\java\Packages\LJXBJXJX.ZIP
2008-10-10 00:36 --------- d-----w C:\Program Files\FlashFXP
2008-10-10 00:27 --------- d-----w C:\Program Files\Sun
2008-10-10 00:24 --------- d-----w C:\Program Files\Java
2008-10-10 00:18 --------- d-----w C:\Program Files\Common Files\Java
2008-10-09 11:13 --------- d-----w C:\Program Files\Allok RM RMVB to AVI MPEG DVD Converter
2008-10-09 08:40 --------- d-----w C:\Program Files\Internet Download Manager
2008-10-09 08:40 --------- d-----w C:\Documents and Settings\acer\Application Data\IDM
2008-10-08 07:45 --------- d-----w C:\Program Files\Easy DVD Creator
2008-10-08 03:01 --------- d-----w C:\Program Files\Xilisoft
2008-10-08 02:56 --------- d-----w C:\Documents and Settings\acer\Application Data\Any Video Converter Professional
2008-10-08 02:55 --------- d-----w C:\Program Files\Any Video Converter Professional
2008-10-08 00:26 --------- d-----w C:\Program Files\My Video Converter
2008-10-08 00:15 36,734 ----a-w C:\WINDOWS\system32\OggDSuninst.exe
2008-10-07 23:45 --------- d-----w C:\Program Files\Extra Video Converter
2008-10-07 23:06 --------- d-----w C:\Program Files\Any Video Converter
2008-10-07 23:06 --------- d-----w C:\Documents and Settings\acer\Application Data\Any Video Converter
2008-10-07 22:01 81,920 ----a-w C:\Documents and Settings\acer\Application Data\ezpinst.exe
2008-10-07 22:01 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-10-07 22:01 47,360 ----a-w C:\Documents and Settings\acer\Application Data\pcouffin.sys
2008-10-07 22:01 --------- d-----w C:\Documents and Settings\acer\Application Data\Vso
2008-10-07 22:00 --------- d-----w C:\Program Files\Video Convert Premier
2008-10-07 10:38 --------- d-----w C:\Program Files\Driver-Soft
2008-10-07 08:51 --------- d-----w C:\Program Files\Google
2008-10-07 08:51 --------- d-----w C:\Program Files\DivX
2008-10-07 07:31 --------- d-----w C:\Program Files\Your Uninstaller 2008
2008-10-07 07:31 --------- d-----w C:\Documents and Settings\acer\Application Data\URSoft
2008-10-07 06:30 --------- d-----w C:\Documents and Settings\acer\Application Data\Thinstall
2008-10-07 05:05 --------- d-----w C:\Program Files\AVI MPEG RM WMV Splitter
2008-10-07 04:06 --------- d-----w C:\Program Files\XviD
2008-10-07 04:04 --------- d-----w C:\Program Files\Apex
2008-10-05 08:38 --------- d-----w C:\Program Files\Apple Software Update
2008-10-05 08:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2008-10-05 08:38 --------- d-----w C:\Documents and Settings\acer\Application Data\Apple Computer
2008-10-05 08:37 --------- d-----w C:\Program Files\QuickTime
2008-10-05 08:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-10-05 07:31 --------- d-----w C:\Program Files\Common Files\xing shared
2008-10-05 07:30 --------- d-----w C:\Program Files\Real
2008-10-05 07:30 --------- d-----w C:\Program Files\Common Files\Real
2008-10-05 06:41 --------- d-----w C:\Program Files\uTorrent
2008-10-05 06:40 --------- d-----w C:\Documents and Settings\acer\Application Data\uTorrent
2008-10-05 05:40 10,368 ----a-w C:\WINDOWS\system32\drivers\pfc.sys
2008-10-05 05:40 --------- d-----w C:\Program Files\Common Files\ACD Systems
2008-10-05 05:40 --------- d-----w C:\Program Files\ACD Systems
2008-10-05 05:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-10-05 05:40 --------- d-----w C:\Documents and Settings\acer\Application Data\ACD Systems
2008-10-05 04:21 --------- d-----w C:\Program Files\Alcohol Soft
2008-10-05 04:19 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-10-04 21:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-10-04 21:40 --------- d-----w C:\Documents and Settings\acer\Application Data\CyberLink
2008-10-04 21:38 --------- d-----w C:\Program Files\lg_fwupdate
2008-10-04 21:31 --------- d-----w C:\Program Files\CyberLink
2008-10-04 07:10 --------- d-----w C:\Program Files\Alwil Software
2008-10-04 06:13 --------- d-----w C:\Program Files\Synaptics
2008-10-04 06:09 --------- d-----w C:\Program Files\SigmaTel
2008-10-04 06:02 --------- d-----w C:\Program Files\Launch Manager
2008-10-04 06:00 --------- d-----w C:\Program Files\ATI Technologies
2008-10-04 05:47 --------- d-----w C:\Program Files\ltmoh
2008-10-03 23:58 --------- d-----w C:\Program Files\Realtek
2008-10-03 23:57 --------- d-----w C:\Documents and Settings\acer\Application Data\InstallShield
2008-10-03 23:51 --------- d-----w C:\Program Files\ma-config.com
2008-10-03 23:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-10-03 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2008-10-03 23:20 --------- d-----w C:\Documents and Settings\acer\Application Data\Ahead
2008-10-03 23:16 --------- d-----w C:\Program Files\Nero
2008-10-03 23:16 --------- d-----w C:\Program Files\Common Files\Ahead
2008-10-03 23:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-10-03 22:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Tools
2008-10-03 22:41 160,792 ----a-w C:\WINDOWS\system32\drivers\pctfw2.sys
2008-10-03 22:25 --------- d-----w C:\Program Files\Common Files\PC Tools
2008-10-03 22:22 --------- d-----w C:\Program Files\Spyware Doctor
2008-10-03 22:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-03 22:22 --------- d-----w C:\Documents and Settings\acer\Application Data\PC Tools
2008-10-03 22:09 --------- d-----w C:\Documents and Settings\acer\Application Data\DMCache
2008-10-03 08:40 --------- d-----w C:\Documents and Settings\acer\Application Data\U3
2008-10-03 08:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-03 08:04 --------- d-----w C:\Program Files\Zain e-GO
2008-10-03 08:04 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-10-03 06:59 --------- d-----w C:\Program Files\microsoft frontpage
2008-08-25 08:36 81,288 ----a-w C:\WINDOWS\system32\drivers\iksyssec.sys
2008-08-25 08:36 66,952 ----a-w C:\WINDOWS\system32\drivers\iksysflt.sys
2008-08-25 08:36 40,840 ----a-w C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-08-22 00:16 637,984 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-08-22 00:09 5,699,584 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-08-22 00:08 878,592 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-22 00:08 878,592 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2008-08-22 00:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
2008-08-22 00:08 43,008 ----a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
2008-08-22 00:08 236,544 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2008-08-22 00:08 1,206,784 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2008-08-22 00:07 755,200 ----a-w C:\WINDOWS\system32\dllcache\VGX.dll
2008-08-22 00:07 193,536 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2008-08-22 00:07 18,944 ----a-w C:\WINDOWS\system32\dllcache\corpol.dll
2008-08-22 00:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
2004-08-03 23:56 73,728 --sha-w C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [08/01/2007 09:17 PM 222592]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [02/20/2008 05:13 PM 2594224]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe" [10/23/2002 05:18 PM 163840]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07/19/2008 05:38 PM 78008]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [12/05/2006 10:55 PM 54832]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [10/05/2008 10:30 AM 185896]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [08/25/2008 11:36 AM 1168264]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"vidc.xvid"= xvid.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [07/19/2008 05:35 PM 78416]
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [01/28/2003 09:10 AM 9723]
R1 pctfw2;pctfw2;C:\WINDOWS\system32\drivers\pctfw2.sys [10/04/2008 01:41 AM 160792]
R1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys [10/23/2002 11:25 AM 2920]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [07/19/2008 05:37 PM 20560]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [09/02/2008 04:14 PM 191656]
S3 POWERKEY;POWERKEY;C:\Program Files\Launch Manager\POWERKEY.sys [12/19/2000 06:29 PM 2343]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99209a4e-91ab-11dd-a400-000ae442b7d8}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{99209a4f-91ab-11dd-a400-000ae442b7d8}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6640d94-9121-11dd-a3f7-000ae442b7d8}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6640d96-9121-11dd-a3f7-000ae442b7d8}]
\Shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6640d97-9121-11dd-a3f7-000ae442b7d8}]
\Shell\AutoRun\command - E:\AutoRun.exe

*Newly Created Service* - BITS
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
s of the 'Scheduled Tasks' folder

2008-10-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [08/29/2007 02:57 PM]

2008-10-14 C:\WINDOWS\Tasks\User_Feed_Synchronization-{5915CF22-0D64-4A7C-8E1F-103DA25EC347}.job
- C:\WINDOWS\system32\msfeedssync.exe [08/22/2008 03:05 AM]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\acer\Application Data\Mozilla\Firefox\Profiles\jzvwp7ao.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-10-14 04:33:58
Windows 5.1.2600 Service Pack 2 FAT NTAPI

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 10/14/2008 4:36:03
ComboFix-quarantined-files.txt 2008-10-14 01:35:58

Pre-Run: 9,450,356,736 bytes free
Post-Run: 12,590,268,416 bytes free

198

 

[boob77]

وين تقرير الهاجيك ؟

 

[FireFox]

عن إذن الاخ

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

إذ كان المتصفح الاكسبلورر 6 يوجد ادة في المنتدى ابحث عنها تقوم بأصلاح الاكسبلورر فقط 6

إذ كان الاكسبلورر7 اعمل استعادة الافتراضيه لجميع الاعدادت للمتصفح وتأكد من البروكسي إذ كنت تستخدم او ماتستخدم .

تحياتي
​

 

[احمدسالمين]

بالنسبة لخوي فوكس انا اشكر مداخلتك .. لكن انا استخدم الاصدار الاخير من الاكسبلورر ومااستخدم اي بروكسي ... وهذا تقرير الهيجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:58:56 ص, on 15/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Launch Manager\CtrlVol.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Zain e-GO\Zain e-GO\Mobile Connect.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\acer\My Documents\Downloads\Programs\Zyzoom_HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8580
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EC7E23F-7774-428C-ADA4-2E149F660CA1}: NameServer = 10.40.155.33 10.40.155.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EC7E23F-7774-428C-ADA4-2E149F660CA1}: NameServer = 10.40.155.33 10.40.155.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6716 bytes

 

[Demo-dashDemo-dash is verified member.]

بعد اذن الغوالي

احذف التالي

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll


O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll


O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

واذهب الى اضافه وازاله البرامج واحذف قوقل تولبار

طريقة الحذف

اداة SmitfraudFix

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

​

​

ثم اعمل التالي


ثم افتح الإكسبلورر >> ادوات >> خيارات انترنت >> الإتصالات

ثم هذي الخيارين

اعملها كلها زي كذا

وشوف

​

 

[احمدسالمين]

هلا اخوي ديمو .. حياك الله .. سويت اللي قلتلي عليه لكن للاسف ماكو فايده انا بحاول انزل انتي فيروس اقوى من اللي عندي انا اللي استخدمه افاست وشكله ضعيف ويمكن تنحل المشكله .. ويفتح الاكسبلورر مشكورين حبايبي .. وتقبلوا تحياتي ..