[تم حل المشكلة] مشكلتي و الكــاسبـــر "مولع السفتي"....).....؟؟؟

الحالة
مغلق و غير مفتوح للمزيد من الردود.
خ

خيآل إنسآن

زيزوومى مميز
إنضم
20 مايو 2009
المشاركات
823
مستوى التفاعل
13
النقاط
530
غير متصل
الســــلام عليكم و رحمة الله و بركاته



كيف حالكم يا اعضاء زيزوووم ؟؟؟


عندي مشكلة هو ان الكاسبر انترنت سكيورتي2009 مدري وش بلاه "مولع السفتي":d:
و معلن حالة طوارئ و لا ادري ايش المشكلة بالضبط هذي الصورة

i26888_12081430104502.jpg


و اذا ضغط على اصلاح تطلع كذا و لا اقدر اسوي شي

i26889_12081430104611.jpg


علما بأن المفتاح شغال و التحديث كذلك قلت يمكن فيه شي فايروس او باتش اختراق
رح و حطيت الجهاز ع الوضع الامن "safe mode" و سويت فحص طبعا الحذف
و التنظيف اوتماتيكا و مازال الانذار مستمر ؟؟؟؟؟؟؟؟؟
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
هذه تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:44 ص, on 03/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Conexant\Adsl\dslagent.exe
C:\Program Files\Conexant\Adsl\dslstat.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
D:\منوعات\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (file missing)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Conexant\Adsl\dslagent.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Conexant\Adsl\dslstat.exe icon
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{C7EB8285-CDE3-4272-B9E9-AB6BF5E66784}: NameServer = 84.235.6.54 84.235.6.55
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AST Service (astcc) - Unknown owner - C:\WINDOWS\system32\ASTSRV.EXE (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 6076 bytes
 
تأييد 0
وعليكم السلام




اداة ComboFix


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes


اثناء الفحص ممكن يعاد تشغيل الجهاز


وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
شكرا ابو ريما ع المساعدة و هذا تقرير اداة كمبوفيكس و ما زالت المشكلة مستمرة

ComboFix 09-08-02.03 - I-R-I 08/03/2009 11:27.4.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.223.86 [GMT 3:00]
Running from: d:\منوعات\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\I-R-I\Application Data\addon.dat
c:\windows\system32\_002890_.tmp.dll
c:\windows\system32\_002892_.tmp.dll
c:\windows\system32\_002899_.tmp.dll
c:\windows\system32\_002900_.tmp.dll
c:\windows\system32\_002901_.tmp.dll
c:\windows\system32\_002902_.tmp.dll
c:\windows\system32\_002904_.tmp.dll
c:\windows\system32\_002905_.tmp.dll
c:\windows\system32\_002908_.tmp.dll
c:\windows\system32\_002909_.tmp.dll
c:\windows\system32\_002911_.tmp.dll
c:\windows\system32\_002912_.tmp.dll
c:\windows\system32\_002913_.tmp.dll
c:\windows\system32\_002915_.tmp.dll
c:\windows\system32\_002918_.tmp.dll
c:\windows\system32\_002919_.tmp.dll
c:\windows\system32\_002923_.tmp.dll
c:\windows\system32\_002924_.tmp.dll
c:\windows\system32\_002926_.tmp.dll
c:\windows\system32\_002929_.tmp.dll
c:\windows\system32\_002932_.tmp.dll
c:\windows\system32\_002933_.tmp.dll
c:\windows\system32\_002934_.tmp.dll
c:\windows\system32\_002935_.tmp.dll
c:\windows\system32\_002938_.tmp.dll
c:\windows\system32\_002939_.tmp.dll
c:\windows\system32\_002940_.tmp.dll
c:\windows\system32\_002941_.tmp.dll
c:\windows\system32\_002942_.tmp.dll
c:\windows\system32\_002947_.tmp.dll
c:\windows\system32\_002949_.tmp.dll
c:\windows\system32\_004645_.tmp.dll
c:\windows\system32\_004647_.tmp.dll
c:\windows\system32\_004654_.tmp.dll
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004656_.tmp.dll
c:\windows\system32\_004658_.tmp.dll
c:\windows\system32\_004659_.tmp.dll
c:\windows\system32\_004662_.tmp.dll
c:\windows\system32\_004663_.tmp.dll
c:\windows\system32\_004665_.tmp.dll
c:\windows\system32\_004666_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004669_.tmp.dll
c:\windows\system32\_004672_.tmp.dll
c:\windows\system32\_004673_.tmp.dll
c:\windows\system32\_004677_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004680_.tmp.dll
c:\windows\system32\_004683_.tmp.dll
c:\windows\system32\_004686_.tmp.dll
c:\windows\system32\_004687_.tmp.dll
c:\windows\system32\_004688_.tmp.dll
c:\windows\system32\_004691_.tmp.dll
c:\windows\system32\_004692_.tmp.dll
c:\windows\system32\_004693_.tmp.dll
c:\windows\system32\_004694_.tmp.dll
c:\windows\system32\_004695_.tmp.dll
c:\windows\system32\_004700_.tmp.dll
c:\windows\system32\_004702_.tmp.dll
c:\windows\system32\winntue16.dll
.
((((((((((((((((((((((((( Files Created from 2009-07-03 to 2009-08-03 )))))))))))))))))))))))))))))))
.
2009-07-31 18:56 . 2009-08-02 19:51 -------- d-----w- c:\program files\RealDrawPRO5
2009-07-30 17:20 . 2009-07-30 17:20 44544 ------w- c:\windows\AWuninstall.exe
2009-07-30 17:20 . 2009-07-30 17:20 -------- d-----w- c:\program files\Lokas
2009-07-29 11:34 . 2009-07-29 11:34 -------- d-----w- c:\windows\system32\????????????
2009-07-29 11:21 . 2002-10-25 02:17 65536 ----a-w- c:\windows\system32\Crypserv.exe
2009-07-29 11:21 . 1999-06-18 21:49 165888 ----a-w- c:\windows\Ckconfig.exe
2009-07-29 11:21 . 1996-05-03 17:21 27648 ----a-r- c:\windows\Setup_ck.exe
2009-07-29 11:21 . 1996-05-03 15:36 18432 ----a-w- c:\windows\Setup_ck.dll
2009-07-29 11:21 . 1995-07-04 18:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2009-07-29 11:13 . 1999-06-25 07:55 149504 ----a-w- C:\UNWISE.EXE
2009-07-29 01:22 . 2009-07-29 01:22 -------- d-----w- c:\program files\WinPcap
2009-07-26 22:11 . 2009-07-26 22:11 -------- d-----w- C:\LtUcx
2009-07-23 14:00 . 2009-07-23 14:00 -------- d-----w- c:\program files\3D Image Commander
2009-07-22 04:29 . 2009-07-22 04:29 -------- d-----w- c:\documents and settings\All Users\Application Data\SWiSHMax2WorkFolder
2009-07-21 17:22 . 2009-07-21 17:22 -------- d-sh--w- C:\found.001
2009-07-21 02:14 . 2004-02-22 22:00 1386496 ----a-w- c:\windows\system32\MSVBVM60.DLL
2009-07-06 23:46 . 2009-07-06 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-07-05 21:12 . 2009-02-09 10:19 680960 ----a-w- c:\windows\system32\advapi32.dll
2009-07-04 23:42 . 2009-07-04 23:42 -------- d-----w- c:\documents and settings\I-R-I\Application Data\URSoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-02 20:43 . 2009-05-09 09:36 77176 ----a-w- c:\windows\Fonts\SC_OUHOD.ttf
2016-12-30 15:32 . 2009-05-09 09:36 90072 ----a-w- c:\windows\Fonts\SC_REHAN.ttf
2016-12-30 15:06 . 2009-05-09 09:36 70064 ----a-w- c:\windows\Fonts\SC_TARABLUS.ttf
2016-12-30 15:05 . 2009-05-09 09:36 102264 ----a-w- c:\windows\Fonts\SC_SHMOOKH01.ttf
2016-12-30 15:05 . 2009-05-09 09:36 66792 ----a-w- c:\windows\Fonts\SC_SHARJAH.ttf
2016-12-30 15:04 . 2009-05-09 09:36 66852 ----a-w- c:\windows\Fonts\SC_LUJAYN.ttf
2016-12-30 15:03 . 2009-05-09 09:36 64908 ----a-w- c:\windows\Fonts\SC_KHALID.ttf
2016-12-30 15:03 . 2009-05-09 09:36 63168 ----a-w- c:\windows\Fonts\SC_HANI.ttf
2016-12-30 15:02 . 2009-05-09 09:36 81648 ----a-w- c:\windows\Fonts\SC_GULF.ttf
2016-12-30 15:02 . 2009-05-09 09:36 75820 ----a-w- c:\windows\Fonts\SC_DUBAI.ttf
2016-12-30 15:01 . 2009-05-09 09:36 70368 ----a-w- c:\windows\Fonts\SC_AMEEN.ttf
2016-12-30 15:00 . 2009-05-09 09:36 86304 ----a-w- c:\windows\Fonts\SC_ALYERMOOK.ttf
2009-08-03 08:39 . 2009-05-25 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-08-03 08:38 . 2009-05-25 17:23 524320 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-08-03 08:38 . 2009-05-25 17:23 2872 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-03 08:38 . 2009-05-25 17:23 2143264 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-03 08:38 . 2009-05-25 17:23 17824 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-03 07:43 . 2001-09-19 15:00 59680 ----a-w- c:\windows\system32\perfc001.dat
2009-08-03 07:43 . 2001-09-19 15:00 331070 ----a-w- c:\windows\system32\perfh001.dat
2009-08-03 05:10 . 2009-04-30 14:54 -------- d-----w- c:\program files\mpegable
2009-08-02 02:46 . 2009-04-30 15:08 -------- d-----w- c:\documents and settings\I-R-I\Application Data\dvdcss
2009-08-01 04:30 . 2009-05-01 13:18 -------- d-----w- c:\documents and settings\I-R-I\Application Data\X-NetStat
2009-07-29 11:35 . 2009-04-30 14:33 263144 ----a-w- c:\documents and settings\I-R-I\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-29 01:22 . 2009-05-01 09:53 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-21 17:29 . 2009-05-25 17:53 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-07-19 20:09 . 2009-05-03 06:55 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-19 19:56 . 2009-06-30 19:21 -------- d-----w- c:\documents and settings\I-R-I\Application Data\gtk-2.0
2009-07-17 18:37 . 2009-06-26 03:01 10240 ----a-w- c:\documents and settings\I-R-I\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-07-04 18:18 . 2009-05-19 02:43 -------- d-----w- c:\program files\a-squared Free
2009-07-03 19:40 . 2009-07-03 19:40 38912 ----a-w- c:\windows\system32\pchsvc.dll
2009-07-03 14:09 . 2009-07-03 12:08 -------- d-----w- c:\documents and settings\I-R-I\Application Data\DMCache
2009-07-03 12:10 . 2009-07-03 12:08 -------- d-----w- c:\documents and settings\I-R-I\Application Data\IDM
2009-07-03 12:09 . 2009-07-03 12:09 198064 ----a-w- c:\documents and settings\I-R-I\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-07-03 11:43 . 2009-04-30 14:25 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-02 20:45 . 2009-07-02 20:44 -------- d-----w- c:\program files\Common Files\Xara
2009-07-02 20:44 . 2009-07-02 20:44 -------- d-----w- c:\program files\Xara
2009-07-02 20:44 . 2009-04-30 14:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-30 19:14 . 2009-06-30 19:14 -------- d-----w- c:\program files\GIMP-2.0
2009-06-28 18:40 . 2009-06-21 05:23 -------- d-----w- c:\program files\2D and 3D Animator
2009-06-27 22:24 . 2009-05-18 11:59 -------- d-----w- c:\program files\Muslim Bag
2009-06-26 14:55 . 2009-04-30 14:47 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-06-24 18:02 . 2009-06-24 18:00 -------- d-----w- c:\program files\Banner Maker Pro 7
2009-06-22 17:18 . 2009-04-30 15:00 -------- d-----w- c:\documents and settings\I-R-I\Application Data\vlc
2009-06-21 05:23 . 2009-06-21 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\PY_Software
2009-06-19 23:00 . 2009-06-19 23:00 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-19 23:00 . 2009-04-30 15:01 -------- d-----w- c:\program files\Common Files\Real
2009-06-19 22:59 . 2009-04-30 15:01 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-19 22:59 . 2003-02-21 02:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-18 02:21 . 2009-06-18 02:21 -------- d-----w- c:\documents and settings\I-R-I\Application Data\Aleo Software
2009-06-15 14:03 . 2009-06-08 09:52 -------- d-----w- c:\program files\Wenodwx
2009-06-15 14:03 . 2009-05-16 06:49 -------- d-----w- c:\program files\All2Chat
2009-06-12 23:01 . 2009-06-12 23:01 -------- d-----w- c:\program files\ubroadcast station manager
2009-06-10 18:09 . 2009-06-10 18:08 -------- d-----w- c:\program files\ClubDJ Pro
2009-06-04 16:21 . 2009-05-25 17:24 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-04 16:21 . 2009-05-25 17:24 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-03 19:25 . 2004-08-04 00:55 1288704 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 19:32 . 2009-06-02 19:32 3584 ----a-r- c:\documents and settings\I-R-I\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-06-01 07:05 . 2009-06-01 06:56 94 ----a-w- C:\Iotmrd.sys
2009-05-28 15:41 . 2009-05-28 15:41 4 ----a-w- c:\windows\RegDefrag.dat
2009-05-25 17:53 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-25 17:53 . 2009-05-25 17:53 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-25 17:53 . 2009-05-25 17:53 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-24 07:23 . 2009-05-24 07:23 2678 ----a-w- c:\windows\java\Packages\Data\crbzpfnr.dat
2009-05-24 07:23 . 2009-05-24 07:23 2678 ----a-w- c:\windows\java\Packages\Data\omj775rz.dat
2009-05-24 07:23 . 2009-05-24 07:23 2678 ----a-w- c:\windows\java\Packages\Data\r53jrnb7.dat
2009-05-24 07:23 . 2009-05-24 07:23 2678 ----a-w- c:\windows\java\Packages\Data\y8ktbr7j.dat
2009-05-24 07:23 . 2009-05-24 07:23 2678 ----a-w- c:\windows\java\Packages\Data\bf7hnfrd.dat
2009-05-20 00:00 . 2009-05-14 09:16 10017 ----a-w- c:\documents and settings\All Users\Application Data\BlazeVideo\VideoMagic3\BlazeVideoMagic.dll
2009-05-19 12:09 . 2009-05-19 12:07 811008 ----a-w- c:\windows\AL-MOHAGR.scr
2009-05-08 15:36 . 2009-05-08 15:35 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2009-05-07 15:42 . 2009-07-05 21:12 344064 ----a-w- c:\windows\system32\localspl.dll
2009-07-26 09:06 . 2009-05-02 20:54 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2009-1-22 7225672]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25/01/2007 08:31 م 42000]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1EB7A8A3-2EFC-8EE6-DD23-BBD56769D9FD}]
c:\program files\Wenodwx\wwwer.exe s
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
TCP: {C7EB8285-CDE3-4272-B9E9-AB6BF5E66784} = 84.235.6.54 84.235.6.55
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://ameer4voice.server4flood.com:1999/ReadUid.CAB
FF - ProfilePath - c:\documents and settings\I-R-I\Application Data\Mozilla\Firefox\Profiles\ipxx5lif.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 4shared Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&q=
FF - component: c:\documents and settings\I-R-I\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-08-03 11:41
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(944)
c:\windows\system32\NTMARTA.DLL
- - - - - - - > 'explorer.exe'(1716)
c:\windows\system32\msi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.ARA
.
------------------------ Other Running Processes ------------------------
.
c:\program files\a-squared Free\a2service.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
c:\windows\system32\Crypserv.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
c:\program files\Common Files\Real\Update_OB\realsched.exe
c:\windows\system32\rundll32.exe
c:\program files\Conexant\Adsl\DSLAGENT.EXE
c:\program files\Conexant\Adsl\DSLSTAT.EXE
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\program files\Windows Live\Messenger\msnmsgr.exe
c:\program files\Messenger\msmsgs.exe
c:\program files\TechSmith\Snagit 9\SnagitEditor.exe
.
**************************************************************************
.
Completion time: 2009-08-03 11:46 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-03 08:46
ComboFix2.txt 2009-05-25 18:11
ComboFix3.txt 2009-05-24 09:07
ComboFix4.txt 2009-05-21 10:42
Pre-Run: 7,387,787,264 bytes free
Post-Run: 8,735,608,832 bytes free
272 --- E O F --- 2009-07-16 00:05
 
تأييد 0
هل انت مركب اعدادات زيزووم​
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
نعم مركب اعدادات زيزوووم
 
تأييد 0
قم بمسح التقارير والمخلفات

configuration
ثم

journaux

ثم

purger

وحذف جميع المخلفات ولقارير

وقم بفحص جديد
 
تأييد 0
توقيع : ابـــو عــبــد الــلــه
تأييد 0
abdelmalak قال:
قم بمسح التقارير والمخلفات

configuration
ثم

journaux

ثم

purger

وحذف جميع المخلفات ولقارير

وقم بفحص جديد
أنقر للتوسيع...


حذفت التقارير اللي طالعة في الصورة الثانية و طلع الاخضر على طول :d:
،
،
،
الله يجزاك كل خير ووفقك دنيا و آخرة و زادك من علمه و بارك الله فيك ..
 
تأييد 0
الحمد لله على إنتهااء المشكلة

ما قصروا الشباب الله يعطيهم الف عااافية

يغلق لـ انتهاء حل المشكلة .. ودي وتقديري
 
توقيع : Al jNtEeL
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى