[ تم حل المشكلة ] مشكلة في الماسنجر . مرفق صورة وهايجاك

[Asim Omer]

​

عندما أحاول الدخول للماسنجر تظهر لي هذه الرسالة علما بأنني أستخدم الاصدار 2009 ونظام XP SP3 وانترنت اكسبلورر 8​

​

وهذا هو تقرير الهايجاك​

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:33 PM, on 5/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\sudani mobile DSL\sudani mDSL.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Encarta Search Bar - -{B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{B7D12F80-97FD-46E4-8E83-EF02E9A2EF4D}: NameServer = 212.0.138.10 212.0.138.11
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)
--
End of file - 5823 bytes​

 

[KoNaMi]

حياك اخوي

احذف التالي من التقرير

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طريقة الحذف للاكس بي​

​

​

​

بعدين استخدم ها الاداة

التحميل من هنا​

​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

​

التوافق : ويندوز اكسبي فقط ​

​

شرح الاستخدام ,,,,,,​

​

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )​

​

​

​

​

​

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))​

​

بعدين

عطل جميع برامج الحمايه ,,


نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة​

​

​

​

​

​

 

[Asim Omer]

هذا هو تقرير الComboFix


ComboFix 09-05-24.01 - USER 05/24/2009 23:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.502.253 [GMT 3:00]
Running from: c:\documents and settings\USER\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-04-24 to 2009-05-24 )))))))))))))))))))))))))))))))
.
2009-05-24 19:59 . 2009-05-24 19:59 -------- d-----w c:\documents and settings\USER\Application Data\CyberScrub
2009-05-24 11:21 . 2009-05-24 11:21 -------- d-----w c:\documents and settings\USER\Application Data\FastStone
2009-05-24 11:20 . 2009-05-24 11:20 -------- d-----w c:\program files\FastStone Capture
2009-05-23 21:07 . 2009-05-23 21:07 -------- d-----w c:\program files\Trend Micro
2009-05-23 20:10 . 2009-05-24 12:59 -------- d-----w c:\program files\Raptor
2009-05-22 07:25 . 2009-05-22 07:25 -------- d-----w c:\program files\Microsoft
2009-05-22 07:24 . 2009-05-22 07:24 -------- d-----w c:\program files\Windows Live SkyDrive
2009-05-19 18:00 . 2009-05-19 18:01 2925904 ----a-w c:\documents and settings\USER\Application Data\IDM\idmupdt.exe
2009-05-19 10:35 . 2009-03-26 15:35 210352 ----a-w c:\windows\system32\idmmbc.dll
2009-05-18 14:26 . 2009-05-18 14:27 -------- d-----w c:\documents and settings\USER\Application Data\Astroburn
2009-05-18 14:26 . 2009-05-18 14:27 -------- d-----w c:\program files\Astroburn
2009-05-16 20:31 . 2009-05-16 20:31 -------- d-----w c:\documents and settings\USER\Application Data\DAEMON Tools Pro
2009-05-16 20:02 . 2009-05-16 20:02 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-05-16 20:02 . 2009-05-16 20:02 -------- d-----w c:\program files\DAEMON Tools Lite
2009-05-16 19:58 . 2009-05-16 19:58 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-05-16 19:58 . 2009-05-16 20:07 -------- d-----w c:\documents and settings\USER\Application Data\DAEMON Tools Lite
2009-05-16 19:34 . 2009-05-16 19:34 -------- d-----w c:\program files\UltraISO
2009-05-16 19:34 . 2009-05-16 19:34 -------- d-----w c:\program files\Common Files\EZB Systems
2009-05-08 13:28 . 2009-05-08 13:28 -------- d-----w c:\documents and settings\USER\Application Data\VitySoft
2009-05-08 13:27 . 2009-05-08 13:27 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-03 06:41 . 2005-12-17 05:56 17505 ------w c:\windows\hpomdl07.dat
2009-05-03 05:16 . 2008-04-14 00:11 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll
2009-05-03 05:16 . 2008-04-14 00:11 21504 ----a-w c:\windows\system32\hidserv.dll
2009-05-03 05:15 . 2008-04-13 18:39 14592 -c--a-w c:\windows\system32\dllcache\kbdhid.sys
2009-05-03 05:15 . 2008-04-13 18:39 14592 ----a-w c:\windows\system32\drivers\kbdhid.sys
2009-04-30 15:15 . 2008-09-16 19:23 168448 ----a-w c:\windows\system32\unrar.dll
2009-04-30 15:15 . 2009-04-30 15:15 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-29 14:48 . 2009-05-24 19:52 -------- d-----w c:\documents and settings\USER\Tracing
2009-04-27 18:47 . 2009-04-27 18:47 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-04-27 18:34 . 2009-04-27 18:34 -------- d-----w c:\windows\system32\VIRepair
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-24 20:22 . 2008-08-26 18:54 -------- d-----w c:\documents and settings\USER\Application Data\DMCache
2009-05-24 20:19 . 2008-08-26 18:47 581664 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-05-24 20:19 . 2008-08-26 18:47 5164 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-05-24 20:19 . 2008-08-26 18:47 2641440 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-24 20:19 . 2008-08-26 18:47 24860 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-24 20:06 . 2008-08-26 18:47 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-24 19:58 . 2009-05-24 19:58 -------- d-----w c:\documents and settings\USER\Application Data\cleaner
2009-05-24 14:48 . 2008-08-26 19:08 -------- d-----w c:\documents and settings\USER\Application Data\IDM
2009-05-24 11:50 . 2008-08-26 15:17 -------- d-----w c:\program files\sudani mobile DSL
2009-05-22 07:24 . 2008-09-10 20:44 -------- d-----w c:\program files\Windows Live
2009-05-21 17:17 . 2008-09-10 19:47 -------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-05-20 12:56 . 2008-08-26 18:47 94643 ----a-w c:\windows\system32\drivers\klick.dat
2009-05-20 12:56 . 2008-08-26 18:47 105395 ----a-w c:\windows\system32\drivers\klin.dat
2009-05-19 19:14 . 2008-08-26 19:08 -------- d-----w c:\program files\Internet Download Manager
2009-05-17 17:29 . 2008-11-01 11:36 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-05-15 12:24 . 2009-02-21 10:37 -------- d-----w c:\program files\AVI DivX to DVD SVCD VCD Converter
2009-05-15 12:20 . 2009-01-30 11:07 -------- d-----w c:\program files\AliveMedia
2009-05-08 04:40 . 2009-04-14 14:47 198064 ----a-w c:\documents and settings\USER\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-04-18 13:41 . 2008-08-26 19:12 -------- d-----w c:\program files\Common Files\Adobe
2009-04-14 17:09 . 2009-04-14 17:09 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-31 11:08 . 2008-08-26 20:00 75272 ----a-w c:\documents and settings\USER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-29 14:03 . 2009-02-18 12:17 45056 ----a-w c:\windows\system32\Wnaspi32.dll
2009-03-29 14:03 . 2009-02-18 12:17 16877 ----a-w c:\windows\system32\drivers\Aspi32.sys
2009-03-28 14:21 . 2009-03-28 14:21 -------- d-----w c:\documents and settings\USER\Application Data\Ulead Systems
2009-03-28 14:21 . 2009-03-28 14:16 -------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-03-28 14:19 . 2009-03-28 14:16 -------- d-----w c:\program files\Common Files\Ulead Systems
2009-03-28 14:19 . 2008-08-25 12:11 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-28 14:19 . 2009-03-28 14:19 -------- d-----w c:\program files\Windows Media Components
2009-03-28 14:16 . 2009-03-28 14:16 -------- d-----w c:\program files\Ulead Systems
2009-03-28 14:15 . 2008-08-25 12:11 -------- d-----w c:\program files\Common Files\InstallShield
2009-03-28 13:12 . 2009-03-28 13:07 -------- d-----w c:\program files\Microsoft Encarta
2009-03-23 14:39 . 2008-12-12 10:47 20480 ----a-w c:\windows\system32\scrnrdr.exe
2009-03-08 01:34 . 2007-01-14 08:20 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2004-08-04 15:00 43008 -c--a-w c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2004-08-04 15:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2004-08-04 15:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 01:32 . 2004-08-04 15:00 72704 -c--a-w c:\windows\system32\admparse.dll
2009-03-08 01:32 . 2004-08-04 15:00 71680 -c--a-w c:\windows\system32\iesetup.dll
2009-03-08 01:31 . 2004-08-04 15:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 01:31 . 2004-08-04 15:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 01:31 . 2004-08-04 15:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 01:22 . 2004-08-04 15:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-04 15:00 284160 ----a-w c:\windows\system32\pdh.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-19 2815408]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 15 (0xf)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"IR Control"="c:\program files\Application\LW-UTVFM\Remote.exe"
"Schedule"="c:\program files\Application\LW-UTVFM\Schedule.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"KernelFaultCheck"=c:\windows\system32\dumprep 0 -k
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\game\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32mpcoinst,serviceStartProc --> RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [?]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 6:06 PM 24592]
S3 CH341SER;CH341SER;c:\windows\system32\drivers\CH341SER.SYS [2/14/2009 6:46 PM 38032]
S3 DIGIRPS;Digi PortServer Driver;c:\windows\system32\drivers\digirlpt.sys [2/22/2009 6:26 PM 42432]
S3 PCIUtil;PCI Utility;\??\c:\docume~1\USER\LOCALS~1\Temp\PCIUtil.sys --> c:\docume~1\USER\LOCALS~1\Temp\PCIUtil.sys [?]
S3 pwi_bus;Curitel PC Card Composite Device driver (WDM);c:\windows\system32\drivers\pwi_bus.sys [12/19/2008 1:09 PM 55344]
S3 pwi_mdfl;Curitel PC Card Filter;c:\windows\system32\drivers\pwi_mdfl.sys [12/19/2008 1:09 PM 9200]
S3 pwi_mdm;Curitel PC Card Drivers;c:\windows\system32\drivers\pwi_mdm.sys [12/19/2008 1:09 PM 89936]
S3 pwi_oflt;Curitel PC Card OHCI Filter;c:\windows\system32\drivers\pwi_oflt.sys [12/19/2008 1:09 PM 9472]
S3 pwi_serd;Curitel PC Card Diagnostic Serial Port (WDM);c:\windows\system32\drivers\pwi_serd.sys [12/19/2008 1:09 PM 69632]
S3 SWNC8U00;Sierra Wireless MUX NDIS Driver (UMTS00);c:\windows\system32\drivers\SWNC8U00.sys [10/31/2008 7:29 PM 81408]
S3 SWUMX00;Sierra Wireless USB MUX Driver (UMTS00);c:\windows\system32\drivers\swumx00.sys [10/31/2008 7:29 PM 61312]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;c:\windows\system32\drivers\zteusbser.sys [3/6/2009 12:54 PM 245632]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-05-24 c:\windows\Tasks\User_Feed_Synchronization-{255BDFC0-363F-4C50-AF85-7D01205C91B5}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
.
- - - - ORPHANS REMOVED - - - -
HKU-Default-RunOnce-nltide2 - rundll32 advpack.dll
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{552781AF-37E4-4FEE-920A-CED9E648EADD} - -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-24 23:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{0cbaca98-5ee4-490c-abf0-793f8825b840}]
@Denied: (Full) (Everyone)
"Model"=dword:00000130
"Therad"=dword:0000001a
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):13,ef,a7,de,71,cb,22,dc,14,b7,dd,bc,e1,e1,c3,39,09,2e,bd,59,08,
2f,69,f9,97,7f,e8,86,0a,d8,f2,25,c4,16,15,21,91,71,ef,84,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):97,47,40,d4,96,f2,22,3f,e3,7b,a4,33,f6,9e,6d,6a,41,a8,56,ab,5c,
e7,31,19,3d,1e,eb,f4,89,91,c2,45,6b,4e,c4,57,52,81,57,a0,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{c5b19ac8-46a5-4f5b-9d2d-a74a4100e5d3}]
@Denied: (Full) (Everyone)
"Model"=dword:00000152
"Therad"=dword:0000002c
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2472)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Completion time: 2009-05-24 23:24 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-24 20:23
Pre-Run: 14,435,917,824 bytes free
Post-Run: 14,333,296,640 bytes free
210 --- E O F --- 2009-05-14 15:32​

 

[Asim Omer]

up

 

[Asim Omer]

up

 

[MMA_LORD_735]

مرحباً ...

راجع هذا الموضوع ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

و هات لنتيجة ...
​

 

[Asim Omer]

مرحباً ... ​

راجع هذا الموضوع ...​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

و هات لنتيجة ... ​

تم حل المشكلة بفضلك أخي يوفقك الباري ويزوجك الحواري ويحفظك صحيح مسلم والبخاري

 

[MMA_LORD_735]

تم حل المشكلة بفضلك أخي يوفقك الباري ويزوجك الحواري ويحفظك صحيح مسلم والبخاري

آآآمين ... و أيك أخي العزيز ...

<< دعيلي في الأختبارات ...

[ عذراً بأغلاق الموضوع ] ...

<< تم حل المشكلة ...

في أمان الله ...