[تم حل المشكلة]مشكلة في برنامج المسنجر

الحالة
مغلق و غير مفتوح للمزيد من الردود.
أ

أبو العتاهية

زيزوومى مميز
إنضم
20 أبريل 2009
المشاركات
821
مستوى التفاعل
5
النقاط
520
غير متصل
يا إخوان لو سمحتوا مساعدة
أنا عندي المسنجر من قبل اسبوعين صار ما يفتح الرسائل الواردة يعني يوصل مرة الرابط حق وندوز لايف ما يفتح والحين صار يعلق أول ما اخش عليه .
أرجو منكم مساعدة ضروري وعاجل .

وجزاكم الله خير
 

توقيع : أبو العتاهية
ترتيب حسب التاريخ ترتيب حسب الأصوات
وضح اكثر اخي
هل تواجه مشكلة بصفحة الهوتميل ام بالمسنجر ؟
 
تأييد 0
إذا دخلت عليها من طريق موقع الهوت ميل تفتح الرئيسية ولكن صندوق الوارد ما يفتح .
وأيضا الحين صار المسنجر أول ما يفتح يعطي عدم استجابة .

أعيني جزاك الله خير
 
توقيع : أبو العتاهية
تأييد 0
اية هدا فايرس يالغاااااالي سوي سكان لجهاز وتأكد من خلو الجهاز من فيروسات

2Aj2D-lj8I_65879520.gif
 
تأييد 0
سويت سكان بأفيرا وما سوى شيء
إذا في طريقة ثانية دلني عليها
جزاك الله خير
 
توقيع : أبو العتاهية
تأييد 0
بعد أذن الغوالي

قم بدخول صندوق الوارد بمتصفح آخر وشوف شنو الوضع

موفق
 
توقيع : أعتز بك
تأييد 0
أعتز بك قال:
بعد أذن الغوالي

قم بدخول صندوق الوارد بمتصفح آخر وشوف شنو الوضع

موفق
أنقر للتوسيع...
:ok:
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
تأييد 0
المعذرة على تأخر الرد لأني لا أدخل النت كثير
البرنامج يتحمل ولكنه لا يفتح يقول هو لا يعد تطبيق صالح من تطبيقات win32
 
توقيع : أبو العتاهية
تأييد 0
أبو العتاهية قال:
المعذرة على تأخر الرد لأني لا أدخل النت كثير
البرنامج يتحمل ولكنه لا يفتح يقول هو لا يعد تطبيق صالح من تطبيقات win32
أنقر للتوسيع...

هل دخلت لصفحة الرسائل من متصفح آخر ..
 
توقيع : أعتز بك
تأييد 0
هذا تقرير أخي "أبو العتاهية"
جهازه في حالة يرثى لها لدرجة المنتدى لا يفتح ,,

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:45, on 2009-05-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Sound Pilot\SndPilot.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\{}9F5D~1\LOCALS~1\Temp\Rar$EX10.766\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 ME\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RGSC] D:\ملفات\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Sound Pilot] "C:\Program Files\Sound Pilot\SndPilot.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCE53441-3A90-46F9-B62F-9CFAFBE3C1EE}: NameServer = 212.102.0.82 212.102.0.10
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/%7B%7D9F5D~1/LOCALS~1/Temp/msohtml1/01/clip_image001.jpg

--
End of file - 6026 bytes​
 
توقيع : ashalshaikh
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
جزاكم الله خير على وقوفكم بجانبي وأبشركم الكمبيوتر صار 100%
أسأل الله أن يوفقكم في الدنيا والآخرة
ومشكور أخي أحمد على الرد بدلا عني
وهذا هو التقرير الي طلع لي

ComboFix 09-05-28.09 - أبـ{انس}ـو 05/30/2009 10:24.5 - NTFSx86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.511.368 [GMT -5:00]
Running from: g:\الملفات\prog\فيروس المسنجر\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
.
---- Previous Run -------
.
c:\windows\IE4 Error Log.txt
G:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-30 )))))))))))))))))))))))))))))))
.

2009-05-30 15:15 . 2009-05-30 15:15 0 ----atw c:\documents and settings\All Users\Application Data\Avira\AntiVir PersonalEdition Premium\TEMP\WEBGUARD\00000506.exe
2009-05-28 18:57 . 2009-05-28 19:55 -------- d-----w c:\windows\system32\CatRoot_bak
2009-05-28 16:44 . 2009-05-28 16:44 390664 ----a-w c:\documents and settings\أبـ{انس}ـو\Application Data\Real\RealPlayer\Update\RealPlayer11.exe
2009-05-28 14:19 . 2009-05-28 14:19 -------- d-----w c:\program files\albayina
2009-05-28 14:19 . 1999-03-23 14:12 299520 ----a-w c:\windows\uninst.exe
2009-05-24 15:53 . 2009-05-24 15:53 -------- d--h--w c:\windows\PIF
2009-05-23 02:00 . 2009-05-23 02:00 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\Avira
2009-05-16 13:36 . 2009-05-16 13:37 -------- d-----w c:\program files\MSN Messenger
2009-05-10 16:38 . 2008-10-24 11:10 453632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-05-09 13:19 . 2009-05-11 10:29 -------- d--h--w c:\windows\$hf_mig$
2009-05-08 11:56 . 2009-05-08 11:56 -------- d-----w c:\windows\system32\config\systemprofile\Application Data\PC Suite
2009-05-05 14:29 . 2008-05-09 17:15 45376 ----a-w c:\windows\system32\drivers\avgntdd.sys
2009-05-05 14:29 . 2008-01-21 22:11 22336 ----a-w c:\windows\system32\drivers\avgntmgr.sys
2009-05-05 14:29 . 2008-10-30 15:21 75072 ----a-w c:\windows\system32\drivers\avipbb.sys
2009-05-05 14:29 . 2009-05-05 14:29 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-05-05 14:29 . 2009-05-05 14:29 -------- d-----w c:\program files\Avira
2009-05-05 13:24 . 2003-11-27 09:52 1454080 ----a-w c:\windows\system\SmWizard.exe
2009-05-05 13:24 . 2003-04-24 05:29 32768 ----a-w c:\windows\system32\udaprop.dll
2009-05-05 13:24 . 2003-12-12 12:18 784832 ----a-w c:\windows\system32\drivers\cmuda.sys
2009-05-05 13:24 . 2003-12-12 12:23 135168 ----a-w c:\windows\system32\cmuda.dll
2009-05-05 13:24 . 2003-08-20 10:46 233472 ----a-w c:\windows\system32\cmirmdrv.exe
2009-05-05 13:24 . 2003-02-18 10:26 28672 ----a-w c:\windows\system32\cmirmdrv.dll
2009-05-05 13:24 . 2002-04-29 07:04 917504 ----a-w c:\windows\system\cmids3d.dll
2009-05-05 13:24 . 2001-11-23 04:08 712704 ----a-w c:\windows\system32\Audio3D.dll
2009-05-05 13:24 . 2001-11-23 04:08 712704 ----a-w c:\windows\system32\a3d.dll
2009-05-05 13:23 . 2009-05-05 13:24 -------- d-----w c:\program files\C-Media 3D Audio
2009-05-05 13:23 . 2003-08-05 19:23 266240 ----a-w c:\windows\CMIUninstall.exe
2009-05-05 13:23 . 2003-07-22 16:15 225280 ----a-w c:\windows\CmiRmRedundDir.exe
2009-05-05 13:23 . 2002-10-18 20:56 28672 ----a-w c:\windows\CMIRmDriver.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-27 18:10 . 2009-03-10 14:25 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-05-09 14:04 . 2009-03-11 22:43 18599936 ----a-w c:\windows\system32\videoencode.dll
2009-05-09 14:04 . 2009-03-11 22:43 90112 ----a-w c:\windows\system32\ssvideo.dll
2009-05-09 14:04 . 2009-03-11 22:43 1128128 ----a-w c:\windows\system32\NMSDVDXU.dll
2009-05-09 14:04 . 2009-03-11 22:43 18595840 ----a-w c:\windows\system32\coredata.dll
2009-05-09 13:27 . 2009-03-06 18:14 84832 ----a-w c:\documents and settings\أبـ{انس}ـو\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-05 13:41 . 2009-04-05 10:03 -------- d-----w c:\program files\Sound Pilot
2009-05-03 17:56 . 2009-03-26 18:28 -------- d-----w c:\program files\VIAudioi
2009-04-30 13:53 . 2009-04-30 13:53 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\FotoWire
2009-04-30 13:52 . 2009-04-30 13:52 -------- d-----w c:\program files\Common Files\FotoWire
2009-04-30 13:52 . 2009-04-30 13:50 -------- d-----w c:\program files\Logitech
2009-04-30 13:51 . 2009-04-30 13:51 -------- d-----w c:\program files\Common Files\Logitech
2009-04-30 13:51 . 2009-03-07 08:23 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-30 13:50 . 2009-04-30 13:50 81920 ------r c:\windows\bwUnin-6.1.4.68-8876480L.exe
2009-04-30 13:49 . 2009-03-07 07:14 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-29 14:15 . 2009-03-22 19:24 -------- d-----w c:\program files\تعلم الطباعة - عربي
2009-04-26 20:41 . 2009-04-26 20:40 -------- d-----w c:\program files\EXECryptor
2009-04-26 20:33 . 2009-04-26 20:33 -------- d-----w c:\program files\DCETools
2009-04-26 20:29 . 2009-04-26 20:29 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\Thinstall
2009-04-26 20:29 . 2009-04-26 20:29 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\pe explorer
2009-04-25 07:19 . 2009-04-25 07:19 -------- d-----w c:\program files\Aplus Video To 3GP Converter
2009-04-21 19:17 . 2009-04-21 19:17 -------- d-----w c:\program files\Common Files\xing shared
2009-04-21 19:17 . 2009-04-14 18:11 -------- d-----w c:\program files\Common Files\Real
2009-04-21 19:17 . 2009-04-14 18:11 -------- d-----w c:\program files\Real
2009-04-20 18:19 . 2009-03-11 22:45 -------- d-----w c:\program files\The KMPlayer
2009-04-18 15:54 . 2009-04-18 15:54 -------- d-----w c:\program files\IVT Corporation
2009-04-18 15:12 . 2009-04-18 15:12 -------- d-----w c:\documents and settings\All Users\Application Data\Bluetooth
2009-04-18 15:10 . 2009-03-12 03:02 -------- d-----w c:\program files\Common Files\Adobe
2009-04-15 18:20 . 2009-04-15 18:20 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\Nokia Multimedia Player
2009-04-11 10:48 . 2009-04-11 10:48 682232 ----a-w c:\windows\system32\drivers\sptd.sys
2009-04-06 15:03 . 2009-03-07 07:16 -------- d-----w c:\program files\Rockstar Games
2009-04-05 10:18 . 2009-04-05 10:18 -------- d-----w c:\documents and settings\أبـ{انس}ـو\Application Data\Ashampoo
2009-04-05 10:16 . 2009-04-05 10:16 -------- d-----w c:\documents and settings\All Users\Application Data\ashampoo
2009-04-05 10:16 . 2009-04-05 10:16 -------- d-----w c:\program files\Ashampoo
2009-03-24 10:38 . 2009-03-24 10:38 102218 ----a-w c:\windows\hpoins05.dat
2009-03-22 19:24 . 2009-03-22 19:25 724992 ----a-w c:\windows\iun6002.exe
2009-03-15 15:58 . 2009-03-15 15:58 4096 ----a-w c:\windows\d3dx.dat
2009-03-11 22:43 . 2009-03-11 22:43 344064 ----a-w c:\windows\system32\dkll.dll
2009-03-11 22:43 . 2009-03-11 22:43 196608 ----a-w c:\windows\system32\maag.dll
2009-03-11 22:43 . 2009-03-11 22:43 1986560 ----a-w c:\windows\system32\akll.dll
2009-03-11 22:43 . 2009-03-11 22:43 1212416 ----a-w c:\windows\system32\ckll.dll
2009-03-09 09:57 . 2009-03-09 09:57 98304 ----a-w c:\windows\system32\CmdLineExt.dll
2009-03-07 06:24 . 2009-03-06 17:36 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-07 06:14 . 2009-03-06 18:16 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-03-07 06:09 . 2009-03-07 06:09 172032 ------w c:\windows\Setup1.exe
2009-03-07 06:09 . 2009-03-07 06:09 73216 ----a-w c:\windows\ST6UNST.EXE
2009-03-06 17:34 . 2009-03-06 17:34 21640 ----a-w c:\windows\system32\emptyregdb.dat
.

------- Sigcheck -------

[-] 2004-08-04 00:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\svchost.exe
[-] 2004-08-04 00:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\svchost.exe
[-] 2004-08-04 00:56 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\dllcache\svchost.exe

[-] 2004-08-04 00:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\user32.dll
[-] 2004-08-04 00:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\user32.dll
[-] 2004-08-04 00:56 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\dllcache\user32.dll

[-] 2004-08-04 00:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ws2_32.dll
[-] 2004-08-04 00:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\ws2_32.dll
[-] 2004-08-04 00:56 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\dllcache\ws2_32.dll

[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\SoftwareDistribution\Download\49c14ac10b50a73ee2240a35194c6980\backup\sp2gdr\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\SoftwareDistribution\Download\49c14ac10b50a73ee2240a35194c6980\backup\sp2qfe\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\SoftwareDistribution\Download\49c14ac10b50a73ee2240a35194c6980\backup\sp3gdr\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\SoftwareDistribution\Download\49c14ac10b50a73ee2240a35194c6980\backup\sp3qfe\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\system32\wininet.dll
[-] 2004-08-04 00:56 656384 C0823FC5469663BA63E7DB88F9919D70 c:\windows\system32\dllcache\wininet.dll

[-] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\tcpip.sys
[-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
[-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
[-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
[-] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\dllcache\tcpip.sys
[-] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\drivers\tcpip.sys

[-] 2004-08-04 00:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\winlogon.exe
[-] 2004-08-04 00:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\winlogon.exe
[-] 2004-08-04 00:56 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\dllcache\winlogon.exe

[-] 2004-08-03 23:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ndis.sys
[-] 2004-08-03 23:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys
[-] 2004-08-03 23:14 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys

[-] 2004-08-03 23:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ip6fw.sys
[-] 2004-08-03 23:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys
[-] 2004-08-03 23:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys

[-] 2004-08-04 01:05 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ntkrnlpa.exe
[-] 2004-08-04 01:05 2056832 947FB1D86D14AFCFFDB54BF837EC25D0 c:\windows\system32\ntkrnlpa.exe

[-] 2004-08-03 23:20 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ntoskrnl.exe
[-] 2004-08-03 23:20 2180992 CE218BC7088681FAA06633E218596CA7 c:\windows\system32\ntoskrnl.exe

[-] 2004-08-04 00:56 1032192 A0732187050030AE399B241436565E64 c:\windows\explorer.exe
[-] 2004-08-04 00:56 1032192 A0732187050030AE399B241436565E64 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\explorer.exe
[-] 2004-08-04 00:56 1032192 A0732187050030AE399B241436565E64 c:\windows\system32\dllcache\explorer.exe

[-] 2004-08-04 00:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\services.exe
[-] 2004-08-04 00:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\system32\services.exe
[-] 2004-08-04 00:56 108032 C6CE6EEC82F187615D1002BB3BB50ED4 c:\windows\system32\dllcache\services.exe

[-] 2004-08-04 00:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\lsass.exe
[-] 2004-08-04 00:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\lsass.exe
[-] 2004-08-04 00:56 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\dllcache\lsass.exe

[-] 2004-08-04 00:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\ctfmon.exe
[-] 2004-08-04 00:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\ctfmon.exe
[-] 2004-08-04 00:56 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\dllcache\ctfmon.exe

[-] 2004-08-04 00:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\spoolsv.exe
[-] 2004-08-04 00:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\spoolsv.exe
[-] 2004-08-04 00:56 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\dllcache\spoolsv.exe

[-] 2004-08-04 00:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\userinit.exe
[-] 2004-08-04 00:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\userinit.exe
[-] 2004-08-04 00:56 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\dllcache\userinit.exe

[-] 2004-08-04 00:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\termsrv.dll
[-] 2004-08-04 00:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\termsrv.dll
[-] 2004-08-04 00:56 295424 B60C877D16D9C880B952FDA04ADF16E6 c:\windows\system32\dllcache\termsrv.dll

[-] 2009-03-21 14:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp2gdr\kernel32.dll
[-] 2009-03-21 13:54 989184 80202858D245FF07DAA1739C57A3E19B c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp2qfe\kernel32.dll
[-] 2009-03-21 14:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp3gdr\kernel32.dll
[-] 2009-03-21 13:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\SoftwareDistribution\Download\022593ca08eb4cd8e9681a7116f902d9\sp3qfe\kernel32.dll
[-] 2004-08-04 00:56 983552 888190E31455FAD793312F8D087146EB c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\kernel32.dll
[-] 2004-08-04 00:56 983552 888190E31455FAD793312F8D087146EB c:\windows\system32\kernel32.dll
[-] 2004-08-04 00:56 983552 888190E31455FAD793312F8D087146EB c:\windows\system32\dllcache\kernel32.dll

[-] 2004-08-04 00:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\powrprof.dll
[-] 2004-08-04 00:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\powrprof.dll
[-] 2004-08-04 00:56 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\dllcache\powrprof.dll

[-] 2004-08-04 00:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\imm32.dll
[-] 2004-08-04 00:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\imm32.dll
[-] 2004-08-04 00:56 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\dllcache\imm32.dll

[-] 2004-08-04 00:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\backup\sfcfiles.dll
[-] 2004-08-04 00:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\sfcfiles.dll
[-] 2004-08-04 00:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\dllcache\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2009-04-30 20480]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-01-18 196608]
"Sound Pilot"="c:\program files\Sound Pilot\SndPilot.exe" [2003-10-26 544256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-25 7323648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-21 185896]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2004-10-08 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-18 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-18 217088]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-06-12 266497]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-4-30 450560]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9145:TCP"= 9145:TCP:qhqambnt

--- Other Services/Drivers In Memory ---

*Deregistered* - Beep
*Deregistered* - BTHidEnum
*Deregistered* - BTHidMgr
*Deregistered* - Cdfs
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - Fastfat
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - helpsvc
*Deregistered* - KSecDD
*Deregistered* - MountMgr
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - rdpdr
*Deregistered* - RpcSs
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - swenum
*Deregistered* - TermDD
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - viaagp
*Deregistered* - VolSnap
*Deregistered* - winmgmt

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
hzlji
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-RGSC - d:\ملفات\Rockstar Games Social Club\RGSCLauncher.exe
HKLM-Run-AudioDeck - c:\program files\VIAudioi\SBADeck\ADeck.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: View Original Image -
LSP: avsda.dll
TCP: {DCE53441-3A90-46F9-B62F-9CFAFBE3C1EE} = 212.102.0.82 212.102.0.10
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-30 10:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hzlji]
"ServiceDll"="c:\windows\system32\lhlqck.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1644491937-1078081533-1801674531-1003\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\  B1'!) *.7 *'DEH/E *#*0*\Attributes]
"Vendor"="Microsoft"
"Technology"="MMSys"

[HKEY_USERS\S-1-5-21-1644491937-1078081533-1801674531-1003\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\  B1'!) *.7 *'DEH/E *#*0*\UI\AudioVolume]
"CLSID"="{364D8E0B-67CB-4547-9948-9E7F1B1743ED}"

[HKEY_USERS\S-1-5-21-1644491937-1078081533-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*s*i* _* \OpenWithList]
@Class="Shell"

[HKEY_USERS\S-1-5-21-1644491937-1078081533-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FFD7085C-B393-9AB2-99A3-E1C37EFE0A98}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Completion time: 2009-05-30 10:32
ComboFix-quarantined-files.txt 2009-05-30 15:32
ComboFix2.txt 2009-03-15 11:32
ComboFix3.txt 2009-03-11 22:36

Pre-Run: 3,240,325,120 bytes free
Post-Run: 4,125,782,016 bytes free

294 --- E O F --- 2009-05-11 10:21
 
توقيع : أبو العتاهية
تأييد 0
كيف الاوضاع عندك الان ؟
هل تواجه اي مشاكل ؟
 
تأييد 0
الحمد لله لا أواجه أي مشاكل يعني رجع زي ما كان
الله يجزاكم خير ويوفقكم في الدنيا والآخرة
مشكورين على جهودكم .
 
توقيع : أبو العتاهية
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى