تم حل المشكلة الجهاز يعيد التشغيل كل مره عند فتح اي ملف بامتدادا exe

الحالة
مغلق و غير مفتوح للمزيد من الردود.
J

joOojoOo

زيزوومى متألق
إنضم
18 سبتمبر 2009
المشاركات
307
مستوى التفاعل
6
النقاط
390
غير متصل
السسلام عليكم
صباح الخيرات قميعن :d:


عندي ملفين بامتداد
exe
كل ما افتحها الجهاز يعيد التشغيل من نفسسه

لياا ساعتين على هالحال مو عارفه وين المشكله
لزا ساعدوني بلييز



:b::q:


 

توقيع : joOojoOo
ترتيب حسب التاريخ ترتيب حسب الأصوات



ي رباااه شغله ! :eek:

فحص المالويربايت شغال الحين
بس كيف اعرف انو تم التخلص من الفايروسات عشان احط تقارير هاذي
رن سكنر + الهايجاك + البرامج المثبتة


 
توقيع : joOojoOo
تأييد 0

راح ينتهي الفحص لمن تختفي عبارتين Puase scan و Abort scan وراح تظهر مكانهم عبارة Show ..

الله يعينك آصبري بس والله جهآزك متضرر بالفايروسات كثيير :smile:
 
توقيع : bin6aleb
تأييد 0
تقرير المالويربايت ..


Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



Database version: 7622

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20/01/12 8:00:49 ص
mbam-log-2012-01-20 (08-00-49).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 272363
Time elapsed: 1 hour(s), 12 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 31
Files Infected: 28

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Tok-Cirrhatus (Worm.Brontok) -> Value: Tok-Cirrhatus -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Tok-Cirrhatus-2223 (Worm.Brontok) -> Value: Tok-Cirrhatus-2223 -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\Users\Orbit\local settings\application data\bron.tok-17-1 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-10 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-11 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-12 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-13 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-14 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-15 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-16 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-17 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-18 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-19 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-2 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-20 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-21 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-22 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-23 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-24 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-25 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-26 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-27 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-28 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-29 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-3 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-30 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-31 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-4 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-5 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-6 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-7 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-8 (Worm.Brontok) -> Quarantined and deleted successfully.
c:\Users\Orbit\local settings\application data\bron.tok-17-9 (Worm.Brontok) -> Quarantined and deleted successfully.

Files Infected:
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\0\85\85.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\1\11\11.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\1\B6\B6.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\2\08\08.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\2\11\11.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\3\07\07.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\3\1F\1F.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\4\89\89.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\4\8B\8B.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\5\3A\3A.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\5\8D\8D.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\5\9D\9D.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\7\CA\CA.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\8\58\58.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\8\A1\A1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\8\F3\F3.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\9\B9\B9.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\B\00\00.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\C\4A\4A.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\C\53\53.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\C\7E\7E.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\E\77\77.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\E\F4\F4.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\F\20\20.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\F\60\60.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Mozilla\Firefox\Profiles\ksyxdtor.default\Cache\F\DB\DB.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Temp\sas_selfextract\Logs\Logs.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Orbit\AppData\Local\Temp\sas_selfextract\quarantine\quarantine.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
 
توقيع : joOojoOo
تأييد 0
توقيع : joOojoOo
تأييد 0
الهايجاك ..

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:14:24 ص, on 20/01/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Orbit\Desktop\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Orbit\AppData\Local\Temp\zxq2\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\Orbit\Downloads\runscanner.exe
C:\Windows\System32\notepad.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=129fbd3c00000000000000234efde829&tlver=1.4.19.19&affID=17159
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.0.0.138;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Users\Orbit\Desktop\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\Orbit\AppData\Local\Temp\zxq2\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{683AFECC-B9DF-4A69-9DD8-029DD7F038B8}: NameServer = 10.71.0.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Users\Orbit\Desktop\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Users\Orbit\Desktop\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Users\Orbit\Desktop\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Users\Orbit\Desktop\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

--
End of file - 7950 bytes
 
توقيع : joOojoOo
تأييد 0
البرامج المثبته ..



====== معلومات نظام التشغيل ======

X86 WIN_7 7600


====== قائمة البرامج المثبتة ======

µTorrent
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader X - Arabic
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BlackBerry Desktop Software 6.1
BlackBerry Desktop Software 6.1
BlackBerry Device Software v4.6.1 for the BlackBerry 8900 smartphone
Bonjour
CCleaner
Conduit Engine
ESET NOD32 Antivirus
FormatFactory 2.60
Golden Al-Wafi Translator
GOM Player
Google Chrome
Google Earth
Google Update Helper
Hotspot Shield 2.23
Intel(R) Graphics Media *********** Driver
Intel(R) TV Wizard
iPhoneBrowser
iTunes
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) 6 Update 7
K-Lite Codec Pack 4.8.0 (Full)
McAfee Security Scan Plus
Messenger Plus! 5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended ARA Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 9.0.1 (x86 ar)
MSVCRT
Nero 6 Demo
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
The KMPlayer (remove only)
uTorrentBar Toolbar
VLC media player 1.1.9
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Media Player Firefox Plugin
WinRAR archiver
Your Uninstaller! 7
أداة التحميل Windows Live Upload Tool
حزمة اللغة العربية الموسعة لـ Microsoft .NET Framework 4
حزمة اللغة العربية لـ Microsoft .NET Framework 4
مساعد تسجيل الدخول إلى Windows Live
 
توقيع : joOojoOo
تأييد 0


احذفي البرامج التالية ..

Bonjour
 Conduit Engine
 McAfee Security Scan Plus

إستخدمي برنامج Your Uninstaller! 7 في حذف البرامج للتخص منها نهائياً ..

ثم بعد ذلك قومي بتنظيف قيم الهآيجاك التالية :

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=129fbd3c00000 000000000234efde829&tlver=1.4.19.19&affID=17159

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 10.0.0.138;*.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll

O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\Orbit\AppData\Local\Temp\zxq2\mbam.e xe" /runcleanupscript

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

للمعلومية بعض القيم للهايجاك لن تجديها لأنها حذفت عندما تم حذف برنامجها ..

آختي آنآ آفضل إنك تتخصلي من برنامج الحماية النود الذي تستخدمينه لآنه مو قوي لدرجة تكفي لحماية جهآزك ..

إذا حآبه تحذفيه انا أفضل تركبي برنامج النورتون انترنت سيكيورتي أو كاسبر انترنت سيكيورتي ..

انا أستخدم النورتون انترنت سيكيورتي لأنه قوي جداً وخفيف ايضاً ولكي حرية الإختيآر ..

إذا ودك تحذفي برنامج النود إحذفيه أيضاً عن طريق برنامج Your Uninstaller! 7 ..

ثم قومي بإعطائي تقرير رن سكنر جديد بعد إذنك عشآن نتأكد من التخلص منه نهائياً ..

أنتظر ردك .. ؟
 
توقيع : bin6aleb
تأييد 0



b907f97ee6ac3707176efc8d491ad64c.png



اعمل ايييه ! :no:



 
توقيع : joOojoOo
تأييد 0


please help me :no:



 
توقيع : joOojoOo
تأييد 0

آختي أضغطي على خيـار Enter Key ثم أدخلي السيريال التالي :

Name: sharyn kolibob
Serial Number: 000016-9P0U6X-N5BBFB-EH9ZTE-DEZ8P0-9U4R72-RGZ6PF-EMYUAZ-9J6XQQ-89BV1Z


موفقه :smile:
 
توقيع : bin6aleb
تأييد 0


سنكيوووو :d:

الحين حذفت قيم الهايجاك وحذفت البرامج اللي قلت عنها
وابي اغير برنامج الحمايه كيف !!



 
توقيع : joOojoOo
تأييد 0


طيب برنامج الحماية عندك هو النود هل قمتي بحذفه ببرنامج Your Uninstaller 7 ..


إذا لا أحذفيه الحييين وإذا إيييه أعطيني تقرير رن سكنر جديد بعد إذنك ..

تقرير الرن سكنر أبيه بعد حذف برنامج النود وليس قبله ..

موفقه :smile:
 
توقيع : bin6aleb
تأييد 0
Runscanner logfile

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



* = signed file
- = file not found

General info
------------
Computer name : ORBIT-PC
Creation time : 20/01/12 9:36:25 م
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Home Premium
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : العربية (السعودية)‏
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
* C:\Windows\System32\hkcmd.exe (Intel Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Users\Orbit\Desktop\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
* C:\Users\Orbit\Desktop\Hotspot Shield\bin\hsswd.exe
* C:\Windows\System32\igfxsrvc.exe (Intel Corporation)
* C:\Windows\System32\igfxtray.exe (Intel Corporation)
* C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
* C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
* C:\Windows\System32\SearchFilterHost.exe (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
* C:\Users\Orbit\Desktop\Hotspot Shield\bin\openvpnas.exe
* C:\Users\Orbit\Desktop\Hotspot Shield\bin\openvpntray.exe
* C:\Windows\System32\igfxpers.exe (Intel Corporation)
* C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
* C:\Users\Orbit\Downloads\runscanner.exe (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)

Unrated items
-------------
002 C:\Windows\system32\NeroCheck.exe (Ahead Software Gmbh)
002 C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
005 C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
006 C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
010 * C:\Users\Orbit\Desktop\Hotspot Shield\HssWPR\hsssrv.exe (hsssrv.exe)
010 * C:\Users\Orbit\Desktop\Hotspot Shield\bin\HssTrayService.EXE (HssTrayService.EXE)
010 * C:\Users\Orbit\Desktop\Hotspot Shield\bin\hsswd.exe (hsswd.exe)
010 * C:\Users\Orbit\Desktop\Hotspot Shield\bin\openvpnas.exe (openvpnas.exe)
011 * C:\Windows\system32\DRIVERS\HssDrv.sys (Hotspot Shield Routing Driver)
011 * C:\Users\Orbit\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS (SASDIFSV.SYS)
011 * C:\Users\Orbit\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS (SASKUTIL.SYS)
011 * C:\Windows\system32\DRIVERS\taphss.sys (TAP-Win32 Virtual Network Driver)
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
052 * C:\Users\Orbit\Desktop\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
105 ت&صدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
120 NameServer {683AFECC-B9DF-4A69-9DD8-029DD7F038B8} : 10.71.0.1
170 {c66ebd15-fb12-11e0-8c1e-00234efde829} : "F:\WD SmartWare.exe" autoplay=true
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Users\Orbit\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Users\Orbit\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Users\Orbit\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
011 C:\Windows\system32\drivers\mbamswissarmy.sys
032 rdpclip
107 C:\Program Files\Bonjour\mdnsNSP.dll
 
توقيع : joOojoOo
تأييد 0


تفضلي هذآ الرن سكنر :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وهذه طريقة تنظيف الرن سكنر :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



بعد ذلك قومي بتحميل برنامج النورتون من هنآآ ..


Norton™ Internet Security 2012
اصدار يحتوي على جدار ناري وحماية ابوية اضافة للانتي فايروس
وهي النسخة المشروحة بموضوعنا

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



إختاري لغة البرنامج التي تناسبك ..

وبعد ذلك إتبعي تثبيت البرنامج وتحديثه في الموضوع التالي : ( الموضوع يشرح النورتون بشكل كامل )

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



ولطلب سيريال أصلي للنورتون من 120 إلى 180 يوم مجاناً من الموضوع التالي :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



بينما تقومين بتحميل النورتون آختي طلب آخير :d:

أبي تقرير هآيجاك جديد بعد إذنك :smile:

وكذآ نكون خلصنا كل شيء بإذن الله ..

إذا عندك إستفسار أو طلب تفضلي ؟ :u:

 
توقيع : bin6aleb
تأييد 0
بعد ما سويت شرح تنظيف الرن سكنر طلع لي هذا عادي ولا لا !


a64d3f28742e021f25a664829e33666b.png
 
توقيع : joOojoOo
تأييد 0
لا انا حددت آكثر من هذآآ !!!

أعطيني تقرير جديد لو سمحتي بعد إذنك + تقرير هآيجآك جديد :smile:
 
توقيع : bin6aleb
تأييد 0

ايوا ترا طلع غيرها وسويت تنظيف وراحت بس باقي هذا

الحين انزل التقرير



 
توقيع : joOojoOo
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى