تجمد الشاشة

راية الحق

راية الحق

زيزوومى مميز
إنضم
25 سبتمبر 2007
المشاركات
664
مستوى التفاعل
13
النقاط
530
الإقامة
Kuwait
غير متصل
السلام عليكم ورحمة الله وبركاته

ان شاء الله تكونون بخير

اعاني من تجمد في الشاشة بدون سابق انذار

ولا استطيع التخلص من التجمد الا اذا قمت بالضغط على زر Turn off للجهاز !!


ارجوا تحليل المشكلة حتى اضع حد لإمكانية تكرارها في المرات المقبلة



هذا تقرير الهايجك


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:08:53 م, on 06/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\33.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\JetAudio\jetAudio.exe
C:\WINDOWS\system32\sndvol32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ooVoo\ooVoo.exe
C:\Documents and Settings\ADMIN\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: TBSB00939 - {52E17EE0-7BF3-43B4-954C-DCEEF4A4C724} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [II R ll] C:\33.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
O9 - Extra 'Tools' menuitem: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {DD18AE59-EA36-461E-ADD2-5CD79FD22833} (Abdullah ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 7919 bytes

 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وقف جميع برامج الحمايه

حمل الاداه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes


اثناء الفحص ممكن يعاد تشغيل الجهاز


وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى

ثم اعمل تقرير هاك من جديد
 
تأييد 0
تقرير الكومبو فكس




ComboFix 09-06-05.07 - ADMIN 06/06/2009 13:23.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.965.1033.18.502.194 [GMT 3:00]
Running from: c:\documents and settings\ADMIN\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
AV: G DATA AntiVirus 2008 *On-access scanning enabled* (Outdated) {71310606-6F3B-49F2-9A81-8315AA75FBB3}
FW: Avira Firewall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\1.exe
C:\33.exe
c:\program files\IEToolbar
c:\program files\IEToolbar\شريط أدوات الدرر السنية\شعار الدرر السنية copy.bmp
c:\program files\IEToolbar\شريط أدوات الدرر السنية\abc.bmp
c:\program files\IEToolbar\شريط أدوات الدرر السنية\basis.xml
c:\program files\IEToolbar\شريط أدوات الدرر السنية\favicon.ico
c:\program files\IEToolbar\شريط أدوات الدرر السنية\icons.bmp
c:\program files\IEToolbar\شريط أدوات الدرر السنية\Icons_dorar.gif
c:\program files\IEToolbar\شريط أدوات الدرر السنية\Icons_srch.gif
c:\program files\IEToolbar\شريط أدوات الدرر السنية\ijl15.dll
c:\program files\IEToolbar\شريط أدوات الدرر السنية\info.txt
c:\program files\IEToolbar\شريط أدوات الدرر السنية\logo.bmp
c:\program files\IEToolbar\شريط أدوات الدرر السنية\ltr.crc
c:\program files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
c:\program files\IEToolbar\شريط أدوات الدرر السنية\s.bmp
c:\program files\IEToolbar\شريط أدوات الدرر السنية\Shortcuts.cnf
c:\program files\IEToolbar\شريط أدوات الدرر السنية\tbhelper.dll
c:\program files\IEToolbar\شريط أدوات الدرر السنية\tell_a_friend.dll
c:\program files\IEToolbar\شريط أدوات الدرر السنية\Thumbs.db
c:\program files\IEToolbar\شريط أدوات الدرر السنية\uninstall.exe
c:\program files\IEToolbar\شريط أدوات الدرر السنية\version.txt
c:\program files\IEToolbar\شريط أدوات الدرر السنية\websave_plugin.dll
c:\program files\IEToolbar\شريط أدوات الدرر السنية\your_logo.png
c:\windows\system32\igfxCoIn_v4820.dll
c:\windows\system32\igldev32.dll
c:\windows\system32\iglicd32.dll
c:\windows\system32\mfc45.dll
c:\windows\system32\prsgrc.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\yqbd70j.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF

((((((((((((((((((((((((( Files Created from 2009-05-06 to 2009-06-06 )))))))))))))))))))))))))))))))
.
2009-06-05 20:44 . 2009-06-05 20:44 518 ----a-w- c:\documents and settings\ADMIN\Application Data\iolo\Registry\Last\restore.bat
2009-06-05 15:03 . 2009-06-05 13:03 2236695 ----a-w- C:\ttt.exe
2009-06-04 14:18 . 2009-06-04 14:18 1519 ----a-w- c:\documents and settings\ADMIN\Application Data\iolo\restore.bat
2009-06-04 14:02 . 2009-06-04 14:02 -------- d-----w- c:\documents and settings\LocalService\Application Data\iolo
2009-06-04 14:02 . 2009-05-29 12:54 940896 ----a-w- c:\windows\system32\Incinerator.dll
2009-06-04 14:02 . 2008-04-17 07:45 9341 ----a-w- c:\windows\system32\drivers\filedisk.sys
2009-06-04 14:02 . 2009-02-17 08:31 28672 ----a-w- c:\windows\system32\iolobtdfg.exe
2009-06-04 14:02 . 2009-02-17 08:26 8192 ----a-w- c:\windows\system32\smrgdf.exe
2009-06-04 14:02 . 2009-06-04 14:02 -------- d-----w- c:\program files\iolo
2009-06-04 13:58 . 2009-06-04 14:18 -------- d-----w- c:\documents and settings\ADMIN\Application Data\iolo
2009-06-04 13:58 . 2009-06-04 14:08 -------- d-----w- c:\documents and settings\All Users\Application Data\iolo
2009-06-04 13:32 . 2009-06-04 13:32 -------- d-----w- c:\program files\Broadcom
2009-06-04 13:28 . 2009-06-04 13:28 4758792 ----a-w- c:\documents and settings\ADMIN\Application Data\Uniblue\DriverScanner\Download\pci_ven_14e4_dev_170c_subsys_01af10284_60_0_0.EXE
2009-06-04 13:15 . 2006-12-01 23:26 57856 -c--a-w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\Windows\winsxs\7z1v718o.6n8\mfcm80u.dll
2009-06-02 16:02 . 2008-04-13 21:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-06-02 16:02 . 2008-04-13 21:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-06-02 16:02 . 2008-04-13 21:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-06-02 16:02 . 2008-04-13 21:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-06-02 16:02 . 2008-04-13 21:16 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-06-02 16:02 . 2008-04-13 21:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-06-02 16:01 . 2008-04-13 21:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-06-02 16:01 . 2008-04-13 21:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-06-02 16:01 . 2008-04-13 21:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-06-02 16:01 . 2008-04-13 21:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-06-02 16:01 . 2008-04-13 21:16 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-06-02 16:01 . 2008-04-13 21:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-06-02 16:01 . 2008-04-13 21:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-06-02 16:01 . 2008-04-13 21:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-06-02 16:01 . 2008-04-14 02:42 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-06-02 16:01 . 2008-04-14 02:42 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-06-02 16:00 . 2009-06-03 20:02 -------- d-----w- c:\program files\SplitCam
2009-05-28 06:02 . 2009-05-28 06:02 -------- d-sh--w- c:\documents and settings\ADMIN\IECompatCache
2009-05-28 06:01 . 2009-05-28 06:01 -------- d-sh--w- c:\documents and settings\ADMIN\PrivacIE
2009-05-28 05:58 . 2009-05-28 05:58 -------- d-sh--w- c:\documents and settings\ADMIN\IETldCache
2009-05-28 05:57 . 2009-05-28 05:57 -------- d-----w- c:\windows\ie8updates
2009-05-28 05:56 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-05-28 05:54 . 2009-05-28 05:56 -------- dc-h--w- c:\windows\ie8
2009-05-27 05:59 . 2009-05-27 05:59 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-05-26 05:13 . 2009-05-26 05:13 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-05-22 12:41 . 2009-05-22 12:43 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Screaming Bee
2009-05-22 12:40 . 2009-05-22 12:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Screaming Bee
2009-05-22 12:34 . 2009-05-22 12:53 -------- d-----w- c:\program files\Screaming Bee
2009-05-21 10:10 . 2009-05-21 12:13 -------- d-----w- c:\documents and settings\ADMIN\Application Data\BSplayer
2009-05-21 07:04 . 2009-05-21 10:10 -------- d-----w- c:\documents and settings\ADMIN\Application Data\BSplayer PRO
2009-05-21 07:04 . 2009-05-21 10:10 -------- d-----w- c:\program files\Webteh
2009-05-18 11:36 . 2009-05-18 11:36 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Shape games
2009-05-18 08:52 . 2009-05-18 08:52 249856 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\components\pfMultiplayer.dll
2009-05-18 08:51 . 2009-05-20 08:40 466944 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\pfHarness\pfHarness.dll
2009-05-18 08:50 . 2009-05-22 14:54 -------- d-----w- c:\documents and settings\ADMIN\Application Data\PlayFirst
2009-05-18 08:37 . 2009-05-24 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2009-05-18 08:37 . 2009-04-14 14:58 139264 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\PlayFirst.EXE
2009-05-18 08:08 . 2009-05-18 08:08 -------- d-----w- c:\program files\ooVoo
2009-05-17 08:21 . 2009-05-17 08:21 32256 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\paltalk\10000001400002i\notepad.exe
2009-05-17 08:02 . 2009-05-17 08:02 32256 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\paltalk\400000b3500002i\paltalk.exe
2009-05-07 23:54 . 2009-05-07 23:54 -------- d-----w- c:\documents and settings\ADMIN\Application Data\VitySoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 16:31 . 2008-12-23 22:19 -------- d-----w- c:\documents and settings\ADMIN\Application Data\cleaner
2009-06-04 13:22 . 2009-06-04 13:19 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner
2009-06-04 13:19 . 2009-06-04 13:16 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-06-04 13:19 . 2009-06-04 13:19 -------- d-----w- c:\program files\Uniblue
2009-06-04 13:19 . 2009-06-04 13:19 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Uniblue
2009-06-03 20:03 . 2008-12-16 05:57 -------- d-----w- c:\program files\Error Repair Professional
2009-06-03 20:00 . 2008-12-13 18:48 -------- d-----w- c:\program files\Google
2009-06-02 16:06 . 2008-12-13 18:05 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Paltalk
2009-06-02 16:00 . 2009-04-18 13:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-30 11:27 . 2008-12-14 03:42 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-30 11:27 . 2008-12-14 03:40 -------- d-----w- c:\program files\MSN Messenger
2009-05-27 12:31 . 2008-12-13 19:24 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Skype
2009-05-27 11:25 . 2008-12-13 22:03 -------- d-----w- c:\documents and settings\ADMIN\Application Data\skypePM
2009-05-22 14:15 . 2008-12-29 00:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-22 12:24 . 2008-12-13 15:05 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Creative
2009-05-18 08:39 . 2009-05-01 00:05 -------- d-----w- c:\program files\Paltalk Messenger
2009-05-17 07:56 . 2009-02-06 05:02 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Thinstall
2009-05-06 07:04 . 2009-05-06 07:04 -------- d-----w- c:\documents and settings\ADMIN\Application Data\ESET
2009-05-06 07:02 . 2008-12-13 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-04-30 23:18 . 2008-12-13 11:38 257552 ----a-w- c:\documents and settings\ADMIN\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-30 23:15 . 2009-04-30 23:15 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Avira
2009-04-29 02:06 . 2009-04-29 02:06 -------- d-----w- c:\program files\Common Files\Bcgsoft
2009-04-29 02:05 . 2009-04-29 02:05 -------- d-----w- c:\program files\PearlMountain Soft
2009-04-27 21:01 . 2009-04-27 21:01 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Acoustica
2009-04-27 20:29 . 2009-04-27 20:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Acoustica
2009-04-27 10:47 . 2009-04-19 02:25 97480 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-04-27 10:47 . 2009-04-19 02:25 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-04-27 10:47 . 2009-04-19 02:25 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-04-27 01:48 . 2009-02-06 22:42 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Apple Computer
2009-04-24 07:12 . 2009-04-24 07:12 30720 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\Paltalk Crack 271\10000001400002i\notepad.exe
2009-04-20 23:48 . 2009-04-20 23:48 30720 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\Paltalk Crack 271\10000004900002i\winhlp32.exe
2009-04-19 03:23 . 2008-12-14 03:44 -------- d-----w- c:\program files\Circle Developement
2009-04-19 02:37 . 2009-04-19 02:25 69632 ----a-w- c:\windows\system32\drivers\avfwim.sys
2009-04-19 02:25 . 2009-04-19 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-04-19 02:25 . 2009-04-19 02:25 -------- d-----w- c:\program files\Avira
2009-04-18 22:54 . 2009-04-18 22:54 -------- d-----w- c:\program files\CodeStuff
2009-04-18 22:02 . 2009-03-11 09:38 -------- d-----w- c:\documents and settings\All Users\Application Data\G DATA
2009-04-18 13:32 . 2009-04-18 13:32 766 ----a-r- c:\documents and settings\ADMIN\Application Data\Microsoft\Installer\{E89B484C-B913-49A0-959B-89E836001658}\ARPPRODUCTICON.exe
2009-04-18 12:23 . 2009-04-18 12:23 30720 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\Paltalk Crack 271\4000009c00002i\IEXPLORE.EXE
2009-04-17 17:13 . 2009-04-17 17:03 -------- d-----w- c:\program files\Your Uninstaller 2008
2009-04-17 17:08 . 2008-12-13 19:35 -------- d-----w- c:\program files\FlashGet
2009-04-17 16:14 . 2009-04-17 16:14 -------- d-----w- c:\documents and settings\ADMIN\Application Data\URSoft
2009-04-17 01:28 . 2009-04-17 01:28 -------- d-----w- c:\program files\MSBuild
2009-04-17 01:28 . 2009-04-17 01:28 -------- d-----w- c:\program files\Reference Assemblies
2009-04-16 23:41 . 2009-04-16 23:41 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-04-14 22:43 . 2009-04-14 22:43 30720 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\Paltalk Crack 271\4000001c00002i\hpswp_clipbook.exe
2009-04-12 23:01 . 2009-04-12 23:01 -------- d-----w- c:\documents and settings\ADMIN\Application Data\Nitro PDF
2009-04-12 22:57 . 2009-04-12 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Nitro PDF
2009-04-11 22:36 . 2009-04-11 22:36 1024 ----a-w- c:\windows\system32\pi68mb7.dll
2009-04-11 22:36 . 2009-04-11 22:36 1024 ----a-w- c:\windows\system32\grcauth2.dll
2009-04-11 22:36 . 2009-04-11 22:36 1024 ----a-w- c:\windows\system32\grcauth1.dll
2009-04-11 22:36 . 2009-04-11 22:36 1024 ----a-w- c:\windows\system32\clauth2.dll
2009-04-11 22:36 . 2009-04-11 22:36 1024 ----a-w- c:\windows\system32\clauth1.dll
2009-04-11 22:36 . 2009-04-11 22:35 -------- d-----w- c:\program files\Vertus Fluid Mask 3
2009-04-11 22:35 . 2009-04-11 22:35 -------- d-----w- c:\documents and settings\All Users\Application Data\VertusTech
2009-03-27 11:23 . 2009-03-27 11:23 23064 ----a-w- c:\windows\system32\drivers\ScreamingBAudio.sys
2009-03-24 15:33 . 2009-03-24 15:33 237264 ----a-w- c:\documents and settings\ADMIN\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-03-23 06:13 . 2009-03-23 06:13 30720 ----a-w- c:\documents and settings\ADMIN\Application Data\Thinstall\Paltalk Crack 271\1000000600002i\svchost.exe
2009-03-21 14:06 . 2008-04-14 01:41 56880 ----a-w- c:\windows\system32\scvideo.dll
2009-03-11 09:39 . 2009-03-11 09:39 32072 ----a-w- c:\windows\system32\drivers\HookCentre.sys
.
------- Sigcheck -------
[-] 2004-08-04 04:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\SoftwareDistribution\Download\7684fcdc5c1747eb53ef3c2d202add11\backup\sfcfiles.dll
[-] 2004-08-04 04:56 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\SoftwareDistribution\Download\8129b778ea6ca8125bb950bab610db01\backup\sfcfiles.dll
[-] 2008-06-10 13:12 1614848 362BC5AF8EAF712832C58CC13AE05750 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-04-19 209153]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk]
backup=c:\windows\pss\PalTalk.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=
"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=
"c:\\Program Files\\ExtraTools\\ExtraDNS\\ExtraDNS.dll"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Documents and Settings\\ADMIN\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\ADMIN\\Application Data\\Thinstall\\Paltalk Crack 271\\400000b3500002i\\paltalk.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Documents and Settings\\ADMIN\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\ADMIN\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:UDP"= 443:UDP:ooVoo UDP المنفذ 443
"37674:TCP"= 37674:TCP:ooVoo TCP المنفذ 37674
"37674:UDP"= 37674:UDP:ooVoo UDP المنفذ 37674
"37675:UDP"= 37675:UDP:ooVoo UDP المنفذ 37675
"443:TCP"= 443:TCP:ooVoo TCP المنفذ 443
R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [19/04/2009 05:25 ص 97480]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [19/04/2009 05:25 ص 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [19/04/2009 05:25 ص 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [19/04/2009 05:25 ص 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [19/04/2009 05:25 ص 432897]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [04/06/2009 05:02 م 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [04/06/2009 05:02 م 600944]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [19/04/2009 05:25 ص 69632]
R3 sbusb;Sound Blaster USB Audio Driver;c:\windows\system32\drivers\sbusb.sys [13/12/2008 09:31 م 1643648]
S3 GDMnIcpt;GDMnIcpt;\??\c:\windows\system32\drivers\MiniIcpt.sys --> c:\windows\system32\drivers\MiniIcpt.sys [?]
S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [11/03/2009 12:39 م 32072]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [15/12/2008 09:10 ص 195752]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [27/03/2009 02:23 م 23064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{367AEFAD-616C-3722-2E44-C4BA86676749}]
C:\33.exe
.
Contents of the 'Scheduled Tasks' folder
2009-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-879983540-839522115-1003.job
- c:\documents and settings\ADMIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-13 19:25]
2009-06-06 c:\windows\Tasks\User_Feed_Synchronization-{202412C3-5ABC-49A8-A115-D9F661A5E88A}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
.
- - - - ORPHANS REMOVED - - - -
BHO-{52E17EE0-7BF3-43B4-954C-DCEEF4A4C724} - c:\program files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
HKLM-Run-II R ll - C:\33.exe
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - c:\program files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

DPF: {DD18AE59-EA36-461E-ADD2-5CD79FD22833} - hxxp://nbk.net/quran.cab
DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} - hxxp://p.playfirst.com/play/game/chocolatier-decadence-design/Chocolatier3Web.1.0.0.6.cab
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-06 13:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
II R ll = C:\33.exe?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(1632)
c:\program files\Avira\AntiVir Desktop\avsda.dll
- - - - - - - > 'explorer.exe'(2148)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
.
**************************************************************************
.
Completion time: 2009-06-06 13:32 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-06 10:32
Pre-Run: 66,875,654,144 bytes free
Post-Run: 66,822,750,208 bytes free
316 --- E O F --- 2009-05-28 05:57







تقرير الهايجك



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:35:03 م, on 06/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\ADMIN\Desktop\Zyzoom_HijackThis(2).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O9 - Extra 'Tools' menuitem: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {DD18AE59-EA36-461E-ADD2-5CD79FD22833} (Abdullah ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 7439 bytes
 
تأييد 0
على فكرة بعد تشغيل الكومبو فكس

ظهرت لي نجمة المايكروسوفت تفيد ان الوندوز غير اصلي

احتاج الى كراك لتحويله الى وندوز اصلي بعد حل المشكلة الاساسية
 
تأييد 0
وقف برنامج الحمايه عن العمل في اثناء استخدام هذي الاداه

شوف ياغالي ,,, حمل هذه الاداة ,,
واتبع الشرح التالي ,, لتنظيف جهازك من هذه الدعايات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,

رابط تحميل آخر تحديث للاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



شرح الاستخدام ,,,,,,
قم بتشغيل الملف SmitfraudFix.exe ,, وتابع الشرح كماا بهذه الصور

000.png





001.png





002.png





003.png





004.png





005.png




ثم تقرير جدد هاك
 
تأييد 0
الأداة ماتشتغل عندي وهذي الرسالة رغم اني ماعرف الفرنسية الا اني فهمت ان في خطأ



i15912_.png
 
تأييد 0
عطلت برنامج الحمايه قبل تحميله من الرابط وقبل تشغيله :)

لعل برنامج الحمايه لديك منعه من التشغيل

اعد تحميله مره اخره مع توقف برنامج الحمايه لديك
 
تأييد 0
حملته من موضوع ثاني لأن الحماية عندي مغلق وماوجدت فايده مع هذا الاصدار فأخذت اصدار ثاني

تفضل

SmitFraudFix v2.419
Scan done at 14:21:39.34, Sat 06/06/2009
Run from C:\Documents and Settings\ADMIN\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{923C7185-3E77-4D76-9E37-A18BFE49C166}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{923C7185-3E77-4D76-9E37-A18BFE49C166}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{923C7185-3E77-4D76-9E37-A18BFE49C166}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK.2

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End
 
تأييد 0
زاد فضلك

تقرير هاك جديد يالحبيب
 
تأييد 0
آسـفة نسيت تقرير الهايجاك مساع


تفضـل


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:31:51, on 06/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\ADMIN\Desktop\FSCapture.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\ADMIN\Desktop\Zyzoom_HijackThis(2).exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O9 - Extra 'Tools' menuitem: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {DD18AE59-EA36-461E-ADD2-5CD79FD22833} (Abdullah ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 6869 bytes
 
تأييد 0
تأييد 0
حذف القيم التاليه

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local


O3 - Toolbar: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدر&#1585



O9 - Extra button: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)



O9 - Extra 'Tools' menuitem: شريط أدوات الدرر السنية - {89E551A3-C402-4F52-AD12-FD6D3BC69CC2} - C:\Program Files\IEToolbar\شريط أدوات الدرر السنية\ltr.dll (file missing)


O16 - DPF: {DD18AE59-EA36-461E-ADD2-5CD79FD22833} (Abdullah ActiveX Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




O16 - DPF: {FCB28D51-A017-46B2-9FB3-F7BFD53B2E42} (CPlayFirstChocolatieControl Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
. 0.0.6.cab




طريقة الحذف


mg%20%283%29.png





mg%20%284%29.png


 
التعديل الأخير بواسطة المشرف:
تأييد 0
التوجه الى اضافة وازالة البرامج التولبار
 
تأييد 0
تأييد 0
تأييد 0
تفضل أخوي rd-19



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:52:30, on 06/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Documents and Settings\ADMIN\Desktop\FSCapture.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Paltalk Messenger\paltalk.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\ADMIN\Desktop\Zyzoom_HijackThis(2).exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 5995 bytes
 
تأييد 0
بارك الله فيك هل الآن انحلت المشكلة ؟

وعندي سؤال الله لايهينك .. ماسبب تجمد الشاشة ؟ هل الفايروس وراء هذه المشكلة ؟
 
تأييد 0
القرير سليم :)

وياك يارب وكل الاخوان

عاد المشكله انت اللي تعلمنا عنها ههههههه انحلت ولالا

وكان جهازك فيه فيروس او ماشابه ذلك في بداية التشغيل الجهاز

ابد الحين انقز وحدث الوندوز وبالتوفيق
 
تأييد 0
rd-19 قال:
:smile: ياليت تترك هذا اخر شي

بعض الأدوات تسبب مشكله مع الكراك للوندوز :smile:
أنقر للتوسيع...

الكراك مجرب من قبلي وما فيه اي شئ >> لا تخليك ملقوف
 
تأييد 0
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى