مشكلة الصفحة الرئيسية لا تتغير ؟!!

[سكوتش 21]

السلام عليكم

عندي الصفحة الرئيسية ما تتغير في جميع المتصفحات

التقارير جميعها هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

 

[الخفـوق]

وعليكم السلام والرحمه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

الملف المضاف بمشاركة خبير الصيانة

وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة

اعمل كما بالشرح ...

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

 

[سكوتش 21]

هلا اخوي الخفوق

مشكور ع المساعدهــ

لكن للأسف مازالت المشكلة موجودهـ

 

[الخفـوق]

طيب يا غالي


طبق التالي فضلا ً //

حمل الاداه من الرابط التالي :

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وطبق حسب الشرح

بعد ماتضغط على الزر ( Delete ) كما في الصوره أعلاه




راح يعيد تشغيل الجهاز وافق




===========




بعدها إعمل هذا

حمل الاداة التالية واتبع الشرح لعمل تقرير ورفعه​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

​

اعمل كما الصورة لبدء الفحص​

​

ثم اعمل التالي لحفظ ملف التقريرر​

​

هذا هو التقرير المطلوب​

بعد حفظه قم بضغط الملف >>>

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وارفع الملف هنا​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

------------------------------​

​

 

[سكوتش 21]

# AdwCleaner v1.603 - Logfile created 09/29/2012 at 16:10:39
# Updated 22/04/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : ناصر الخالدي - ناصرالخالدي-PC
# Running from : C:\Users\ناصر الخالدي\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\ناصر الخالدي\AppData\Local\Conduit
Folder Found : C:\Users\ناصر الخالدي\AppData\LocalLow\Conduit
Folder Found : C:\Users\ناصر الخالدي\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\ناصر الخالدي\AppData\Roaming\Babylon
Folder Found : C:\Users\ناصر الخالدي\AppData\Roaming\pdfforge
Folder Found : C:\Users\ناصر الخالدي\AppData\Roaming\Mozilla\Firefox\Profiles\nmta5pup.default\Smartbar
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\Program Files (x86)\Conduit
File Found : C:\Users\ناصر الخالدي\AppData\Roaming\Mozilla\Firefox\Profiles\nmta5pup.default\searchplugins\Conduit.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [H. Navipromo] *****


***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1055551
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIm
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\SOFTWARE\SweetIM
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Value Found : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\SweetIm
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Value Found : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (ar)

Nom du profil : default
File : C:\Users\ناصر الخالدي\AppData\Roaming\Mozilla\Firefox\Profiles\nmta5pup.default\prefs.js

Found : user_pref("CT1055551.1000082.isPlayDisplay", "true");
Found : user_pref("CT1055551.1000082.state", "{\"state\":\"stopped\",\"text\":\"Adult Alt...\",\"description[...]
Found : user_pref("CT1055551.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT1055551.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT1055551.FirstTime", "true");
Found : user_pref("CT1055551.FirstTimeFF3", "true");
Found : user_pref("CT1055551.RSS_Template_Notify_gadgetaol_latino", "0~hxxp://www.bestsecuritytips.com/news+[...]
Found : user_pref("CT1055551.RSS_Template_Notify_toolbaraol_latino", "20");
Found : user_pref("CT1055551.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT105[...]
Found : user_pref("CT1055551.UserID", "UN61658925852799544");
Found : user_pref("CT1055551.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT1055551.autoDisableScopes", 0);
Found : user_pref("CT1055551.browser.search.defaultthis.engineName", true);
Found : user_pref("CT1055551.defaultSearch", "true");
Found : user_pref("CT1055551.embeddedsData", "[{\"appId\":\"128278779734319283\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT1055551.enableAlerts", "always");
Found : user_pref("CT1055551.enableSearchFromAddressBar", "true");
Found : user_pref("CT1055551.firstTimeDialogOpened", "true");
Found : user_pref("CT1055551.fixPageNotFoundError", "true");
Found : user_pref("CT1055551.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT1055551.fixUrls", true);
Found : user_pref("CT1055551.hxxp___cmg1_conduit_widgets_com_pitsi.STATE", "OPEN");
Found : user_pref("CT1055551.installId", "conduitinstaller.exe");
Found : user_pref("CT1055551.installType", "ConduitNSISIntegration");
Found : user_pref("CT1055551.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT1055551.isNewTabEnabled", true);
Found : user_pref("CT1055551.isPerformedSmartBarTransition", "true");
Found : user_pref("CT1055551.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT1055551.keyword", true);
Found : user_pref("CT1055551.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Found : user_pref("CT1055551.openThankYouPage", "false");
Found : user_pref("CT1055551.openUninstallPage", "true");
Found : user_pref("CT1055551.search.searchAppId", "128278779734319283");
Found : user_pref("CT1055551.search.searchCount", "0");
Found : user_pref("CT1055551.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT1055551.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT1055551.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT1055551.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT1055551.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT1055551.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT1055551.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT1055551.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT1055551.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT1055551.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348134970968");
Found : user_pref("CT1055551.serviceLayer_services_appsMetadata_lastUpdate", "1348580710523");
Found : user_pref("CT1055551.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348134973468");
Found : user_pref("CT1055551.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348580710609");
Found : user_pref("CT1055551.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348134973442");
Found : user_pref("CT1055551.serviceLayer_services_searchAPI_lastUpdate", "1348580710699");
Found : user_pref("CT1055551.serviceLayer_services_serviceMap_lastUpdate", "1348579303121");
Found : user_pref("CT1055551.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348134973414");
Found : user_pref("CT1055551.serviceLayer_services_toolbarSettings_lastUpdate", "1348580710569");
Found : user_pref("CT1055551.serviceLayer_services_translation_lastUpdate", "1348579304113");
Found : user_pref("CT1055551.settingsINI", true);
Found : user_pref("CT1055551.shouldFirstTimeDialog", "false");
Found : user_pref("CT1055551.smartbar.CTID", "CT1055551");
Found : user_pref("CT1055551.smartbar.Uninstall", "0");
Found : user_pref("CT1055551.smartbar.homepage", true);
Found : user_pref("CT1055551.smartbar.isHidden", false);
Found : user_pref("CT1055551.smartbar.toolbarName", "Best Security Tips ");
Found : user_pref("CT1055551.startPage", "userChanged");
Found : user_pref("CT1055551.toolbarBornServerTime", "20-9-2012");
Found : user_pref("CT1055551.toolbarCurrentServerTime", "25-9-2012");
Found : user_pref("CT1055551.toolbarDisabled", "true");
Found : user_pref("Smartbar.ConduitHomepagesList", "");
Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT1055551");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112250&tt=230512_54x");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "34e0055d00000000000000ff88542387");
Found : user_pref("extensions.BabylonToolbar_i.id", "34e0055d00000000000000ff88542387");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15492");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1718:23:47");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1055551&SearchSource=2&q=[...]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\ناصر الخالدي\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "homepage": "hxxp://search.conduit.com/?ctid=CT1055551&SearchSource=48",
Found : "path": "plugins/ConduitChromeApiPlugin.dll",
Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT105[...]
Found : "homepage": "hxxp://search.conduit.com/?ctid=CT1055551&SearchSource=48",

-\\ Opera v [Unable to get version]

File : C:\Users\ناصر الخالدي\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [11309 octets] - [29/09/2012 16:10:39]

########## EOF - C:\AdwCleaner[R1].txt - [11438 octets] ##########

 

[مـوآدع]

وعليكم السلام

من الهايجاك سو تنظيف للتالي

R3 - URLSearchHook: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

طريقة التنظيف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

-----
من تقرير البرامج المثبته

طبق التالي

ابدا - لوحة التحكم - البرامج والميزات

واحذف التالي

Hotspot Shield 2.67

iVocalize Web Conference 4

Ma-Config.com

بعدها بلغنا بالنتيجه

وياليت تعطينا الصفحه اللي تظهر لك واسم متصفحك
​

 

[سكوتش 21]

هلا اخوي موادع طبقت كل ماكتبت تماما لكن هذا

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine.8.0.14\coIEPlg.dll

كل ما احذفه احصله مره ثانيه !! والباقي كله حذفته , والبرامج تم حذفها ببرنامج your uninstaller

 

[سكوتش 21]

هذا رابط تقرير الرن سكنر

[FONT=arial, helv][FONT=arial, verdana, helv, sans-serif]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

الصفه لا زالت موجودهـ وهذي صوره منها

موجودهـ ولا تتغير على الانترنت اكسبلورل والفايرفوكس

اما القوقل شورم تتغير عادي


[/FONT][/FONT]​

 

[سكوتش 21]

ما ادري سويت شي يمكن يقربنا للمشكله

بحثت في الويندوز عن اسم الموقع الخبيث اللي في الصفحه الرئيسية عن طريق البحث المعروف

طلعت لي فقط مفكره بأسم user ومكانها في الـ C:\

نسختها وهذي محتويتها

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=010112_aln");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112555&tt=010112_aln");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "def");
user_pref("extensions.BabylonToolbar_i.instlRef", "std");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112250&tt=230512_54x");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.alnaddyToolbar_i.instlRef", "");

 

[الخفـوق]

طبق المشاركه رقم ( 4 )


ووافق ع الحذف :d:




بعد تطبيق المشاركه
راح يتم اعادة تشغيل الجهاز
ويطلع تقرير ثاني الصقه ب ردك القادم

 

[سكوتش 21]

بإنتظاركـ يالغلااااا

الله لا يهينك حبيبي تعبتكـ معي

 

[الخفـوق]

طبق المشاركه رقم 4

 

[سكوتش 21]

# AdwCleaner v1.603 - Logfile created 09/29/2012 at 23:50:52
# Updated 22/04/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : ناصر الخالدي - ناصرالخالدي-PC
# Running from : C:\Users\ناصر الخالدي\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [H. Navipromo] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (ar)

Nom du profil : default
File : C:\Users\ناصر الخالدي\AppData\Roaming\Mozilla\Firefox\Profiles\nmta5pup.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\ناصر الخالدي\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v [Unable to get version]

File : C:\Users\ناصر الخالدي\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [11416 octets] - [29/09/2012 16:10:39]
AdwCleaner[S1].txt - [10903 octets] - [29/09/2012 16:12:09]
AdwCleaner[R2].txt - [1294 octets] - [29/09/2012 22:26:09]
AdwCleaner[S2].txt - [1354 octets] - [29/09/2012 22:26:47]
AdwCleaner[R3].txt - [1414 octets] - [29/09/2012 23:49:48]
AdwCleaner[R4].txt - [1474 octets] - [29/09/2012 23:50:30]
AdwCleaner[S3].txt - [1405 octets] - [29/09/2012 23:50:52]

########## EOF - C:\AdwCleaner[S3].txt - [1533 octets] ##########



CTRL + Q to Enable/Disable GoPhoto.it

 

[سكوتش 21]

الله يسترنا عسا ماتطلع الفضايح بس هالتقارير :d:

 

[سكوتش 21]

up

 

[الخفـوق]

هلا اخوي


وين باقي المشاركه رقم 4
( تقرير رن سكنر ) لاهنت​