يرحم والديكم ساعدوني الاكس بلورر8 مايشتغل عندي

ن

نورسيان

زيزوومي جديد
إنضم
10 يوليو 2009
المشاركات
21
مستوى التفاعل
1
النقاط
20
غير متصل
السلام عليكم ورحمة الله وبركاته
كيفكم ان شاء الله بااحسن حال يارب
المهم جاني تحديثات وسويت تحديثات وصار الاكس بلورر 8 ولاهو كان7 الزبده انا مايشتغل اذا حطيت عليه يقول لحماية كمبيوترك تم اغلاقه وش السوات وتطلع لي ذا الصوره
i22045_cki18452.jpg

ويعطيكم ربي الف عافيه
 

ترتيب حسب التاريخ ترتيب حسب الأصوات

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : فارس الملاك
تأييد 0
الله يعطيك العافيه على الرد بس اذا تغط على الرابط اللي اعطيتني اياه يقول غير صحيح
 
تأييد 0
عذرا

حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : فارس الملاك
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:41:06 ص, on 10/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\ONSPEED\onspeedcore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ONSPEED\onspeedgui.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\ONSPEED\onspeedcore.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: سرعة تشغيل Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: ONSPEED.lnk = C:\Program Files\ONSPEED\onspeedgui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تحميل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 9114 bytes
 
تأييد 0
جاري التحليل
 
توقيع : فارس الملاك
تأييد 0
لو سمحت وييييييييييييينك تراني انتظرك
 
تأييد 0
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : فارس الملاك
تأييد 0
كيف عطل لجميع برامج الحمايه وهي تشتغل اشرح لي تكفى اكثر
 
تأييد 0
اضغطي بالزر الايمن على برنامج الحماية >>>>> الذي موجود جنب الساعه على شكل مظله

وشيلي علامات الصح الموجودة
 
توقيع : فارس الملاك
تأييد 0
فيه ثلاث صحات اشيلها كلها
 
تأييد 0
ايووه شيليها كلها

وعيدي تنزيل الاداة من جديد
 
توقيع : فارس الملاك
تأييد 0
وش الأداة ماعرفها مع ليش ابشلتك بش وش أداته ماعرفها وضح لي اكثر
بعدين تهقا عقب ذا الحوسه بيشتغل بعدين انا قلت يمكن من الماسنجر يوم جيت بحذفه رفض ماينحذف
 
تأييد 0
الاداة اللي قلتي نزليها المره الاولى
 
تأييد 0
ComboFix 09-07-09.06 - dell 07/10/2009 4:24.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1256.966.1025.18.1271.772 [GMT 3:00]
Running from: c:\documents and settings\dell\My Documents\التّنزيلات\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Microsoft Common
c:\program files\Microsoft Common\svchost.exe

.
((((((((((((((((((((((((( Files Created from 2009-06-10 to 2009-07-10 )))))))))))))))))))))))))))))))
.

2009-07-10 00:40 . 2009-07-10 00:41 -------- d-----w- c:\program files\Trend Micro
2009-07-10 00:10 . 2009-07-10 00:10 0 ----a-w- c:\windows\nsreg.dat
2009-07-10 00:10 . 2009-07-10 00:10 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Mozilla
2009-07-09 23:40 . 2009-07-09 23:40 -------- d-----w- c:\windows\system32\bits
2009-07-09 23:40 . 2009-07-09 23:40 -------- d-----w- c:\windows\system32\ar
2009-07-09 23:39 . 2009-07-09 23:39 -------- d-----w- c:\windows\EHome
2009-07-09 00:34 . 2009-07-09 00:34 -------- d-----w- c:\documents and settings\New user\Local Settings\Application Data\Google
2009-07-09 00:30 . 2009-07-09 00:30 -------- d-sh--w- c:\documents and settings\New user\IETldCache
2009-07-07 21:06 . 2009-07-07 21:06 -------- d-----w- c:\windows\ServicePackFiles
2009-07-07 21:06 . 2008-04-14 18:29 294912 ------w- c:\windows\system32\dllcache\dlimport.exe
2009-07-07 19:41 . 2009-07-07 19:41 -------- d-sh--w- C:\FOUND.003
2009-07-07 19:32 . 2009-07-07 19:32 -------- d-sh--w- c:\documents and settings\dell\PrivacIE
2009-07-07 18:43 . 2009-07-07 18:43 -------- d-sh--w- c:\documents and settings\dell\IETldCache
2009-07-07 17:15 . 2009-06-02 10:12 102912 ------w- c:\windows\system32\dllcache\iecompat.dll
2009-07-07 17:15 . 2009-07-07 17:15 -------- d-----w- c:\windows\ie8updates
2009-07-07 17:14 . 2009-04-30 21:13 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-07-07 17:14 . 2009-04-30 21:13 1985024 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-07-07 17:14 . 2009-04-30 21:13 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-07 17:14 . 2009-04-30 21:13 11064832 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-07-07 17:13 . 2009-07-07 17:13 -------- d--h--w- c:\windows\ie8
2009-07-07 17:13 . 2009-07-07 17:13 -------- d-----w- c:\windows\system32\ar-SA
2009-07-05 21:57 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-07-05 21:57 . 2009-07-05 21:57 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-05 21:56 . 2009-07-05 21:55 34008688 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_ara.exe
2009-07-05 21:56 . 2009-07-05 21:56 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-07-05 21:56 . 2009-07-05 21:56 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-07-05 21:56 . 2009-07-05 21:56 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-07-05 21:56 . 2009-07-05 21:56 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-07-04 22:17 . 2009-07-04 22:17 -------- d-sh--w- C:\FOUND.002
2009-07-04 15:07 . 2008-10-16 11:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-07-04 15:07 . 2008-10-16 11:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-07-04 14:13 . 2009-07-04 14:13 -------- d-sh--w- C:\FOUND.001
2009-07-04 13:45 . 2009-07-04 13:45 -------- d-----w- c:\documents and settings\New user\Application Data\PC Suite
2009-07-04 13:45 . 2009-07-04 13:45 -------- d-----w- c:\documents and settings\New user\Application Data\SlipStream
2009-07-03 23:32 . 2009-07-03 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-03 23:08 . 2008-04-13 21:16 37888 ----a-w- c:\windows\system32\drivers\bthmodem.sys
2009-07-03 22:58 . 2009-07-03 22:58 -------- d-sh--w- c:\documents and settings\dell\UserData
2009-07-03 22:57 . 2009-07-03 22:57 -------- d-----w- c:\program files\Circle Developeent
2009-07-03 22:57 . 2009-07-03 22:57 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-03 22:48 . 2009-07-03 22:48 -------- d-----w- c:\documents and settings\dell\Tracing
2009-07-03 20:35 . 2009-07-03 20:35 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-07-03 20:35 . 2006-11-29 10:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-07-03 20:35 . 2009-07-03 20:35 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-07-03 20:34 . 2009-07-03 20:34 -------- d-----w- c:\program files\Microsoft
2009-07-03 20:33 . 2009-07-03 20:33 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-03 20:33 . 2009-07-03 20:33 -------- d-----w- c:\program files\Windows Live
2009-07-03 20:14 . 2009-07-03 20:14 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-03 16:02 . 2009-07-03 16:02 -------- d-----w- c:\program files\MSXML 6.0
2009-07-03 15:51 . 2009-07-03 15:51 -------- d-----w- C:\Downloads
2009-07-03 15:29 . 2008-06-14 17:31 271616 ------w- c:\windows\system32\dllcache\bthport.sys
2009-07-03 15:29 . 2008-06-24 16:43 74240 ------w- c:\windows\system32\dllcache\mscms.dll
2009-07-03 15:29 . 2009-02-03 19:57 56832 ------w- c:\windows\system32\dllcache\secur32.dll
2009-07-03 15:29 . 2009-03-21 14:08 1357824 ------w- c:\windows\system32\dllcache\kernel32.dll
2009-07-03 15:25 . 2008-06-17 19:01 8446976 ------w- c:\windows\system32\dllcache\shell32.dll
2009-07-03 15:25 . 2008-06-12 14:20 956928 ------w- c:\windows\system32\dllcache\msdtctm.dll
2009-07-03 15:25 . 2008-06-12 14:20 66560 ------w- c:\windows\system32\dllcache\mtxclu.dll
2009-07-03 15:25 . 2008-06-12 14:20 161792 ------w- c:\windows\system32\dllcache\msdtcuiu.dll
2009-07-03 15:25 . 2008-06-12 14:20 91648 ------w- c:\windows\system32\dllcache\mtxoci.dll
2009-07-03 15:25 . 2008-06-12 14:20 58880 ------w- c:\windows\system32\dllcache\msdtclog.dll
2009-07-03 15:25 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2009-07-03 15:25 . 2008-10-24 11:21 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2009-07-03 15:25 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys
2009-07-03 15:25 . 2008-08-14 10:04 138496 ------w- c:\windows\system32\dllcache\afd.sys
2009-07-03 15:25 . 2008-06-20 11:51 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2009-07-03 15:24 . 2008-06-20 17:47 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
2009-07-03 15:24 . 2008-06-20 17:47 147968 ------w- c:\windows\system32\dllcache\dnsapi.dll
2009-07-03 15:24 . 2008-06-20 11:08 225856 ------w- c:\windows\system32\dllcache\tcpip6.sys
2009-07-03 15:24 . 2008-04-11 19:04 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2009-07-03 15:24 . 2009-04-19 19:47 1847040 ------w- c:\windows\system32\dllcache\win32k.sys
2009-07-03 15:24 . 2009-04-15 14:52 585216 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2009-07-03 15:24 . 2008-12-16 12:30 354304 ------w- c:\windows\system32\dllcache\winhttp.dll
2009-07-03 15:24 . 2008-10-15 16:35 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-07-03 15:23 . 2008-10-23 12:36 286720 ------w- c:\windows\system32\dllcache\gdi32.dll
2009-07-03 15:23 . 2008-04-21 21:14 215040 ------w- c:\windows\system32\dllcache\wordpad.exe
2009-07-03 02:07 . 2009-01-07 15:20 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-07-03 02:07 . 2009-07-03 02:07 -------- d--h--w- c:\windows\$hf_mig$
2009-07-03 01:25 . 2009-07-03 01:25 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Google
2009-07-03 01:25 . 2009-07-03 01:25 -------- d-----w- c:\program files\Google
2009-07-02 13:17 . 2009-07-02 13:17 390664 ----a-w- c:\documents and settings\dell\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-07-02 13:16 . 2008-09-26 15:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-07-02 13:16 . 2008-09-26 15:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-07-02 13:16 . 2008-09-26 15:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-07-02 13:16 . 2008-09-26 15:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-07-02 13:15 . 2009-07-02 13:15 -------- d-----w- c:\program files\Mobily Connect Card
2009-07-02 13:14 . 2008-04-13 21:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-07-02 11:05 . 2009-07-02 11:05 -------- d-sh--w- C:\FOUND.000
2009-07-02 09:33 . 2009-07-02 09:33 -------- d-----w- c:\documents and settings\dell\Application Data\Media Player Classic
2009-06-26 06:04 . 2009-06-26 06:04 -------- d-----w- c:\program files\Microsoft Works
2009-06-26 06:01 . 2009-06-26 06:01 -------- d-----w- c:\windows\SHELLNEW
2009-06-26 06:01 . 2009-06-26 06:01 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Microsoft Help
2009-06-26 06:01 . 2009-06-26 06:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-26 06:00 . 2009-06-26 06:00 -------- d--h--r- C:\MSOCache
2009-06-26 05:39 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-06-26 05:39 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll
2009-06-26 05:39 . 2008-12-07 18:08 130048 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-26 05:39 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-06-26 05:39 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-06-26 05:39 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-06-26 05:39 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-06-26 05:39 . 2009-04-02 13:21 84480 ----a-w- c:\windows\system32\ff_vfw.dll
2009-06-26 05:39 . 2009-06-26 05:39 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-26 05:38 . 2009-06-26 05:38 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-26 05:38 . 2009-06-26 05:38 -------- d-----w- c:\program files\Common Files\Real
2009-06-26 05:38 . 2009-06-26 05:38 -------- d-----w- c:\program files\Real
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\program files\QuickTime
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Apple
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\program files\Apple Software Update
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-26 05:35 . 2009-06-26 05:35 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Apple Computer
2009-06-26 05:34 . 2009-06-26 05:34 -------- d-----w- c:\documents and settings\dell\Application Data\SlipStream
2009-06-26 05:34 . 2009-06-26 05:34 -------- d-----w- c:\program files\ONSPEED
2009-06-26 05:34 . 2007-10-18 09:04 86016 ----a-w- c:\windows\system32\sliprt.dll
2009-06-26 05:31 . 2009-06-26 05:31 -------- d-----w- c:\documents and settings\dell\Application Data\Software Informer
2009-06-26 05:31 . 2009-06-26 05:31 -------- d-----w- c:\program files\Software Informer
2009-06-26 05:31 . 2009-06-26 05:31 -------- d-----w- c:\documents and settings\dell\Application Data\Free Download Manager
2009-06-26 05:30 . 2009-06-26 05:31 -------- d-----w- c:\program files\Free Download Manager
2009-06-26 05:30 . 2009-06-26 05:31 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG
2009-06-26 05:26 . 2009-06-26 05:26 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\ACD Systems
2009-06-26 05:26 . 2009-06-26 05:26 -------- d-----w- c:\documents and settings\dell\Application Data\ACD Systems
2009-06-26 05:24 . 2009-06-26 05:24 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-06-26 05:24 . 2009-06-26 05:24 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-06-26 05:24 . 2009-06-26 05:24 -------- d-----w- c:\program files\ACD Systems
2009-06-26 05:23 . 2009-06-26 05:23 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Adobe
2009-06-26 05:23 . 2009-06-26 05:23 -------- d-----w- c:\documents and settings\dell\Local Settings\Application Data\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-10 00:30 . 2009-07-07 19:48 3218 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-07-07 19:30 . 2009-06-22 11:45 90112 ----a-w- c:\windows\DUMPa6da.tmp
2009-06-23 02:14 . 2009-06-22 12:02 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-22 12:03 . 2009-06-22 12:03 -------- d-----w- c:\program files\microsoft frontpage
2009-06-22 12:00 . 2009-06-22 12:00 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-13 05:02 . 2004-08-03 18:55 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-03 18:55 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 19:47 . 2004-08-03 18:46 1847040 ----a-w- c:\windows\system32\WIN32K.SYS
2009-04-15 14:52 . 2004-08-03 18:55 585216 ----a-w- c:\windows\system32\RPCRT4.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-09 20480]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-30 3399727]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-03-03 1724485]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-03 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]
"SlipStream"="c:\program files\ONSPEED\onspeedcore.exe" [2007-10-18 258048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-06-29 286720]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-26 198160]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\BTHPROPS.CPL [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
«©م، ¢¬نïé Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
ONSPEED.lnk - c:\program files\ONSPEED\onspeedgui.exe [2009-6-26 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [23/06/2009 04:44 ص 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [23/06/2009 04:44 ص 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [23/06/2009 04:44 ص 434945]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 10:42]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-fsm - (no file)
HKLM-Run-Device Detector - DevDetect.exe


.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الفيديو بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: تحميل الكل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: تحميل المحددة بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: تحميل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\documents and settings\dell\Application Data\Mozilla\Firefox\Profiles\mfjhegjk.default\
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-10 04:27
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(924)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-07-10 4:27
ComboFix-quarantined-files.txt 2009-07-10 01:27

Pre-Run: 12,824,739,840 bytes free
Post-Run: 12,998,606,848 bytes free

283 --- E O F --- 2009-07-09 00:00
 
تأييد 0
سويت تنزلين الاداه مره ثانيه طلع لي علامة الاكس بلورر ثنتين الجديده والقديمه وش السوات الحين
 
تأييد 0
وكلها اذا ضغت عليها نفس المشكله
 
تأييد 0
اختي هل للان المشكلة عندك ام لا ؟؟
 
توقيع : فارس الملاك
تأييد 0
[A]
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


i11040_1.png


اعمل كما الصورة لبدء الفحص

i11041_2.png


ثم اعمل التالي لحفظ ملف التقرير

i11042_3.png




ثم قم بضغط التقارير مع بعضها [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
وقم برفعها على مركز رفع [
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
]
 
توقيع : فارس الملاك
تأييد 0
ايه المشكله ماانحلت بس كيف افك حملت البرنامجالصور الاخير اذا اخترت الخيار اللي انت حاطه اخر واحط يطلع لي خيارات وش اختار
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى