- بادئ الموضوع asem
- تاريخ البدء
- 923
AbOdy
عضو شرف
- إنضم
- 17 سبتمبر 2007
- المشاركات
- 6,865
- مستوى التفاعل
- 91
- النقاط
- 840
غير متصل
خلينا نشوف التقارير
==============
==============
(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
التعديل الأخير بواسطة المشرف:
توقيع : AbOdy
تأييد
0
ComboFix
....................................
ComboFix 08-09-05.05 - Administrator 09/08/2008 4:48:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.57 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2008-08-08 to 2008-09-08 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-08 01:51 97,436 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-08 01:51 232,028 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-08 01:51 17,244,448 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-08 01:51 1,027,872 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-08 00:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-06 15:02 --------- d-----w C:\Program Files\Color7 Video Studio
2008-09-05 02:47 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-09-05 02:45 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-04 14:53 --------- d---a-w C:\Documents and Settings\All Users\Application Data\temp
2008-08-25 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-08-25 01:24 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-25 01:24 --------- d-----w C:\Program Files\Common Files\Nokia
2008-08-25 01:23 --------- d-----w C:\Program Files\Nokia
2008-08-25 01:20 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-08-13 00:15 64,512 ---ha-w C:\Documents and Settings\Administrator\Application Data\dach100.dll
2008-08-09 23:29 --------- d-----w C:\Program Files\Ela-Salaty
2008-08-07 00:32 --------- d-----w C:\Program Files\RegistryFix7
2008-08-07 00:13 --------- d-----w C:\Program Files\RegistryFix6
2008-08-06 18:04 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-05 04:48 --------- d-----w C:\Program Files\DSL Speed
2008-08-03 01:08 --------- d-----w C:\Program Files\WaveL Pic2Pic Pro
2008-07-31 23:42 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-31 23:05 --------- d-----w C:\Program Files\Find Junk Files
2008-07-31 02:46 --------- d-----w C:\Program Files\mp3DirectCut
2008-07-31 01:27 --------- d--h--w C:\Program Files\Zero G Registry
2008-07-30 02:59 --------- d-----w C:\Program Files\AliveMedia
2008-07-30 02:07 --------- d-----w C:\Program Files\Dachshund Software
2008-07-30 01:29 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-30 01:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-30 01:29 --------- d-----w C:\Program Files\Pic2Ico
2008-07-30 01:29 --------- d-----w C:\Program Files\FreshDevices
2008-07-30 01:29 --------- d-----w C:\Program Files\Common Files\Vbox
2008-07-30 01:29 --------- d-----w C:\Program Files\BitComet
2008-07-30 01:29 --------- d-----w C:\Program Files\Avant Browser
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-29 00:23 --------- d-----w C:\Program Files\AdVantage
2008-07-27 13:32 --------- d-----w C:\Program Files\Golden Al-Wafi Translator
2008-07-26 14:30 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-26 12:52 --------- d-----w C:\Program Files\Kristanix
2008-07-24 10:32 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-22 10:34 --------- d-----w C:\Program Files\conduit
2008-07-19 14:53 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
2008-07-18 14:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-07-18 03:03 --------- d-----w C:\Program Files\Free Download Manager
2008-07-17 01:49 --------- d-----w C:\Program Files\Java
2008-07-11 22:30 --------- d-----w C:\Program Files\IObit
2008-07-09 23:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ooVoo Details
2008-07-09 22:17 --------- d-----w C:\Program Files\ooVoo
2008-07-08 22:27 --------- d-----w C:\Program Files\Google
2008-05-19 02:56 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051920080520\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CFi]
@="{2DBD5D71-CBB7-41D1-B170-511646B170BD}"
[HKEY_CLASSES_ROOT\CLSID\{2DBD5D71-CBB7-41D1-B170-511646B170BD}]
01/28/2007 03:50 PM 55296 --a------ C:\PROGRA~1\CFi\SHELLT~1\CFiShlJP.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"Muslims Prayer Time Reminder."="C:\Program Files\Ela-Salaty\Salaty.exe" [09/21/2007 04:49 AM 5353984]
"Google Update"="C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [09/06/2008 03:08 AM 133104]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [08/11/2008 08:31 AM 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [04/25/2008 06:21 PM 201992]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"= 0 (0x0)
"NoDispScrSavPage"= 0 (0x0)
"NoDispSettingsPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoRun"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{067B597C-C099-4A08-A180-E5FEC5DCF2DF}"= "C:\PROGRA~1\CFi\SHELLT~1\CFiShlEx.dll" [01/28/2007 03:53 PM 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
--a------ 06/17/2008 04:00 PM 1249280 C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 08/11/2008 08:31 AM 1124352 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"oovoo.exe"=C:\Program Files\ooVoo\oovoo.exe /minimized
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\IEPro\\MiniDM.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\ooVoo\\ooVoo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10178:TCP"= 10178:TCP:BitComet 10178 TCP
"10178:UDP"= 10178:UDP:BitComet 10178 UDP
"443:TCP"= 443:TCP:*
isabledoVoo TCP المنفذ 443
"443:UDP"= 443:UDP:*isabledoVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP:*isabledoVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP:*isabledoVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP:*isabledoVoo UDP المنفذ 37675
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [04/14/2008 03:12 AM 14336]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [03/25/2008 08:07 PM 24592]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [02/14/2006 11:02 AM 32768]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [06/27/2008 04:40 AM 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57dcc3c6-50f3-11dd-ba00-001617d256ab}]
\Shell\AutoRun\command - k6wkwon2.exe
\Shell\explore\Command - k6wkwon2.exe
\Shell\open\Command - k6wkwon2.exe
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.eg/
R1 -: HKCU-SearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*
O17 -: HKLM\CCS\Interface\{FF7E7939-067F-4515-A2C4-7EDCDD94D0A8}: NameServer = 163.121.128.134,163.121.128.135
.
.
------- File Associations (Beta) -------
.
txtfile=NOTEPAD %1
vbefile\shell\edit\command=C:\WINDOWS\Notepad.exe %1
vbsfile\shell\edit\command=C:\WINDOWS\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-09-08 04:53:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 09/08/2008 4:58:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-08 01:58:41
Pre-Run: 10,892,324,864 bytes free
Post-Run: 10,806,247,424 bytes free
204 --- E O F --- 2008-08-27 13:59:37
............................................................................................................
Zyzoom_HijackThis
..............................................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:01:44 ص, on 08/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {4064EA35-578D-4073-A834-C96D82CBCF40} - (no file)
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Muslims Prayer Time Reminder.] C:\Program Files\Ela-Salaty\Salaty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF7E7939-067F-4515-A2C4-7EDCDD94D0A8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 4935 bytes
....................................
ComboFix 08-09-05.05 - Administrator 09/08/2008 4:48:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.57 [GMT 3:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\kakle.dll
C:\WINDOWS\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2008-08-08 to 2008-09-08 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-08 01:51 97,436 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-08 01:51 232,028 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-08 01:51 17,244,448 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-08 01:51 1,027,872 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-08 00:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-06 15:02 --------- d-----w C:\Program Files\Color7 Video Studio
2008-09-05 02:47 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-09-05 02:45 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-04 14:53 --------- d---a-w C:\Documents and Settings\All Users\Application Data\temp
2008-08-25 01:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-08-25 01:24 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-25 01:24 --------- d-----w C:\Program Files\Common Files\Nokia
2008-08-25 01:23 --------- d-----w C:\Program Files\Nokia
2008-08-25 01:20 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-08-13 00:15 64,512 ---ha-w C:\Documents and Settings\Administrator\Application Data\dach100.dll
2008-08-09 23:29 --------- d-----w C:\Program Files\Ela-Salaty
2008-08-07 00:32 --------- d-----w C:\Program Files\RegistryFix7
2008-08-07 00:13 --------- d-----w C:\Program Files\RegistryFix6
2008-08-06 18:04 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-08-05 04:48 --------- d-----w C:\Program Files\DSL Speed
2008-08-03 01:08 --------- d-----w C:\Program Files\WaveL Pic2Pic Pro
2008-07-31 23:42 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-07-31 23:05 --------- d-----w C:\Program Files\Find Junk Files
2008-07-31 02:46 --------- d-----w C:\Program Files\mp3DirectCut
2008-07-31 01:27 --------- d--h--w C:\Program Files\Zero G Registry
2008-07-30 02:59 --------- d-----w C:\Program Files\AliveMedia
2008-07-30 02:07 --------- d-----w C:\Program Files\Dachshund Software
2008-07-30 01:29 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-30 01:29 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-30 01:29 --------- d-----w C:\Program Files\Pic2Ico
2008-07-30 01:29 --------- d-----w C:\Program Files\FreshDevices
2008-07-30 01:29 --------- d-----w C:\Program Files\Common Files\Vbox
2008-07-30 01:29 --------- d-----w C:\Program Files\BitComet
2008-07-30 01:29 --------- d-----w C:\Program Files\Avant Browser
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2008-07-30 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-07-29 00:23 --------- d-----w C:\Program Files\AdVantage
2008-07-27 13:32 --------- d-----w C:\Program Files\Golden Al-Wafi Translator
2008-07-26 14:30 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-26 12:52 --------- d-----w C:\Program Files\Kristanix
2008-07-24 10:32 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-07-22 10:34 --------- d-----w C:\Program Files\conduit
2008-07-19 14:53 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
2008-07-18 14:29 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Nokia
2008-07-18 03:03 --------- d-----w C:\Program Files\Free Download Manager
2008-07-17 01:49 --------- d-----w C:\Program Files\Java
2008-07-11 22:30 --------- d-----w C:\Program Files\IObit
2008-07-09 23:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\ooVoo Details
2008-07-09 22:17 --------- d-----w C:\Program Files\ooVoo
2008-07-08 22:27 --------- d-----w C:\Program Files\Google
2008-05-19 02:56 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008051920080520\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CFi]
@="{2DBD5D71-CBB7-41D1-B170-511646B170BD}"
[HKEY_CLASSES_ROOT\CLSID\{2DBD5D71-CBB7-41D1-B170-511646B170BD}]
01/28/2007 03:50 PM 55296 --a------ C:\PROGRA~1\CFi\SHELLT~1\CFiShlJP.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
"Muslims Prayer Time Reminder."="C:\Program Files\Ela-Salaty\Salaty.exe" [09/21/2007 04:49 AM 5353984]
"Google Update"="C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [09/06/2008 03:08 AM 133104]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [08/11/2008 08:31 AM 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [04/25/2008 06:21 PM 201992]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/14/2008 03:12 AM 15360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoDispAppearancePage"= 0 (0x0)
"NoDispScrSavPage"= 0 (0x0)
"NoDispSettingsPage"= 0 (0x0)
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoRun"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{067B597C-C099-4A08-A180-E5FEC5DCF2DF}"= "C:\PROGRA~1\CFi\SHELLT~1\CFiShlEx.dll" [01/28/2007 03:53 PM 43008]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.ac3filter"= ac3filter.acm
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
backup=C:\WINDOWS\pss\PalTalk.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
--a------ 06/17/2008 04:00 PM 1249280 C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 08/11/2008 08:31 AM 1124352 C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"oovoo.exe"=C:\Program Files\ooVoo\oovoo.exe /minimized
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe /autostart
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\IEPro\\MiniDM.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\ooVoo\\ooVoo.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10178:TCP"= 10178:TCP:BitComet 10178 TCP
"10178:UDP"= 10178:UDP:BitComet 10178 UDP
"443:TCP"= 443:TCP:*
isabledoVoo TCP المنفذ 443"443:UDP"= 443:UDP:*
isabledoVoo UDP المنفذ 443"37674:TCP"= 37674:TCP:*
isabledoVoo TCP المنفذ 37674"37674:UDP"= 37674:UDP:*
isabledoVoo UDP المنفذ 37674"37675:UDP"= 37675:UDP:*
isabledoVoo UDP المنفذ 37675R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [01/29/2008 06:29 PM 32784]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [04/14/2008 03:12 AM 14336]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [03/13/2008 07:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [03/25/2008 08:07 PM 24592]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [02/14/2006 11:02 AM 32768]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [06/27/2008 04:40 AM 355584]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{57dcc3c6-50f3-11dd-ba00-001617d256ab}]
\Shell\AutoRun\command - k6wkwon2.exe
\Shell\explore\Command - k6wkwon2.exe
\Shell\open\Command - k6wkwon2.exe
.
s of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.eg/
R1 -: HKCU-SearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O17 -: HKLM\CCS\Interface\{FF7E7939-067F-4515-A2C4-7EDCDD94D0A8}: NameServer = 163.121.128.134,163.121.128.135
.
.
------- File Associations (Beta) -------
.
txtfile=NOTEPAD %1
vbefile\shell\edit\command=C:\WINDOWS\Notepad.exe %1
vbsfile\shell\edit\command=C:\WINDOWS\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2008-09-08 04:53:14
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Completion time: 09/08/2008 4:58:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-08 01:58:41
Pre-Run: 10,892,324,864 bytes free
Post-Run: 10,806,247,424 bytes free
204 --- E O F --- 2008-08-27 13:59:37
............................................................................................................
Zyzoom_HijackThis
..............................................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:01:44 ص, on 08/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {4064EA35-578D-4073-A834-C96D82CBCF40} - (no file)
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Muslims Prayer Time Reminder.] C:\Program Files\Ela-Salaty\Salaty.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash ) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF7E7939-067F-4515-A2C4-7EDCDD94D0A8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 4935 bytes
توقيع : asem
تأييد
0
AbOdy
عضو شرف
- إنضم
- 17 سبتمبر 2007
- المشاركات
- 6,865
- مستوى التفاعل
- 91
- النقاط
- 840
غير متصل
بالنسبة للتقرير الثاني
حدد القيم واحذفها
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {4064EA35-578D-4073-A834-C96D82CBCF40} - (no file)
حدد القيم واحذفها
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {4064EA35-578D-4073-A834-C96D82CBCF40} - (no file)
طريقة الحذف
بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود
ثم نزل هذه الاداة واتبع الشرح التالي
التوافق : ويندوز اكسبيفقط
شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
بعد ما تخلص من عمل المطلوب
اعمل التالي
طبق الشرح
ادخل على خيارات الأنترنت وتابع الصورة
وخلها تكمل للأخر
وبس تخلص ادخل على الأنترنت وسوي الأعدادات وحط حفظ
واخبرنا بالنتيحه .. لاهنت يا الذيب ؟؟؟
ثم نزل هذه الاداة واتبع الشرح التالي
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
التوافق : ويندوز اكسبيفقط
شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )
وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))
بعد ما تخلص من عمل المطلوب
اعمل التالي
طبق الشرح
ادخل على خيارات الأنترنت وتابع الصورة
وخلها تكمل للأخر
وبس تخلص ادخل على الأنترنت وسوي الأعدادات وحط حفظ
واخبرنا بالنتيحه .. لاهنت يا الذيب ؟؟؟
توقيع : AbOdy
تأييد
0
غير متصل
انت طبقت الاعدادات وخلصت منها
وبدأت التصفح بالمواقع ؟
او تلغي الاعدادات عند طلبها ؟
وبدأت التصفح بالمواقع ؟
او تلغي الاعدادات عند طلبها ؟
توقيع : Juve Guard
تأييد
0
Demo-dash
داعم للمنتدى،(خبراء زيزووم )
داعــــم للمنتـــــدى
★★ نجم المنتدى ★★
كبار الشخصيات
فريق دعم البرامج العامة
غير متصل
عن اذنكم ياشباب
اخي حمل هذا الريجستري وشغله
سوف تطلع لك رساله بالإضافه اضغط نعم
وافتح الإكسبلورر وشوف
اخي حمل هذا الريجستري وشغله
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
سوف تطلع لك رساله بالإضافه اضغط نعم
وافتح الإكسبلورر وشوف
توقيع : Demo-dash
تأييد
0