الجهاز بطئ والتصفح كمان

[ramyfahem]

عندى يطئ فى الجهاز والنت التصفح ميت





====== سجل أخطاء النظام ======

Computer Name: RMY-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 2913
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120410052318.411547-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RMY-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 2768
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120409181002.880842-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RMY-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 2631
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120409055845.921714-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RMY-PC
Event Code: 7023
Message: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847
Record Number: 2534
Source Name: Service Control Manager
Time Written: 20120409043705.574038-000
Event Type: Error
User:

Computer Name: RMY-PC
Event Code: 41
Message: The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
Record Number: 2487
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20120409043653.967618-000
Event Type: Critical
User: NT AUTHORITY\SYSTEM



===== سجل أخطاء البرامج =====

Computer Name: RMY-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 260
Source Name: Microsoft-Windows-WMI
Time Written: 20120407130845.000000-000
Event Type: Error
User:

Computer Name: RMY-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3744158729-3499054593-932733437-1000:
Process 440 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3744158729-3499054593-932733437-1000

Record Number: 242
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120407130608.184491-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: RMY-PC
Event Code: 1000
Message:
Record Number: 239
Source Name: Microsoft-Windows-User Profiles General
Time Written: 20120407130600.000000-000
Event Type: Error
User:

Computer Name: RMY-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 180
Source Name: Microsoft-Windows-WMI
Time Written: 20120407130202.000000-000
Event Type: Error
User:

Computer Name: RMY-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 163
Source Name: Microsoft-Windows-Search
Time Written: 20120407130131.000000-000
Event Type: Warning
User:



===== السجل الأمني =====

Computer Name: 37L4247F27-08
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-08$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407125621.044471-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-08
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247F27-08$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407125621.028871-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-08
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x24a46
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407125620.826070-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-08
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407125619.952469-000
Event Type: Audit Success
User:

Computer Name: 37L4247F27-08
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120407125619.890069-000
Event Type: Audit Success
User:



===== تقرير انهيار البرامج =====

==================================================
Process File : RelPost.exe
Event Name : StartupRepairOnline
Event Time : 12/05/2012 06:31:04 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\RelPost.exe
Report File Size : 3,406
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Critical_6.1.7600.16385_3a9ed5bc879a26d095281defb67fffc2b0482f_01a05e18\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_214082fb64f2ee876f12feefd16808546372ad6_01a07f4e\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_26ee3106ee541c08db68c656a327dc88efcf88_01a09a1e\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_362a52547ec25da19bdd30fcdf15a0f524427_01a0aa44\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_74f2fe218acac59e7fd12928c2fd571e5b4329_01a0bc4d\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 09:44:34 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_78efc842cf92e79bab1c4f2fb5bd805f263a65_01a0cd1f\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_7d16b4f5492bf188cadd34bdd3f1b861c9914679_01a0deea\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_7e28b2c9e4d29b75359ecaad6e1ff1597d413aa_01a0f113\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_829cb2b0d7f5d6eb7855ec3fe2b2a0f83ea366ad_01a10197\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_835c271d1978615f1917154e4c7a6545641712_01a111cc\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_842dc6683b86ac1a424cb8ce4bc8f6b9dda1d032_01a123b7\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_87c14fe44c7fabbcefb9617b7914eaeaf1c4fa41_01a133ae\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_d83377556f8181e8f25e995be77764cf6f7ad7f2_01a14432\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_e0d5b4ec3b5785ebeaba43a58b571cb63599b04b_01a1564b\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_f031d394e96c7a55a5f2fa28baeae8630e62d73_01a167c8\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_f12114979123631ea7f55629b0249dcd426ecd_01a179b2\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:58:02 ص
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fad415412951899dbe43ad6b6c9d75c48b39d5b_01a18bdb\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:34:55 ص
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fad415412951899dbe43ad6b6c9d75c48b39d5b_01a19e14\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:48:40 ص
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,096
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fe57e1975d29cc66b57343efc3acb7f9dd83_01a1afa1\Report.wer
==================================================

==================================================
Process File : Explorer.EXE
Event Name : Stopped working
Event Time : 30/05/2012 04:58:59 م
User Name : R@MY
Exception Code : 0xc0000005
Exception Offset : 0x01862f00
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Windows\Explorer.EXE
Report File Size : 20,446
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Explorer.EXE_781cc567763049a143fa8c9ab961ea2ed3f4a65_0b39fcc5\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Stopped working
Event Time : 28/05/2012 10:10:43 ص
User Name : R@MY
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_a7aa
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Internet Explorer\iexplore.exe
Report File Size : 13,556
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_1edd58ed555e78b3c096dc25b16db298108222e_0697e58d\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Stopped working
Event Time : 13/05/2012 08:09:05 ص
User Name : R@MY
Exception Code : 0xc0000374
Exception Offset : 0x000c380b
Fault Module Name : StackHash_8d68
Fault Module Version: 6.1.7601.17725
Process Path : C:\Program Files\Internet Explorer\iexplore.exe
Report File Size : 13,656
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_iexplore.exe_d6a2f6a535958698a65b3deed916286dd475ff39_0a38afbe\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 10/05/2012 07:16:22 م
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 15,458
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_7aedf66722b9d1450d9d61ea5349f8317494aeb_09978112\Report.wer
==================================================

==================================================
Process File : iexplore.exe
Event Name : Stopped responding and was closed
Event Time : 12/05/2012 08:31:24 ص
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Internet Explorer\iexplore.exe
Report File Size : 3,828
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\Critical_iexplore.exe_5e69de065352e2f6f5858a0e16dce1419d9d564_14c764f9\Report.wer
==================================================

==================================================
Process File : msdt.exe
Event Name : Problem not fixed
Event Time : 16/05/2012 04:51:30 م
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\system32\msdt.exe
Report File Size : 1,586
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft Window_cda9b2254efb048cd2c5c5e4fedb17132b29e1_01a7c16c\Report.wer
==================================================

==================================================
Process File : msdt.exe
Event Name : Problem not fixed
Event Time : 16/05/2012 04:54:26 م
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\system32\msdt.exe
Report File Size : 1,586
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft Window_cda9b2254efb048cd2c5c5e4fedb17132b29e1_01a7d2ab\Report.wer
==================================================

==================================================
Process File : msdt.exe
Event Name : Problem not fixed
Event Time : 16/05/2012 05:15:03 م
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\system32\msdt.exe
Report File Size : 1,586
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft Window_cda9b2254efb048cd2c5c5e4fedb17132b29e1_01a7e3da\Report.wer
==================================================

==================================================
Process File : msdt.exe
Event Name : Problem not fixed
Event Time : 10/05/2012 06:29:42 ص
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\system32\msdt.exe
Report File Size : 1,586
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_Microsoft Window_cda9b2254efb048cd2c5c5e4fedb17132b29e1_01a7f5b5\Report.wer
==================================================

==================================================
Process File : rundll32.exe
Event Name : Installed generic driver software
Event Time : 14/05/2012 12:51:52 م
User Name : R@MY
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\rundll32.exe
Report File Size : 2,194
Report File Path : C:\Users\R@MY\AppData\Local\Microsoft\Windows\WER\ReportArchive\NonCritical_x86_30785b4bb3f5ee2ebbcefbb9f6e4c47642f69fca_01a005cb\Report.wer
==================================================

==================================================
Process File : RelPost.exe
Event Name : StartupRepairOnline
Event Time : 12/05/2012 06:31:04 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\RelPost.exe
Report File Size : 3,406
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Critical_6.1.7600.16385_3a9ed5bc879a26d095281defb67fffc2b0482f_01a05e18\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_214082fb64f2ee876f12feefd16808546372ad6_01a07f4e\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_26ee3106ee541c08db68c656a327dc88efcf88_01a09a1e\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_362a52547ec25da19bdd30fcdf15a0f524427_01a0aa44\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_74f2fe218acac59e7fd12928c2fd571e5b4329_01a0bc4d\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 09:44:34 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_78efc842cf92e79bab1c4f2fb5bd805f263a65_01a0cd1f\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_7d16b4f5492bf188cadd34bdd3f1b861c9914679_01a0deea\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_7e28b2c9e4d29b75359ecaad6e1ff1597d413aa_01a0f113\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_829cb2b0d7f5d6eb7855ec3fe2b2a0f83ea366ad_01a10197\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_835c271d1978615f1917154e4c7a6545641712_01a111cc\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_842dc6683b86ac1a424cb8ce4bc8f6b9dda1d032_01a123b7\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_87c14fe44c7fabbcefb9617b7914eaeaf1c4fa41_01a133ae\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_d83377556f8181e8f25e995be77764cf6f7ad7f2_01a14432\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:44 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_e0d5b4ec3b5785ebeaba43a58b571cb63599b04b_01a1564b\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_f031d394e96c7a55a5f2fa28baeae8630e62d73_01a167c8\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 12/05/2012 06:33:43 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,094
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_f12114979123631ea7f55629b0249dcd426ecd_01a179b2\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:58:02 ص
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fad415412951899dbe43ad6b6c9d75c48b39d5b_01a18bdb\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:34:55 ص
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,088
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fad415412951899dbe43ad6b6c9d75c48b39d5b_01a19e14\Report.wer
==================================================

==================================================
Process File : svchost.exe
Event Name : Windows Update installation problem
Event Time : 10/05/2012 06:48:40 ص
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\svchost.exe
Report File Size : 2,096
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_7.5.7601.17514_fe57e1975d29cc66b57343efc3acb7f9dd83_01a1afa1\Report.wer
==================================================

 

[ramyfahem]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:11:28 ص, on 12/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe"
O4 - HKLM\..\Run: [HKLM] C:\Program Files\Outlook\svchost32.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [HKCU] C:\Program Files\Outlook\svchost32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{6C4F6183-A9D7-401E-BCFC-E5D287EB4283}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (vsserv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe

--
End of file - 6957 bytes

 

[ramyfahem]

Runscanner logfile

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

* = signed file
- = file not found

General info
------------
Computer name : RMY-PC
Creation time : 12/06/2012 09:13:28 ص
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.0.8112.16421
OS : Windows 7 Professional
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
* C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
* C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
* C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender)
* C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\taskeng.exe (Microsoft Corporation)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\rundll32.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe

Unrated items
-------------
002 * C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
002 * C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
002 C:\Program Files\Outlook\svchost32.exe (NETGATE Technologies s.r.o.)
003 C:\Program Files\Outlook\svchost32.exe (NETGATE Technologies s.r.o.)
010 * C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (Advanced SystemCare Service)
010 * C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender Security Service)
010 * C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender Update Service)
010 * C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (Bitdefender Web Server)
010 * C:\Program Files\eBoostr\EBstrSvc.exe (eBoostr cache generator)
010 * C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (maintenanceservice.exe)
010 C:\Program Files\Common Files\Motive\McciCMService.exe (mcci+McciCMService)
011 * C:\Windows\system32\DRIVERS\avc3.sys (Active Virus Control filter driver)
011 * C:\Windows\system32\DRIVERS\avckf.sys (Active Virus Control Kernel Filtering driver)
011 * C:\Windows\system32\DRIVERS\avchv.sys (BitDefender AntiVirus Active Virus Control Hypervisor driver)
011 * C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender AntiVirus FS filter driver)
011 * C:\Program Files\Bitdefender\Bitdefender 2012\bdselfpr.sys (BitDefender Self Protection Driver)
011 * C:\Program Files\SystemRequirementsLab\cpudrv.sys (cpudrv.sys)
011 * C:\Program Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver)
011 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS (PCAUSA NDIS 5.0 MPR Protocol Driver)
011 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS (PCAUSA NDIS 5.0 SPR Protocol Driver)
011 * C:\Windows\system32\DRIVERS\tap0901.sys (TAP-Win32 Virtual Network Driver)
011 * C:\Windows\system32\DRIVERS\trufos.sys (Trufos Kernel Module)
011 C:\Windows\system32\DRIVERS\br3gmdm.sys (USB Modem/Serial Device Driver)
011 * C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys (WinRing0)
035 C:\Program Files\Outlook\svchost32.exe (NETGATE Technologies s.r.o.) {XM5K6TVR-MKDT-4741-VO10-1R5KTVF6640N}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files\TeraCopy\TeraCopy.dll {A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}
061 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
061 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
105 Block frame with Ad Muncher :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Block image with Ad Muncher :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Block link with Ad Muncher :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Don't filter page with Ad Muncher :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Report page to the Ad Muncher developers :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 ت&صدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل محتوى FLV بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetVL.htm
120 NameServer {6C4F6183-A9D7-401E-BCFC-E5D287EB4283} : 8.8.8.8,8.8.4.4
170 {5c64b7ca-8910-11e1-90d3-00248ce57df4} : H:\AutoRun.exe
170 {7a785c40-8998-11e1-b250-00248ce57df4} : H:\AutoRun.exe
170 {9730154b-893b-11e1-90f2-00248ce57df4} : H:\AUTORUN_BANDLUXE.EXE
170 {dfaf5bb2-895e-11e1-8145-00248ce57df4} : H:\AutoRun.exe
170 {dfaf5bd4-895e-11e1-8145-00248ce57df4} : H:\AutoRun.exe
170 H : H:\AutoRun.exe
173 * C:\Program Files\Bitdefender\Bitdefender 2012\bdshellext.dll (Bitdefender)
173 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 * C:\Program Files\Bitdefender\Bitdefender 2012\bdshellext.dll (Bitdefender)
221 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 * C:\Program Files\Bitdefender\Bitdefender 2012\bdshellext.dll (Bitdefender)
225 * C:\Program Files\Bitdefender\Bitdefender 2012\bdshellext.dll (Bitdefender)
225 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
225 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 * C:\Program Files\Bitdefender\Bitdefender 2012\bdshellext.dll (Bitdefender)
227 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
227 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 C:\Program Files\TeraCopy\TeraCopyExt.dll {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}
251 C:\Program Files\TeraCopy\TeraCopy.dll {A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
011 c:\windows\system32\DRIVERS\ew_hwusbdev.sys
011 c:\windows\system32\DRIVERS\ewusbmdm.sys
011 c:\windows\system32\DRIVERS\ewusbnet.sys
011 c:\windows\system32\DRIVERS\ew_jubusenum.sys
011 C:\Windows\system32\drivers\MEMSWEEP2.sys
011 C:\Windows\system32\drivers\MREMPR5.sys
011 C:\Windows\system32\drivers\MRENDIS5.sys
073 C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe

 

[البارون]

حمل هذا البرنامج ​

رابط مباشر ،، محمول وبدون تثبيت
محدث
8 \ 4 \ 2012


ينصح بإغلاق برنامج الحماية قبل تحميل البرنامج
مستخدمي وندوز فيستا وسفن >>> كلك يمين وتشغيل كمسؤل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

انسخ ما بداخل التقرير والصقه بمشاركتك القادمة


والله يصلحك مركب البت ديفندر والاد منشر غصب التصفح بطيء ​

​

 

[ramyfahem]

البت ديفندر أنا مشترى البرنامج لمدة سنة معداش منها شهرين

Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة قاعدة البيانات : 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/06/2012 04:08:58 م
mbam-log-2012-06-12 (16-08-58).txt

نوع الفحص : فحص كامل (C:\|D:\|E:\|F:\|)
الكائنات المفحوصة : 259037
الوقت المنقضي : 38 دقيقة, 22 ثانية

عمليات الذاكرة المصابة : 0
وحدات الذاكرة المصابة : 0
مفاتيح الريجستري المصابة : 4
قيم الريجستري المصابة : 3
مواد بيانات الريجستري المصابة : 0
المجلدات المصابة : 0
الملفات المصابة : 2

عمليات الذاكرة المصابة :
(لم يتم إكتشاف مواد ضارة)

وحدات الذاكرة المصابة :
(لم يتم إكتشاف مواد ضارة)

مفاتيح الريجستري المصابة :
HKEY_CLASSES_ROOT\CLSID\{XM5K6TVR-MKDT-4741-VO10-1R5KTVF6640N} (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{XM5K6TVR-MKDT-4741-VO10-1R5KTVF6640N} (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\--((Mutex))-- (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XTREMERAT (Malware.Trace) -> Quarantined and deleted successfully.

قيم الريجستري المصابة :
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Backdoor.HMCPol.Gen) -> Value: HKCU -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Backdoor.HMCPol.Gen) -> Value: HKLM -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\XtremeRAT\Mutex (Malware.Trace) -> Value: Mutex -> Quarantined and deleted successfully.

مواد بيانات الريجستري المصابة :
(لم يتم إكتشاف مواد ضارة)

المجلدات المصابة :
(لم يتم إكتشاف مواد ضارة)

الملفات المصابة :
c:\Users\R@MY\AppData\Roaming\microsoft\Windows\--((mutex))--.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\Outlook\svchost32.exe (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.

 

[البارون]

ماشاء الله وشايف شغله البت ديفندر :y: (( الاخ نايم في الجهاز )) ولا درا عن الباك دور في جهازك


عطني

تقرير هايجاك + تقرير البرامج المثبته​

 

[ramyfahem]

تقرير هايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 05:12:30 م, on 12/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.EXE
C:\Users\R@MY\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] C:\Users\R@MY\AppData\Local\Temp\zxq2\\mbamgui.exe /starttray
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Block frame with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block image with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Block link with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Don't filter page with Ad Muncher -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Report page to the Ad Muncher developers -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{6C4F6183-A9D7-401E-BCFC-E5D287EB4283}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Users\R@MY\AppData\Local\Temp\zxq2\\mbamservice.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (vsserv) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe

--
End of file - 6777 bytes

 

[ramyfahem]

تقرير البرامج المثبته

====== معلومات نظام التشغيل ======

X86 WIN_7 7601 Service Pack 1


====== قائمة البرامج المثبتة ======

Ad Muncher v4.92 Build 32700
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.1
Advanced SystemCare 5
Angry Birds Space
Bitdefender Internet Security 2012
Bitdefender Internet Security 2012
CDisplay 1.8
ffdshow [rev 3154] [2009-12-09]
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.3.0402
Fun Morph 3.0
Game Booster 3
GOM Player
Google Update Helper
Intel(R) Graphics Media *********** Driver
Intel(R) TV Wizard
Internet Download Manager
IObit Malware Fighter
Java Auto Updater
Java(TM) 6 Update 31
K-Lite Mega Codec Pack 8.3.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 13.0 (x86 en-US)
Mozilla Maintenance Service
MPEG2 Codec(libmpeg2/mad)
MSVCRT
Process Lasso
Real Alternative 2.0.2
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Smart Defrag 2
SopCast 3.5.0
System Requirements Lab for Intel
TeraCopy 2.27
UltraISO Premium V9.52
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VLC media player 2.0.1
WebM Media Foundation Components
Winamp
Windows Live Call
Windows Live Communications Platform
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR 4.10 beta 3 (32-bit)
Yahoo! Messenger

 

[البارون]

هل لازلت تعاني من نفس المشاكل​

 

[ramyfahem]

صراحة لا الجهاز ممتاز فى التصفح والتحميل بس ممكن حضرتك تقولى السبب
وأن كان هناك انتى فيروس أحسن من البت دفندر