[ تم حل المشكلة ] مشكلة بأدارة المهام ماتفتح عندي :(

الحالة
مغلق و غير مفتوح للمزيد من الردود.
م

ماعليه منهم

زيزوومي نشيط
إنضم
9 نوفمبر 2008
المشاركات
143
مستوى التفاعل
2
النقاط
170
الإقامة
القصيم
الموقع الالكتروني
www.zyzoom.org
غير متصل
السلام عليكم ورحمة الله وبركاته

اخواني عندي مشكلة بأدارة المهام ماتفتح عندي او بالاصح تفتح بس ماتطلع لي البرامج واقدر اسوي لها انهاء المهمه شوفو الصورة


i24556_.JPG



انتظر ردودكم ياخوان وجزاكم الله خير
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
ياخوان انتظر مساعدتكم مو معقوله 22 مشاهده ولا رد :( والله تحطمت
 
تأييد 0
اخواني الاعضاء والمشرفين ردو علي اذا مافي حل قولو لي وخلاص :(
 
تأييد 0
ولا يسير خاطرك الى طيب اخي الحبيب


اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​


 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
يسلم لي راسك يالغالي

تفضل تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:17:47 م, on 25/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\One\سطح المكتب\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.89:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VistaStart1.3] C:\WINDOWS\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
--
End of file - 8614 bytes
 
تأييد 0
يبدو لي انه بسبب هالثيم Vista_Anthraciteوالله تعالى اعلم

اعمل التالي


عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم




 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
سويت الي قلت لي عليه اخوي بس الاداه ماشتغلت زي ماقلت لي يعني سويت فيها سكان وبعد السكان طلع لي تقرير وماعاد تشغيل الجهاز وسويت اعادة تشغيل وشغلتها مره ثانيه وبرضو ماعاد تشغيل الجهاز وهذا التقرير حق الاداه

ComboFix 09-07-24.01 - One 07/25/2009 12:53.3.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1014.616 [GMT 3:00]
Running from: c:\documents and settings\One\سطح المكتب\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-06-25 to 2009-07-25 )))))))))))))))))))))))))))))))
.
2009-07-23 13:57 . 2009-07-23 14:05 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-23 13:53 . 2009-07-23 13:53 -------- d-----w- c:\documents and settings\One\WINDOWS
2009-07-23 13:14 . 2009-07-23 13:14 -------- d-----w- c:\program files\MSECache
2009-07-23 12:22 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-07-23 12:22 . 2008-12-11 00:33 86016 ----a-w- c:\windows\system32\dpl100.dll
2009-07-23 12:22 . 2008-12-07 18:08 795648 ----a-w- c:\windows\system32\xvidcore.dll
2009-07-23 12:22 . 2008-12-07 18:08 130048 ----a-w- c:\windows\system32\xvidvfw.dll
2009-07-23 12:22 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-07-23 12:22 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-07-23 12:22 . 2008-11-06 16:33 684032 ----a-w- c:\windows\system32\divx.dll
2009-07-23 12:22 . 2009-03-02 18:10 67584 ----a-w- c:\windows\system32\ff_vfw.dll
2009-07-23 12:22 . 2009-07-23 12:23 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-23 12:22 . 2009-01-07 18:14 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-07-15 20:05 . 2009-07-15 21:05 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-15 20:05 . 2009-02-13 08:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-07-15 20:05 . 2009-02-13 08:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-07-15 20:05 . 2009-07-15 20:05 -------- d-----w- c:\program files\Avira
2009-07-11 14:15 . 2009-07-11 14:15 -------- d-----w- c:\documents and settings\One\Local Settings\Application Data\Stardock
2009-07-11 13:12 . 2009-07-11 14:13 -------- d-----w- c:\windows\Icon_Patcher
2009-07-09 00:46 . 2009-07-09 00:46 -------- d-----w- c:\program files\DIFX
2009-07-09 00:46 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-07-09 00:46 . 2009-07-09 00:46 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-09 00:46 . 2009-02-09 05:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-07-09 00:46 . 2009-07-09 00:46 -------- d-----w- c:\program files\Nokia
2009-07-09 00:45 . 2009-07-09 00:40 33773208 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng_web.exe
2009-07-09 00:45 . 2009-07-09 00:45 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\pcswpcsi.exe
2009-07-09 00:45 . 2009-07-09 00:45 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstCCD.exe
2009-07-09 00:45 . 2009-07-09 00:45 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-07-09 00:45 . 2009-07-09 00:45 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Installer\CommonCustomActions\UninstPCS.exe
2009-07-09 00:45 . 2009-07-09 00:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-07-08 18:24 . 2004-08-03 21:55 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-07-08 18:24 . 2001-09-18 11:04 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-07-08 18:24 . 2004-08-03 19:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-07-07 21:21 . 2009-07-07 21:21 -------- d-----w- c:\documents and settings\One\Local Settings\Application Data\SRS Labs
2009-07-07 21:20 . 2009-07-07 21:20 -------- d-----w- c:\documents and settings\All Users\Application Data\SRS Labs
2009-07-07 21:20 . 2007-05-03 07:27 37248 ----a-r- c:\windows\system32\drivers\csiidecoder_kern_i386.sys
2009-07-07 21:20 . 2007-05-03 07:27 47360 ----a-r- c:\windows\system32\drivers\Surroundhp_kern_i386.sys
2009-07-07 21:20 . 2007-05-03 07:27 46592 ----a-r- c:\windows\system32\drivers\tshd4_kern_i386.sys
2009-07-07 21:20 . 2007-05-03 07:28 39552 ----a-r- c:\windows\system32\drivers\SRS_SSCFilter_i386.sys
2009-07-07 21:20 . 2007-05-03 07:27 32000 ----a-r- c:\windows\system32\drivers\wowhd_kern_i386.sys
2009-07-07 21:20 . 2009-07-07 21:20 -------- d-----w- c:\program files\SRS Labs
2009-07-04 21:12 . 2009-07-04 21:13 -------- d-----w- c:\program files\UPNT
2009-07-03 02:38 . 2009-07-03 02:39 -------- d-----w- c:\program files\ManyCam 2.4
2009-07-02 02:32 . 2009-07-02 02:32 -------- d-----w- c:\windows\Beyluxe Messenger
2009-07-02 02:32 . 2009-07-02 02:32 -------- d-----w- c:\program files\Beyluxe Messenger
2009-07-01 21:02 . 2009-07-01 21:03 -------- d-----w- c:\documents and settings\One\Application Data\ManyCam
2009-06-29 00:08 . 2009-06-29 00:08 -------- d-----w- c:\documents and settings\One\Application Data\URSoft
2009-06-29 00:08 . 2009-07-23 14:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-29 00:08 . 2009-06-29 00:09 -------- d-----w- c:\program files\Your Uninstaller 2008
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-25 09:54 . 2009-04-06 21:09 -------- d-----w- c:\documents and settings\One\Application Data\DMCache
2009-07-25 08:41 . 2001-09-19 12:00 40316 ----a-w- c:\windows\system32\perfc001.dat
2009-07-25 08:41 . 2001-09-19 12:00 251946 ----a-w- c:\windows\system32\perfh001.dat
2009-07-23 18:50 . 2009-04-06 17:44 49192 ----a-w- c:\documents and settings\One\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-21 08:10 . 2009-04-07 01:09 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-19 08:04 . 2009-04-06 21:10 -------- d-----w- c:\documents and settings\One\Application Data\Skype
2009-07-19 07:55 . 2009-04-06 21:26 -------- d-----w- c:\documents and settings\One\Application Data\skypePM
2009-07-15 21:05 . 2009-04-06 22:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-15 20:05 . 2009-04-06 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-07-11 14:11 . 2001-09-19 12:00 131072 ----a-w- c:\windows\system32\mycomput.dll
2009-07-11 14:10 . 2004-08-03 21:55 1107456 ----a-w- c:\windows\system32\setupapi.dll
2009-07-11 14:10 . 2004-08-03 21:56 155648 ----a-w- c:\windows\system32\wscript.exe
2009-07-11 14:10 . 2009-04-06 14:42 122880 ----a-w- c:\windows\system32\winmine.exe
2009-07-11 14:10 . 2009-04-06 14:43 72704 ----a-w- c:\windows\system32\winchat.exe
2009-07-11 14:10 . 2004-08-03 21:56 489472 ----a-w- c:\windows\system32\wiaacmgr.exe
2009-07-11 14:09 . 2004-08-03 21:56 53248 ----a-w- c:\windows\system32\utilman.exe
2009-07-11 14:09 . 2001-09-19 12:00 1404416 ----a-w- c:\windows\system32\cards.dll
2009-07-11 14:09 . 2009-04-06 14:42 1979392 ----a-w- c:\windows\system32\spider.exe
2009-07-11 14:09 . 2009-04-06 14:42 441856 ----a-w- c:\windows\system32\sol.exe
2009-07-11 14:08 . 2009-04-06 14:43 159232 ----a-w- c:\windows\system32\sndvol32.exe
2009-07-11 14:08 . 2009-04-06 14:42 259584 ----a-w- c:\windows\system32\sndrec32.exe
2009-07-11 14:08 . 2004-08-03 21:56 78336 ----a-w- c:\windows\system32\rtcshare.exe
2009-07-11 14:08 . 2004-08-03 21:56 45056 ----a-w- c:\windows\system32\rcimlby.exe
2009-07-11 14:08 . 2004-08-03 21:56 293376 ----a-w- c:\windows\system32\osk.exe
2009-07-11 14:08 . 2004-08-03 21:56 57344 ----a-w- c:\windows\system32\narrator.exe
2009-07-11 14:07 . 2009-04-06 14:42 732160 ----a-w- c:\windows\system32\mstsc.exe
2009-07-11 14:07 . 2009-04-06 14:42 359936 ----a-w- c:\windows\system32\mspaint.exe
2009-07-11 14:07 . 2009-04-06 14:42 131072 ----a-w- c:\windows\system32\mshearts.exe
2009-07-11 14:07 . 2004-08-03 21:56 75776 ----a-w- c:\windows\system32\magnify.exe
2009-07-11 14:06 . 2004-08-03 21:56 391680 ----a-w- c:\windows\system32\cmd.exe
2009-07-11 14:06 . 2009-04-06 14:42 83968 ----a-w- c:\windows\system32\charmap.exe
2009-07-11 14:06 . 2009-04-06 14:42 117760 ----a-w- c:\windows\system32\calc.exe
2009-07-11 14:06 . 2009-04-06 14:42 185856 ----a-w- c:\windows\system32\accwiz.exe
2009-07-11 14:05 . 2004-08-03 21:56 474112 ----a-w- c:\windows\system32\zipfldr.dll
2009-07-11 14:05 . 2004-08-03 21:55 749568 ----a-w- c:\windows\system32\wiashext.dll
2009-07-11 14:05 . 2004-08-03 21:55 587776 ----a-w- c:\windows\system32\shimgvw.dll
2009-07-11 14:05 . 2004-08-03 21:54 6210048 ----a-w- c:\windows\system32\xpsp2res.dll
2009-07-11 14:04 . 2004-08-03 21:55 221184 ----a-w- c:\windows\system32\stobject.dll
2009-07-11 14:04 . 2004-08-03 21:55 2254848 ----a-w- c:\windows\system32\netshell.dll
2009-07-11 14:04 . 2004-08-03 21:55 80384 ----a-w- c:\windows\system32\mydocs.dll
2009-07-11 14:04 . 2004-08-03 21:56 145408 ----a-w- c:\windows\system32\msiexec.exe
2009-07-11 14:03 . 2001-09-19 12:00 32256 ----a-w- c:\windows\system32\wupdmgr.exe
2009-07-11 14:03 . 2009-04-06 14:44 331776 ----a-w- c:\windows\system32\mstask.dll
2009-07-11 14:03 . 2004-08-03 21:55 67584 ----a-w- c:\windows\system32\batmeter.dll
2009-07-11 14:03 . 2004-08-03 21:55 1476096 ----a-w- c:\windows\system32\msgina.dll
2009-07-11 14:03 . 2004-08-03 21:53 200192 ----a-w- c:\windows\system32\moricons.dll
2009-07-11 14:03 . 2004-08-03 21:56 100864 ----a-w- c:\windows\system32\ahui.exe
2009-07-11 14:02 . 2009-04-06 14:42 440320 ----a-w- c:\windows\system32\freecell.exe
2009-07-11 14:02 . 2009-04-06 14:44 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-07-11 14:02 . 2001-09-19 12:00 55296 ----a-w- c:\windows\system32\migpwd.exe
2009-07-11 14:02 . 2004-08-03 21:55 91648 ----a-w- c:\windows\system32\cabview.dll
2009-07-11 14:02 . 2001-09-19 12:00 105984 ----a-w- c:\windows\system32\dfrgres.dll
2009-07-11 14:01 . 2004-08-03 21:56 168448 ----a-w- c:\windows\system32\mobsync.exe
2009-07-11 13:59 . 2004-08-03 21:55 401920 ----a-w- c:\windows\system32\fontext.dll
2009-07-11 13:58 . 2004-08-03 21:56 230912 ----a-w- c:\windows\regedit.exe
2009-07-11 13:58 . 2009-04-06 17:34 70656 ----a-w- c:\windows\notepad.exe
2009-07-11 13:58 . 2004-08-03 21:56 1655296 ----a-w- c:\windows\explorer.exe
2009-07-11 13:58 . 2004-08-03 21:55 189440 ----a-w- c:\windows\system32\photowiz.dll
2009-07-11 13:57 . 2004-08-03 21:56 347136 ----a-w- c:\windows\system32\tourstart.exe
2009-07-11 13:57 . 2004-08-03 21:56 31744 ----a-w- c:\windows\system32\stimon.exe
2009-07-11 13:57 . 2004-08-03 21:55 388096 ----a-w- c:\windows\system32\themeui.dll
2009-07-11 13:57 . 2004-08-03 21:56 103424 ----a-w- c:\windows\system32\shrpubw.exe
2009-07-11 13:57 . 2004-08-03 21:55 59392 ----a-w- c:\windows\system32\sendmail.dll
2009-07-11 13:56 . 2004-08-03 21:55 130048 ----a-w- c:\windows\system32\hotplug.dll
2009-07-11 13:56 . 2001-09-19 12:00 81408 ----a-w- c:\windows\system32\icmui.dll
2009-07-11 13:56 . 2004-08-03 21:56 116224 ----a-w- c:\windows\system32\cleanmgr.exe
2009-07-11 13:56 . 2009-04-06 14:44 499736 ----a-w- c:\windows\system32\wuapi.dll
2009-07-11 13:55 . 2004-08-03 21:56 125440 ----a-w- c:\windows\system32\taskmgr.exe
2009-07-11 13:55 . 2004-08-03 21:55 841216 ----a-w- c:\windows\system32\rasdlg.dll
2009-07-11 13:55 . 2004-08-03 21:55 200192 ----a-w- c:\windows\system32\credui.dll
2009-07-11 13:55 . 2004-08-03 21:55 738304 ----a-w- c:\windows\system32\comctl32.dll
2009-07-11 13:55 . 2004-08-03 21:55 501760 ----a-w- c:\windows\system32\cmdial32.dll
2009-07-11 13:54 . 2004-08-03 21:56 32768 ----a-w- c:\windows\hh.exe
2009-07-11 13:13 . 2004-08-03 21:55 218624 ----a-w- c:\windows\system32\uxtheme.dll
2009-07-11 13:13 . 2004-08-03 21:56 1949184 ----a-w- c:\windows\system32\logonui.exe
2009-07-10 20:32 . 2009-05-01 21:33 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-07-01 21:02 . 2009-04-07 02:43 -------- d-----w- c:\program files\SplitCam
2009-06-29 00:21 . 2009-06-08 03:18 -------- d-----w- c:\program files\Gamevance
2009-06-24 23:30 . 2009-04-06 23:15 67904 ----a-w- c:\windows\Fonts\Dungeon.TTF
2009-06-24 13:27 . 2009-06-24 13:27 3732643 ----a-w- c:\windows\REGBK00.ZIP
2009-06-24 13:19 . 2009-06-24 13:19 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-06-24 13:19 . 2009-06-24 13:19 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-06-24 13:19 . 2009-06-24 13:19 28672 ----a-w- c:\windows\system32\eEmpty.exe
2009-06-24 13:19 . 2009-06-24 13:19 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-06-24 13:19 . 2009-06-24 13:19 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2009-06-23 04:53 . 2009-06-08 07:05 -------- d-----w- c:\documents and settings\One\Application Data\IDM
2009-06-22 19:35 . 2009-06-22 19:33 -------- d-----w- c:\program files\Sketch Master
2009-06-17 23:55 . 2009-06-17 23:55 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-17 23:55 . 2009-04-06 23:09 -------- d-----w- c:\program files\Common Files\Real
2009-06-17 23:54 . 2009-04-06 23:10 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-17 01:17 . 2009-04-10 22:01 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-06-16 14:53 . 2004-08-03 21:55 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:53 . 2001-09-19 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-11 23:32 . 2009-06-11 23:31 -------- d-----w- c:\documents and settings\One\Application Data\U3
2009-06-08 07:09 . 2009-06-08 07:08 2926768 ----a-w- c:\documents and settings\One\Application Data\IDM\idmupdt.exe
2009-06-08 07:07 . 2009-06-08 07:05 -------- d-----w- c:\program files\Internet Download Manager
2009-06-08 07:06 . 2009-06-08 07:06 198064 ----a-w- c:\documents and settings\One\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-05 02:11 . 2009-06-05 02:11 8854 ----a-r- c:\documents and settings\One\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\UNINST_Uninstall_J_8527C3D5BA1D46E988D2AF25544311A3_2.exe
2009-06-05 02:11 . 2009-06-05 02:11 40960 ----a-r- c:\documents and settings\One\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
2009-06-05 02:11 . 2009-06-05 02:11 10134 ----a-r- c:\documents and settings\One\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
2009-07-15 20:41 . 2009-07-23 06:16 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.
------- Sigcheck -------
[-] 2009-07-11 13:58 1655296 2FD48AAEAEC9C891F72277BBE701F5DB c:\windows\explorer.exe
[-] 2009-07-11 13:55 738304 F77BFEC0E1FA40F95AB89E773A2037BD c:\windows\system32\comctl32.dll
[7] 2001-09-19 12:00 921088 AEF3D788DBF40C7C4D204EA45EB0C505 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-03 21:52 1050624 BE221FBD3A73817ADFDAFA74B2806152 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"RemoteCenter"="c:\program files\Creative\MediaSource\RemoteControl\RCMan.EXE" [2004-06-25 147456]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-08 2815408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-11 162328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-11 137752]
"CTSysVol"="c:\program files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-17 198160]
"VistaStart1.3"="c:\windows\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe" [2006-03-20 510464]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SbUsb AudCtrl"="sbusbdll.dll" - c:\windows\system32\sbusbdll.dll [2004-07-09 119296]
"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2007-12-11 405504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"UpdReg"=c:\windows\UpdReg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\One\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Documents and Settings\\One\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP المنفذ 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP المنفذ 37675
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [15/07/2009 11:05 م 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [15/07/2009 11:05 م 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [15/07/2009 11:05 م 434945]
R2 BandLuxe_Service;BandLuxe Service;c:\program files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [11/12/2008 10:20 ص 87264]
R2 HssSrv;Hotspot Shield Helper Service;c:\program files\Hotspot Shield\HssWPR\hsssrv.exe [03/04/2009 09:18 م 364008]
R3 HssDrv;Hotspot Shield Helper Miniport;c:\windows\system32\drivers\hssdrv.sys [12/04/2009 12:10 م 33840]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [06/04/2009 08:53 م 108032]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 01:06 م 21632]
R3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [06/04/2009 11:47 م 1643648]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\drivers\br3gmdm.sys [01/05/2009 04:23 م 104448]
S3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\drivers\cam1690.sys [29/08/2007 12:01 م 153344]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [07/04/2009 04:43 ص 33176]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\Hotspot Shield\bin\HssTrayService.exe [01/06/2009 09:58 م 34352]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
mStart Page = about:blank
uInternet Settings,ProxyServer = 212.93.193.89:8080
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://174.37.178.26:1999/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://174.37.203.226/imscp/talks3n.cab
FF - ProfilePath - c:\documents and settings\One\Application Data\Mozilla\Firefox\Profiles\ga0oellr.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\One\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-25 12:54
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):35,cf,03,c3,ed,55,99,c0,8a,45,ba,6c,17,77,05,51,55,f7,c4,30,3f,
84,79,0c,b2,fb,ea,0b,91,eb,cd,3d,22,ef,de,38,58,bb,d1,6d,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b4769772-4a9e-4c76-869a-0e651e959e77}]
@Denied: (Full) (Everyone)
"Model"=dword:000000a2
"Therad"=dword:0000000b
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d,
df,1c,2f,3b,8a,0a,32,11,89,01,b5,83,71,91,2b,e3,da,af,8d,64,02,98,38,22,56,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(172)
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(308)
c:\program files\Avira\AntiVir Desktop\avsda.dll
- - - - - - - > 'explorer.exe'(2112)
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\stobject.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-07-25 12:55
ComboFix-quarantined-files.txt 2009-07-25 09:55
ComboFix2.txt 2009-07-25 09:52
ComboFix3.txt 2009-06-29 00:22
Pre-Run: 36,561,174,528 bytes free
Post-Run: 36,554,469,376 bytes free
340 --- E O F --- 2009-07-15 18:45
 
تأييد 0
طيب جهازك نظيف والتقارير سليمة ..

اعمل التالي لاهنت

كليك يمين على على سطح المكتب >>> خصائص >>> سمات

وقم باختيار الثيمة الأصلية حقت الوندوز الزرقاء .. ثم تطبيق ثم موافق

وحمل هذه الأداة​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها بدبل كلك​

i20932_1.png

i20933_2.png

i20934_3.png

i20935_4.png

ثم اعد تشغيل الجهاز​

وجرب
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
ثم أرفق تقرير هاجايك جديد
 
تأييد 0
لازالت المشكله اخوي ديمو ويبدو انها من هالثيم Vista_Anthracite زي ماتفضلت

هذا تقرير الهايجاك اخوي X300X

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:12:26 م, on 25/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\One\سطح المكتب\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 212.93.193.89:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VistaStart1.3] C:\WINDOWS\Resources\Themes\Vista_Anthracite\VistaStart\VistaStart1.3.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
--
End of file - 8498 bytes
 
تأييد 0
اخواني تم حل المشكلة حذفت ثيم Vista_Anthracite واشتغلت معي ادارة المهام تمام

الله يعطيك العافيه اخوي ديمو جزاك الله خير ورحم الله والدينا ووالديك ماقصرت يابطل

عندي طلب بسيط ياخوان انا عندي برنامج tuneup utilities 2009 بس المشكلة السريال عندي مو شغال وجربت اكثر من سريال ماشتغل اذا احد يقدر يفيدني واكون له شاكر

ادري تقولون وش ذا النشبه ههههههه الله يعطيكم الف عافيه

بارك الله فيكم
 
تأييد 0
ماعليه منهم قال:
اخواني تم حل المشكلة حذفت ثيم Vista_Anthracite واشتغلت معي ادارة المهام تمام

الله يعطيك العافيه اخوي ديمو جزاك الله خير ورحم الله والدينا ووالديك ماقصرت يابطل

عندي طلب بسيط ياخوان انا عندي برنامج tuneup utilities 2009 بس المشكلة السريال عندي مو شغال وجربت اكثر من سريال ماشتغل اذا احد يقدر يفيدني واكون له شاكر

ادري تقولون وش ذا النشبه ههههههه الله يعطيكم الف عافيه

بارك الله فيكم
أنقر للتوسيع...

الله يرحم والدينا وياك يالغالي

ولايهون عليك

جرب هالسيريال

Name: Demo-Dash
Orga: Home
serial: BFD45E-630ATE-H1MA0C-0HWTRB-15KY5M-F0V291

Name: Demo-Dash
Orga: Home
Serial: BFD6YK-XW1Q1H-R1CQAR-3R0K42-AACXJ7-14WARD

Name: Demo-Dash
Orga: Home
Serial: BFE1H2-T00WJ1-EV1RQJ-AH73RC-731X3V-WW0BMV

Name: Demo-Dash
Orga: Home
Serial: BFF8V6-M9MC98-V2K17X-XHNMR8-CYJN00-QDPYNB

Name: Demo-Dash
Orga: Home
Serial: BFHTXJ-JHB14W-QYYRNN-BWA6JJ-XYQND7-0A4EQ9


Name: Demo-Dash
Orga: Home
Serial: AQKA2P-HY7FQF-8M0930-DW4H4V-1EJPRC-16CHPN

حط بدال ديمو داش اي اسم تريده
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
الله يعطيك العافيه اخوي ديمو ماقصرت على وقفتك معي جعلها الله في موازين حسناتك

جربت السريالات وماشتغلت ماقصرت يابطل تعبتك معي يالغالي
 
تأييد 0
ابد يالغالي مافيه اي تعب

بالنسبه للسيريال افتح لك موضوع في ركن البرامج العامه والاخوه الكرام راح يفيدونك

بالتوفيق ان شاء الله

يغلق لإنتهاء الغرض منه
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى