بعد تنصيب الكاسبر تعطل الاكسبلور ارجو المساعدة

[فاااارس الحجاز]

السلام عليكم ورحمة الله وبركاته

قبل تنصيب الكاسبر كان النت شغال ولكن بعد التنصيب تعطل النت

مع العلم الكاسبر الي عندي 2009 سيكيورتي

انتضركم بارك الله فيكم

 

[KoNaMi]

(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم​

 

[فاااارس الحجاز]

هذا التقرير الاول اخوي حمود

ComboFix 08-12-14.03 - Administrator 12/15/2008 0:37:29.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.2037.1679 [GMT 3:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\06EA0A93.cfg
c:\windows\system32\08223B03.cfg
c:\windows\system32\14F7F80A.cfg
c:\windows\system32\2EF0D734.cfg
c:\windows\system32\34A25F04.cfg
c:\windows\system32\3D144530.cfg
c:\windows\system32\4D023DE9.cfg
c:\windows\system32\66AFCB56.cfg
c:\windows\system32\950D1600.cfg
c:\windows\system32\9CA963CA.cfg
c:\windows\system32\B3721C07.cfg
c:\windows\system32\D9C002DD.cfg
c:\windows\system32\DA63E650.cfg
c:\windows\system32\DFB3DAC5.cfg
c:\windows\system32\E0D39066.cfg
c:\windows\system32\F8E07BB2.cfg
c:\windows\system32\FFAE967F.cfg
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_6457AED
-------\Legacy_B160485
-------\Service_6457aed
-------\Service_b160485
-------\Service_b71fe93

((((((((((((((((((((((((( Files Created from 2008-11-14 to 2008-12-14 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 21:39 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-14 21:39 --------- d-----w c:\documents and settings\Administrator\Application Data\DMCache
2008-12-14 21:38 5,740 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-14 21:38 462,368 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-14 21:38 2,632 --sha-w c:\windows\system32\drivers\fidbox2.idx
2008-12-14 21:38 147,488 --sha-w c:\windows\system32\drivers\fidbox2.dat
2008-12-14 01:56 96,976 ----a-w c:\windows\system32\drivers\klin.dat
2008-12-14 01:56 87,855 ----a-w c:\windows\system32\drivers\klick.dat
2008-12-14 01:27 --------- d-----w c:\program files\Kaspersky Lab
2008-12-11 23:28 --------- d-----w c:\program files\MessengerDiscovery
2008-12-11 23:21 --------- d-----w c:\program files\MSN Messenger
2008-11-30 21:58 --------- d-----w c:\program files\ESET
2008-11-30 21:58 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2008-11-30 20:58 --------- d-----w c:\documents and settings\All Users\Application Data\Zoom Player
2008-11-26 23:07 --------- d-----w c:\program files\ShadowStor
2008-11-06 14:53 --------- d-----w c:\program files\BreakPoint Software
2008-11-05 16:17 --------- d-----w c:\program files\Faronics
2008-11-05 10:13 --------- d-----w c:\program files\Microsoft Works
2008-11-05 09:48 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-05 09:47 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-05 09:47 --------- d-----w c:\program files\Circle Developement
2008-11-05 09:45 --------- d-----w c:\program files\iVocalize Web Conference 4
2008-11-05 09:39 --------- d-----w c:\program files\Java
2008-11-05 09:32 --------- d-----w c:\program files\Common Files\Java
2008-11-05 01:44 --------- d-----w c:\documents and settings\Administrator\Application Data\IDM
2008-11-05 01:36 155,995 ----a-w c:\windows\java\Packages\GV9NLBLV.ZIP
2008-11-05 01:33 --------- d-----w c:\program files\Zoom Player
2008-11-05 01:31 --------- d-----w c:\program files\MONOGRAM AMR SplitterDecoder
2008-11-05 01:31 --------- d-----w c:\program files\DScaler5
2008-11-05 01:31 --------- d-----w c:\program files\CD Audio Reader Filter
2008-11-05 01:30 --------- d-----w c:\program files\RealMedia
2008-11-05 01:30 --------- d-----w c:\program files\OpenSource Flash Video Splitter
2008-11-05 01:25 --------- d-----w c:\program files\SHOUTcast Source
2008-11-05 01:25 --------- d-----w c:\program files\Haali
2008-11-05 01:24 --------- d-----w c:\program files\ffdshow
2008-11-05 01:24 --------- d-----w c:\program files\DSP-worx
2008-11-05 01:21 --------- d-----w c:\program files\DirectVobSub
2008-11-05 01:19 --------- d-----w c:\program files\Common Files\Real
2008-11-05 01:07 --------- d-----w c:\program files\No-IP
2008-11-05 01:04 --------- d-----w c:\documents and settings\All Users\Application Data\GRETECH
2008-11-05 01:04 --------- d-----w c:\documents and settings\Administrator\Application Data\GRETECH
2008-11-05 01:03 --------- d-----w c:\program files\GRETECH
2008-11-05 00:49 --------- d-----w c:\program files\Windows Live
2008-11-05 00:40 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-11-05 00:35 --------- d-----w c:\program files\Internet Download Manager
2008-11-05 00:31 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-11-05 00:24 16,608 ----a-w c:\windows\gdrv.sys
2008-11-05 00:24 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-05 00:24 --------- d-----w c:\program files\Realtek
2008-11-05 00:24 --------- d-----w c:\documents and settings\Administrator\Application Data\InstallShield
2008-11-05 00:22 315,392 ----a-w c:\windows\HideWin.exe
2008-11-05 00:22 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-05 00:20 --------- d-----w c:\program files\Intel
2008-11-04 23:51 --------- d-----w c:\program files\microsoft frontpage
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [11/05/2008 03:35 AM 2562560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m‘|\ü" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [09/05/2007 12:13 PM 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [09/05/2007 12:13 PM 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [09/05/2007 12:13 PM 137752]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM 132496]
"SuNotification"="c:\program files\ShadowStor\ShadowUser\suatshut.exe" [01/12/2005 11:49 PM 40960]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [04/25/2008 06:21 PM 201992]
"RTHDCPL"="RTHDCPL.EXE" [02/13/2008 09:31 AM 16857600 c:\windows\RTHDCPL.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
ShadowUser Pro Edition.lnk - c:\program files\ShadowStor\ShadowUser\ShadowUser.exe [2005-01-12 921600]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sunotify]
01/12/2005 11:49 PM 90112 c:\windows\system32\sunotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\HelpSvc.exe]
"Debugger"=ntsd -d
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UIHost.kxp]
"Debugger"=ntsd -d
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"=
"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3359:TCP"= 3359:TCP:WWW
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R0 Shadow;Shadow;c:\windows\system32\drivers\Shadow.sys [2005-01-25 114624]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe /s c:\windows\nod32fixtemdono.reg [2001-08-23 3584]
S2 zobijzm;zobijzm;c:\windows\system32\svchost.exe -k netsvcs [2004-08-04 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
zobijzm
.
- - - - ORPHANS REMOVED - - - -
ShellExecuteHooks-{12316E69-4CE5-4CD7-A174-C0BD57529D5A} - 12316E69.dll
ShellExecuteHooks-{93DEE065-EC9B-4505-ADD3-19880AD3C38F} - 93DEE065.dll
ShellExecuteHooks-{29EA67E0-9EE5-4D1A-A056-5B7BDAC4CF97} - 29EA67E0.dll
ShellExecuteHooks-{7E983C60-EBF5-4A36-BE25-EA26ED55052B} - 7E983C60.dll

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: تحميل الكل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - c:\program files\Internet Download Manager\IEGetVL.htm
O16 -: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-15 00:39:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1000)
c:\windows\system32\klogon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Internet Download Manager\IEMonitor.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 12/15/2008 0:40:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-14 21:40:47
Pre-Run: 21,094,412,288 bytes free
Post-Run: 21,180,358,656 bytes free
188

 

[فاااارس الحجاز]

تقرير الهايجك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:43:55 ص, on 15/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\ShadowStor\ShadowUser\ShadowUser.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SuNotification] C:\Program Files\ShadowStor\ShadowUser\suatshut.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - Global Startup: ShadowUser Pro Edition.lnk = C:\Program Files\ShadowStor\ShadowUser\ShadowUser.exe
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
--
End of file - 4115 bytes

 

[MAAX]

اخي ركب ملف الاعدادات للكاسبر وتحل مشكلتك بحول الله

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

‏

موفق