تم حل المشكلة الجهاز تنبثق منه نوافذ لا اعرف من اي اتت عند تشغيل الموزيلا ..وبطيئ

[رفـيـق الـعـمـر]

السلام عليكم ورحمه الله ...
لدي مشاكل كثيره في الجهاز منها ان الجهاز بطي جدا + انبثاق نوافذ عند تشغيل الموزيلا فلا استطيع التصفح عن طريقه ... ويرفض التنضيف باداه SmitfraudFix
يقف الجهاز وتختفي الشاشه تضهر فقط الخلفيه لسطح المكتب انتضرت لمده 4 ساعات لا فائده اعدت تشغيل الجهاز
ارجا مساعدتي ...
مرفق في الرد تقرير الهاجيك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:40, on 30/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Re-Markable Corp\Re-Markable_wd.exe
C:\Users\As-honey\AppData\Local\Smartbar\Application\Smartbar.exe
C:\Users\As-honey\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\As-honey\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\As-honey\AppData\Local\LPT\srptm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

,,
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:/Users/As-honey/AppData/Local/LPT/Proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Shopping Helper SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\As-honey\AppData\Local\Smartbar\Application\Smartbar.exe startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = As-honey\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Unify3DWebPlayerUpdate.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{55A51BD9-EF59-40C9-B7BC-1AFACDA9D2F0}: NameServer = 118.148.1.10 118.148.1.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A11EFC3-AF7D-4FD8-8121-8C9B93BD9185}: NameServer = 118.148.1.10 118.148.1.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{DAB35612-B3B3-44D9-B206-757927F26967}: NameServer = 118.148.1.10 118.148.1.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{55A51BD9-EF59-40C9-B7BC-1AFACDA9D2F0}: NameServer = 118.148.1.10 118.148.1.20
O17 - HKLM\System\CS2\Services\Tcpip\..\{55A51BD9-EF59-40C9-B7BC-1AFACDA9D2F0}: NameServer = 118.148.1.10 118.148.1.20
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 2degrees Mobile Broadband. OUC (2degrees Mobile Broadband. RunOuc) - Unknown owner - C:\Program Files (x86)\2degrees Mobile Broadband\UpdateDog\ouc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LPT System Updater Service (LPTSystemUpdater) - Unknown owner - C:\Program Files (x86)\LPT\srpts.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16756 bytes


_____

 

[رفـيـق الـعـمـر]

الصوره هي النافذه المنبثقه عند تشغيل الفاير فوكس كل مره

 

[Mr.AzOz]

حياك اخي ..

اعمل التالي بالترتيب ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ولاتنسى تلصق التقارير هناا ..

 

[رفـيـق الـعـمـر]

دقايق وارجع لك بعد بعد ما انفذ كل المطلوب ... رعاكم الله

 

[رفـيـق الـعـمـر]

تقرير RKILL


Rkill 2.6.8 by Lawrence Abrams (Grinler)

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Program started at: 11/30/2014 11:12:26 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\OnlineUpdate\ouc.exe (PID: 2160) [AU-HEUR]
* C:\Users\As-honey\AppData\Local\Unify3D\WebPlayer\Unify3DWebPlayerUpdate.exe (PID: 2716) [UP-HEUR]
* C:\ProgramData\DatacardService\HWDeviceService64.exe (PID: 3020) [AU-HEUR]
* C:\ProgramData\DatacardService\DCSHelper.exe (PID: 2148) [AU-HEUR]

4 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/30/2014 11:17:42 PM
Execution time: 0 hours(s), 5 minute(s), and 15 seconds(s)



اداه الفحص السحابي الصور لا توجد .. او كان الروابط انتهت ..
بقى لك تقريرين باذن الله ..

 

[رفـيـق الـعـمـر]

اداه الفحص السحابي برفعتها لكبر الحجم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[رفـيـق الـعـمـر]

تقرير المالوير بايت /:
Malwarebytes Anti-Malware

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Scan Date: 01/12/2014
Scan Time: 01:26:35
Logfile: malwarebytes.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.30.04
Rootkit Database: v2014.11.29.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: As-honey
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335563
Time Elapsed: 18 min, 15 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)

(end)

 

[White Man]

اخى تبقى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[رفـيـق الـعـمـر]

# AdwCleaner v4.103 - Report created 02/12/2014 at 02:26:51
# Updated 01/12/2014 by Xplode
# Database : 2014-12-01.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : As-honey - AS-HONEY-TOSH
# Running from : C:\Users\As-honey\Downloads\adwcleaner_4.103.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Amazon\ABB
Folder Deleted : C:\Users\As-honey\AppData\Local\CrashRpt
Folder Deleted : C:\Users\As-honey\AppData\Roaming\FastMediaConverter
[!] Folder Deleted : C:\Users\As-honey\AppData\Roaming\Mozilla\Firefox\Profiles\ihu7v2ww.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[!] Folder Deleted : C:\Users\As-honey\AppData\Roaming\Mozilla\Firefox\Profiles\ihu7v2ww.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
Folder Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
File Deleted : C:\Users\As-honey\AppData\Roaming\Mozilla\Firefox\Profiles\ihu7v2ww.default\Extensions\OneClickDownload@OneClickDownload.com.xpi
File Deleted : C:\Windows\SysWOW64\p5PSSavr.scr
File Deleted : C:\Users\As-honey\daemonprocess.txt
File Deleted : C:\Users\As-honey\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage
File Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

File Deleted : C:\Users\As-honey\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

***** [ Scheduled Tasks ] *****
Task Deleted : Re-Markable_wd
***** [ Shortcuts ] *****

***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{36ee80e3-92ec-4efb-b105-85435187eb87}]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2722653
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\AppDataLow\Software\PopularScreensavers
Key Deleted : HKLM\SOFTWARE\OpenCandy NSIS SDK
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC6E9B2A-A7E6-4B17-8A6C-29D519673E12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420

-\\ Mozilla Firefox v
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.AMAZONNEW_NS_PH.thirdpartyid", "v1_abb-channel-12_2b634edcaede4d54b35bfc676654645e_39_1006_20131228_OM_ff_tb_softonic-new");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", false);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageCounter", 0);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageDay", 4);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1404247042885");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.barcodeid", "129845");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "nz");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "ob_[[pubid]]_ch");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\".search.yahoo.com\\\\\\/yhs\\\\\\/search?hspart=lkry\\\",\\\"

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[...]
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "true");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "1d503944-0ba7-04c4-63f6-1486ad27ed1f");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "29/03/2014");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1404419842");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1406700776793");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "shoppinghelper");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1388236091357");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._7iMembers_.lastActivePing", "1387886505122");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[ihu7v2ww.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
-\\ Google Chrome v39.0.2171.71

*************************
AdwCleaner[R0].txt - [7862 octets] - [02/12/2014 01:54:38]
AdwCleaner[S0].txt - [7964 octets] - [02/12/2014 02:26:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8024 octets] ##########

 

[Mr.AzOz]

تمام اخي ..

الان اعمل التالي ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم اعد تشغيل الجهاز وبلغنا اخر النتائج !

 

[sa sa 2012]

تم تحرير المشاركه ..

يرجى مراجعة قوانين المنتدى ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

17- يمنع منعا باتا المشاركة بحل المشاكل بالقسم لمن تقل مشاركاته عن 300 مشاركة

​

 

[رفـيـق الـعـمـر]

لم اجد الشرح لتصفير الملفات ,,

 

[Mr.AzOz]

لم اجد الشرح لتصفير الملفات ,,

* تصفير المتصفحات *
تم تجديد الشرح اختي ..
بإمكاننك المحاوله الان !

 

[Mr.AzOz]

عفواً اخي يبدو ان فيه خطاً مطبعي
ادخل من هنا وراح تجده ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[رفـيـق الـعـمـر]

باذن الله يجيكم الرد .. حماكم الله ...
قد امتحسحت ملفات وورد وبي دي اف مهمه عندي جدا :حزين:

 

[رفـيـق الـعـمـر]

تم عمل التصفير ما عدا الفايرفوكس لم استطع بسبب ان الفايرفوكس اول ما يشتغل تضهر الصوره الي باول الموضوع ,..,
لازالت المشكله قائمه ..

 

[Mr.AzOz]

أخي اعد فحص المالوير بايت ..
وركز بالشرح , لأن الفحص اللي عامله انت " Threat Scan " !

 

[رفـيـق الـعـمـر]

أخي اعد فحص المالوير بايت ..
وركز بالشرح , لأن الفحص اللي عامله انت " Threat Scan " !

سمعا وطاعه اخي

 

[رفـيـق الـعـمـر]

اعتذر الجهاز عمل ريستارت من نفسه اضطريت ادخل لل بروجرام داتا واطلع اللوجو فايل للبرنامج

<?xml version="1.0" encoding="UTF-16"?>
@namespace html url(

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

:root { font:small Verdana; font-weight: bold; padding: 2em; padding-left:4em; } * { display: block; padding-left: 2em; } html|style { display: none; } html|span, html|a { display: inline; padding: 0; font-weight: normal; text-decoration: none; } html|span.block { display: block; } *[html|hidden], span.block[html|hidden] { display: none; } .expand { display: block; } .expand:before { content: '+'; color: red; position: absolute; left: -1em; } .collapse { display: block; } .collapse:before { content: '-'; color: red; position: absolute; left:-1em; }

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

<path>C:\Users\As-honey\AppData\Roaming\ARHome\qhnsjt.dat</path><vendor>PUP.Optional.ARHome.A</vendor><action>success</action><hash>3b467ae9017b0234e03281be3bc820e0</hash></file></items></mbam-log>
____________
وهذا اخر
<?xml version="1.0" encoding="UTF-16"?>
@namespace html url(

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

:root { font:small Verdana; font-weight: bold; padding: 2em; padding-left:4em; } * { display: block; padding-left: 2em; } html|style { display: none; } html|span, html|a { display: inline; padding: 0; font-weight: normal; text-decoration: none; } html|span.block { display: block; } *[html|hidden], span.block[html|hidden] { display: none; } .expand { display: block; } .expand:before { content: '+'; color: red; position: absolute; left: -1em; } .collapse { display: block; } .collapse:before { content: '-'; color: red; position: absolute; left:-1em; }

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

<path>C:\Users\As-honey\AppData\Roaming\Mozilla\Firefox\Profiles\ihu7v2ww.default\prefs.js</path><vendor>PUP.Optional.ArabyOnline.A</vendor><action>replaced</action><baddata>user_pref("browser.startup.homepage", "

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

");</baddata><gooddata/><hash>77a664ff7c0095a1ed1a4c5e9a6b30d0</hash></file></items></mbam-log>

 

[Mr.AzOz]

مو هذا التقرير , لكن مافيه مشكله ..

الان اعمل التالي ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم الصق التقرير هناا ..

ثم اعمل الفحص هذا لتأكد ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي