هياء الدوسري

زيزوومي جديد
إنضم
18 يوليو 2009
المشاركات
12
مستوى التفاعل
0
النقاط
20
غير متصل
أغلب برامج الحماية قمت بتحميلها لكن لم يشتغل أي منها مع العلم أني أحذف برنامج حماية قبل أن أقوم بتحميل برنامج حماية أخر , ما هي المشكلة ؟ رجــــــــــاءً المساعدة .
 

up
up

للمختصين و أصحاب الخبرة​
 
توقيع : LoOoZ
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
هذا هو المكتوب في المفكرة

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:55:34 م, on 17/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iolo\System Mechanic\SMTrayNotify.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\27A5GOGN\HiJackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\Toolbar\grabber.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GlobeTrotter Connect.lnk = C:\Program Files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: GtDetectSc - OptionNV - C:\Program Files\Option\GlobeTrotter Connect\GtDetectSc.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
--
End of file - 8616 bytes
 
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم


وبعدين تقرير هايجاك جديد
 
التعديل الأخير بواسطة المشرف:
عندما حملت الأداة تظهر رسالة تقول :

) 1(you cannot rename Combofix asCombofix
, please use another name preferbaly made up of alphanumeric characters
 
رجاء خاص

أين الرد الله يجزاكم خير
 
اختي عيدي تسميه الملف الى Combofix

وبعدين شغلي الاداة
 
توقيع : فارس الملاك
هذا المكتوب في المفكرة

ComboFix 09-07-25.08 - Administrator 07/25/2009 20:55.4.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1025.18.502.200 [GMT 3:00]
Running from: c:\documents and settings\Administrator\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-06-25 to 2009-07-25 )))))))))))))))))))))))))))))))
.
2009-07-22 18:27 . 2009-07-22 18:27 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-18 18:26 . 2009-07-18 18:26 -------- d-----w- c:\windows\system32\wbem\Repository
2009-07-15 11:51 . 2009-07-15 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Speedbit
2009-07-15 11:51 . 2009-07-15 11:51 -------- d-----w- c:\program files\SpeedBit Video Downloader
2009-07-15 11:43 . 2009-07-15 11:43 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2009-07-13 19:36 . 2009-07-13 19:36 -------- d-----w- c:\windows\نظام معارف
2009-07-08 21:06 . 2009-07-08 21:06 -------- d-sh--w- C:\FOUND.000
2009-07-08 18:20 . 2009-07-08 18:20 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-07 18:07 . 2009-07-07 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-03 18:10 . 2009-07-03 18:10 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2009-07-02 18:11 . 2009-07-02 18:11 1535 ----a-w- c:\documents and settings\Administrator\Application Data\iolo\restore.bat
2009-07-02 18:00 . 2009-07-02 18:00 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2009-07-02 17:51 . 2009-07-02 17:51 -------- d-----w- c:\documents and settings\NetworkService\Application Data\iolo
2009-07-02 17:51 . 2009-05-29 12:40 940896 ----a-w- c:\windows\system32\Incinerator.dll
2009-07-02 17:51 . 2009-02-17 08:31 28672 ----a-w- c:\windows\system32\iolobtdfg.exe
2009-07-02 17:51 . 2009-02-17 08:26 8192 ----a-w- c:\windows\system32\smrgdf.exe
2009-07-02 17:51 . 2009-07-02 17:51 -------- d-----w- c:\program files\iolo
2009-07-02 17:50 . 2009-07-02 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-07-02 17:50 . 2009-07-02 17:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\iolo
2009-06-30 17:32 . 2009-06-30 17:32 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Google
2009-06-30 17:27 . 2009-06-30 17:27 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Temp
2009-06-30 17:27 . 2009-06-30 17:27 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-06-29 17:38 . 2009-06-29 17:38 -------- d-----w- C:\My Music
2009-06-29 17:33 . 2009-06-29 17:33 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-25 18:16 . 2009-06-25 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-25 17:40 . 2009-04-11 16:33 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-13 19:36 . 2009-03-25 18:14 286720 ------w- c:\windows\Setup1.exe
2009-06-29 17:32 . 2006-07-11 15:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-29 17:32 . 2006-07-11 15:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-17 12:21 . 2009-06-17 12:20 172 ----a-w- C:\curr_ver.tmp
2009-06-16 14:36 . 2004-08-03 21:55 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2001-09-19 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-09 18:19 . 2006-04-22 07:34 121040 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-03 19:10 . 2004-08-03 21:55 1289216 ----a-w- c:\windows\system32\quartz.dll
2009-05-28 18:35 . 2009-05-28 18:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Symantec
2009-05-28 18:35 . 2009-05-28 18:35 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-05-28 18:34 . 2009-05-28 18:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-05-27 18:47 . 2009-05-27 18:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\TuneUp Software
2009-05-27 18:46 . 2009-05-27 18:46 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-05-27 18:46 . 2009-05-27 18:46 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-05-20 17:46 . 2001-09-19 12:00 43424 ----a-w- c:\windows\system32\perfc001.dat
2009-05-20 17:46 . 2001-09-19 12:00 258594 ----a-w- c:\windows\system32\perfh001.dat
2009-05-17 17:31 . 2006-04-22 08:20 73216 ------w- c:\windows\ST6UNST.EXE
2009-05-13 05:02 . 2004-08-03 21:55 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-03 21:55 345600 ----a-w- c:\windows\system32\localspl.dll
2007-01-13 18:21 . 2007-01-14 20:26 1554600 ----a-w- c:\program files\mfnt.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-11-19 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-11-19 18:17 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\ypager.exe" [2005-05-23 3100672]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-11 150776]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1764864]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-08 176218]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-08 761946]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2004-07-23 229376]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-03-28 389120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 215832]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-07-10 262144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-06-13 147456]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-29 267792]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 121712]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"SpeedBitVideoAccelerator"="c:\program files\SpeedBit Video Accelerator\VideoAccelerator.exe" [2009-07-15 1717864]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-5-25 741437]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-4-22 187392]
GlobeTrotter Connect.lnk - c:\program files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe [2008-9-8 4639232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MPKrnl"=rundll32 "c:\windows\MPKrnl.dll",KrnlMsgProc
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"= c:\\Program Files\\Yahoo!\\Messenger\\ypager.exe
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"= c:\\Program Files\\Messenger\\msmsgs.exe
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\reader_sl.exe"= c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe
"c:\\WINDOWS\\system32\\NeroCheck.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"=
"c:\\WINDOWS\\system32\\restore\\rstrui.exe"=
"c:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\Launch Manager\\QtZgAcer.EXE"=
"c:\\WINDOWS\\system32\\dumprep.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\Source Engine\\OSE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\regsvr32.exe"=
"c:\\WINDOWS\\system32\\igfxtray.exe"=
"c:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"=
"c:\\Program Files\\Microsoft Office\\OFFICE11\\MSE7.EXE"=
"c:\\Program Files\\Option\\GlobeTrotter Connect\\GlobeTrotter Connect.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\ymsgr_tray.exe"=
"c:\\WINDOWS\\system32\\hkcmd.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\Program Files\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Golden Al-Wafi Translator\\Golden Al-Wafi Translator.exe"=
"c:\\Program Files\\Google\\Update\\1.2.183.7\\GoogleCrashHandler.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RealPlay.exe"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
"c:\\Program Files\\iolo\\System Mechanic\\SysMech.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R2 GtDetectSc;GtDetectSc;c:\program files\Option\GlobeTrotter Connect\GtDetectSc.exe [2008-04-30 200704]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-07-02 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [2009-07-02 600944]
R2 VideoAcceleratorService;VideoAcceleratorService;c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm --> c:\progra~1\SPEEDB~1\VideoAcceleratorService.exe -start -scm [?]
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\smjnl.sys --> c:\windows\system32\drivers\smjnl.sys [?]
S2 BulkUsb;Genius ColorPage USB Scanner;c:\windows\system32\drivers\usbscan.sys [2006-06-24 15104]
S2 gupdate;خدمة تحديث Google (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-30 206832]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2008-02-18 106624]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2008-02-08 59648]
S3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [2007-03-30 8064]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-30 17:27]
2009-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-30 17:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.nesnas.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
LSP: c:\progra~1\SPEEDB~1\sblsp.dll
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-25 20:59
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\SOFTWARE\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,cd,03,7e,2d,ce,cf,4d,99,09,52,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,cd,03,7e,2d,ce,cf,4d,99,09,52,\
[HKEY_USERS\S-1-5-21-1417001333-562591055-839522115-500\SOFTWARE\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,51,9d,c3,27,dd,41,0c,4c,83,c7,f1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,51,9d,c3,27,dd,41,0c,4c,83,c7,f1,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(856)
c:\program files\SpeedBit Video Accelerator\ConfigDB.dll
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\windows\system32\WININET.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
- - - - - - - > 'explorer.exe'(232)
c:\windows\system32\WININET.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\program files\SpeedBit Video Accelerator\ConfigDB.dll
c:\program files\SpeedBit Video Accelerator\Accelerator.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\SpeedBit Video Accelerator\Collector.dll
.
Completion time: 2009-07-25 21:00
ComboFix-quarantined-files.txt 2009-07-25 18:00
ComboFix2.txt 2009-07-25 17:44
ComboFix3.txt 2009-07-09 13:50
ComboFix4.txt 2009-07-03 19:01
ComboFix5.txt 2009-07-25 17:54
Pre-Run: 15,770,796,032 bytes free
Post-Run: 15,754,952,704 bytes free
244 --- E O F --- 2009-07-14 18:26
 
اليك اخي هذا الرابط به عدة ادوات لحذف اي برنامج حمايه من جزوره
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : DCJ_99
أخي لم تفتح عندي الصفحة .
 
عطل استعادة النظام حسب الشرح التالي

i7549_1.png


i7550_2.png


i7551_3.png




ادخل هذه الصفحة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



وحمل اداة المكافي
شغلها بدبل كلك واتركها حتى تنتهي صفحة الدوس من الفحص والتنظيف
ثم توجه الى القرص c ،، وقم
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
التقرير noor_mcafee

وارفعه على هذا الموقع


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



وارفق رابط التحميل بمشاركتك القادمة
 
أخي شكراً ولكن الرابط الذي يحتوي أداة المكافي لم يفتح
 
أخي شكراً ولكن الرابط الذي يحتوي أداة المكافي لم يفتح
 
الله يجزاكم خيراً أين الرد لأن هذه المشكلة أتعبتني
 
تفضلي رابط أداة المكافي المباشر :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ولاا تنسي تطبيق ما ذكره الأخ البارون
 
توقيع : Al jNtEeL
عودة
أعلى