عندي مشكلة في المتصفح للدخول ع الايميل وحساب البنك

  • بادئ الموضوع بادئ الموضوع cutegirl-h
  • تاريخ البدء تاريخ البدء
  • المشاهدات 3,030
C

cutegirl-h

زيزوومي جديد
إنضم
10 مايو 2009
المشاركات
60
مستوى التفاعل
0
النقاط
80
غير متصل
السلام عليكم ورحمة الله وبركاتة​


هذه اول مشاركة لي في منتداكم الرائع​

واتمنى أن أجد حل لمشكلتي لديكم​

المشكلة هي كالتالي:​

عند دخولي للبريد الالكتروني يفتح معاي تمام بس لما احاول اصلح اعادة توجية للإيميل يطلع لي خطأ وتنقفل الصفحة
وكذلك نفس المشكلة مع الدخول للخدمات البنكية تنقفل الصفحة كل ماحاولت ادخل وتطلع نفس الرسالة​

وبحاول ارفع الصورة هنا
ويارب تلقون لي حل فيها​
bahjaa.netcd5c868bf2.jpg
[/IMG]
i19064_2.JPG
[/IMG]
هذا الرابط المباشر للصورة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
مادري ليه الصورة ماتطلع :( وش الحل مع اني رفعتها ع الموقع هنا وع موقع بهجة بس مو راضية تطلع
 
تأييد 0
اختي ارفعي اصورة على اي موقع

وانسخي رابط كود المنتديات

وحطيه هنا بدون اي اضافه
 
تأييد 0
ويخصوص المتصفح اعتقد هذا الموضوع يمكن يفيدك

مع العلم ان الاداة متوافقه مع ويندوز اكس بي و ويندوز مي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


تحياتي
 
تأييد 0
الله يعطيك العافيه back1
وبالنسبة لرفع الصورة رفعتها وحطيت رابط المنتدى ومانفع :(

لكن محتوى الكلام الي يطلع لي هذا هو
aproblem with this webpage caused internet Explorer to close and reopen the tab
 
تأييد 0
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم



واقرئ التعليمآت بعناية أخي حتى لا تتعرض لغلق موضوعك

مثبــت:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بـ انتظار التقرير​
 
التعديل الأخير بواسطة المشرف:
توقيع : Corporation
تأييد 0
اشكرك ااخوي COMPAQ99

وهذا التقرير الي طلع لي
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:20:00 م, on 24/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
C:\WINDOWS\speech\vcmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504780} (BMC Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8057 bytes
 
تأييد 0

نزل هذه الاداة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
 
توقيع : Corporation
تأييد 0
طلع لي انذارات كثيرة مررررررره من الكاسبر :er:وانقفل البرنامج وجدار الحماية وكل شي وش اسوي ؟؟
و هذا التقرير الي طلع
ComboFix 09-06-23.01 - user 06/24/2009 19:36.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.1015.549 [GMT 3:00]
Running from: c:\documents and settings\user\My Documents\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\kl1.sys
.
((((((((((((((((((((((((( Files Created from 2009-05-24 to 2009-06-24 )))))))))))))))))))))))))))))))
.
2009-06-24 16:19 . 2009-06-24 16:19 -------- d-----w- c:\program files\Trend Micro
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\windows\system32\apigidsys
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\program files\Zabaware
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\program files\Haptek
2009-06-22 13:03 . 2003-02-20 07:59 413696 ----a-w- c:\windows\system32\hapapi2.dll
2009-06-22 13:02 . 2009-06-22 13:02 -------- d-----w- c:\windows\lhsp
2009-06-20 13:19 . 2009-06-20 13:19 -------- d-----w- c:\program files\QuickTime
2009-06-13 21:59 . 2009-06-13 21:59 390664 ----a-w- c:\documents and settings\user\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-10 20:37 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 20:37 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 02:34 . 2009-06-10 02:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-06 15:22 . 2009-06-06 15:22 -------- d-----w- c:\program files\Common Files\Java
2009-05-31 15:15 . 2009-05-31 15:15 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-31 15:15 . 2009-05-31 15:15 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-05-31 15:15 . 2009-05-31 15:15 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-31 14:57 . 2009-05-31 15:16 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-31 14:57 . 2009-05-31 15:16 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-31 14:56 . 2009-06-24 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-31 14:56 . 2009-06-24 16:40 393248 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-31 14:56 . 2009-06-24 16:40 1989152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-26 02:19 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2009-05-26 02:19 . 2009-05-26 02:19 -------- d-----w- c:\program files\NSS
2009-05-26 01:30 . 2009-05-26 01:30 -------- d-----w- c:\documents and settings\user\Application Data\Datalayer
2009-05-26 01:28 . 2009-05-26 01:31 -------- d-sh--w- c:\documents and settings\user\Phone Browser
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 16:40 . 2009-05-31 14:56 3472 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-24 16:40 . 2009-05-31 14:56 17668 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-24 15:47 . 2009-05-02 21:31 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2009-06-24 13:59 . 2009-04-28 20:19 -------- d-----w- c:\documents and settings\user\Application Data\skypePM
2009-06-19 18:12 . 2009-05-06 04:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-14 18:56 . 2009-03-15 17:46 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-14 18:56 . 2009-03-08 08:14 -------- d-----w- c:\program files\MSN Messenger
2009-06-08 01:10 . 2009-04-17 15:53 -------- d-----w- c:\program files\eLecta Live
2009-06-06 15:24 . 2009-05-07 21:41 -------- d-----w- c:\program files\iVocalize Web Conference 4
2009-06-06 15:23 . 2009-03-18 23:18 -------- d-----w- c:\program files\Java
2009-05-31 15:16 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-31 14:56 . 2009-05-09 14:35 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-31 14:54 . 2009-05-09 14:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-26 01:28 . 2009-05-09 22:40 -------- d-----w- c:\documents and settings\user\Application Data\PC Suite
2009-05-24 14:26 . 2009-05-24 14:26 32256 ----a-w- c:\documents and settings\user\Application Data\Thinstall\TeamViewer 4\4000009c00002i\IEXPLORE.EXE
2009-05-24 14:26 . 2009-05-24 14:26 32256 ----a-w- c:\documents and settings\user\Application Data\Thinstall\TeamViewer 4\1000000e00002i\mshta.exe
2009-05-24 14:13 . 2009-05-14 21:44 -------- d-----w- c:\documents and settings\user\Application Data\Thinstall
2009-05-22 20:57 . 2009-05-22 20:57 8704 ----a-w- c:\documents and settings\user\Application Data\Thinstall\PHOTOSHOP\1000000b00002h\verclsid.exe
2009-05-14 21:44 . 2009-05-14 21:44 8704 ----a-w- c:\documents and settings\user\Application Data\Thinstall\PHOTOSHOP\1000000b00002h\rundll32.exe
2009-05-13 21:50 . 2009-05-13 21:50 -------- d-----w- c:\program files\MSXML 4.0
2009-05-13 16:01 . 2009-03-08 06:50 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-13 15:45 . 2009-05-13 15:45 -------- d-----w- c:\program files\Driver-Soft
2009-05-13 05:15 . 2007-12-28 21:04 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-12 19:47 . 2009-05-12 19:47 -------- d-----w- c:\documents and settings\user\Application Data\Ashampoo
2009-05-12 19:34 . 2009-05-12 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2009-05-12 19:34 . 2009-05-12 19:34 -------- d-----w- c:\program files\Ashampoo
2009-05-12 06:39 . 2009-05-12 06:38 -------- d-----w- c:\documents and settings\Guest\Application Data\PC Suite
2009-05-11 19:25 . 2009-05-11 19:25 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-11 19:25 . 2009-03-08 08:11 -------- d-----w- c:\program files\Common Files\Real
2009-05-09 22:43 . 2009-05-09 22:43 -------- d-----w- c:\documents and settings\user\Application Data\Nokia Multimedia Player
2009-05-09 22:42 . 2009-05-09 22:41 -------- d-----w- c:\documents and settings\user\Application Data\Nokia
2009-05-09 22:42 . 2009-05-09 22:41 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-09 22:40 . 2009-05-09 22:39 -------- d-----w- c:\program files\Nokia
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-09 15:38 . 2009-03-15 17:46 -------- d-----w- c:\program files\Circle Developement
2009-05-09 15:29 . 2009-03-15 17:48 -------- d-----w- c:\documents and settings\user\Application Data\loginfoping
2009-05-07 15:32 . 2004-08-04 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-06 10:12 . 2009-05-06 10:12 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer
2009-05-06 04:48 . 2009-05-06 04:47 -------- d-----w- c:\program files\Apple Software Update
2009-05-06 04:47 . 2009-05-06 04:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-05-05 20:47 . 2009-05-05 20:47 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-05 00:01 . 2009-04-15 12:17 -------- d-----w- c:\documents and settings\user\Application Data\HP
2009-05-05 00:01 . 2009-05-04 23:49 -------- d-----w- c:\documents and settings\user\Application Data\Image Zone Express
2009-05-02 21:31 . 2009-05-02 21:31 -------- d-----w- c:\program files\Skype
2009-05-02 21:31 . 2009-04-28 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-05-02 21:31 . 2009-05-02 21:31 -------- d-----w- c:\program files\Common Files\Skype
2009-04-30 04:42 . 2009-04-30 04:42 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2009-04-28 20:19 . 2009-04-28 20:19 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-04-25 00:50 . 2009-04-25 00:50 57104 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-17 12:26 . 2004-08-04 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-04 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-14 13:11 . 2009-04-14 13:11 152576 ----a-w- c:\documents and settings\user\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-07 23:10 . 2009-04-07 22:54 110030 ----a-w- c:\windows\hpoins08.dat
2009-03-27 17:29 . 2009-03-08 08:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-03-27 17:29 . 2009-03-08 08:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-11 185896]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-31 206088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [08/03/2009 10:30 ص 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [08/03/2009 10:30 ص 35712]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [08/03/2009 10:38 ص 40960]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [08/03/2009 10:38 ص 9088]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [08/03/2009 10:34 ص 57024]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [26/05/2009 05:19 ص 32377]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://skaam.redirectme.net/imscp/talkc38.cab
DPF: {7253A666-804A-1107-A4DC-00E04C504780} - hxxp://208.101.21.192/bmc.cab
DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} - hxxp://skaam.redirectme.net/imscp/talka.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://67.198.202.138/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://76.76.24.112/saudi1999/talks3n.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-24 19:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2468)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\PC Connectivity Solution\ConnAPI.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\acs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\HPZipm12.exe
.
**************************************************************************
.
Completion time: 2009-06-24 19:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-24 16:44
Pre-Run: 69,731,164,160 bytes free
Post-Run: 70,442,684,416 bytes free
224 --- E O F --- 2009-06-22 13:44
 
تأييد 0
صحيح نسيت ان اخبرك بأن تعطل الكـآسبر ..

أذهب واعمل خروج للكـآسبر من على شريط المهام ..

بعدها شغل الادآة مرة اخرى ..​
 
توقيع : Corporation
تأييد 0
يعني التقرير هذا ماينفع لازم اعطل الكاسبر واسوية مره ثانيه؟
 
تأييد 0
نعم للأطمئنـآن بارك الله فيك​
 
توقيع : Corporation
تأييد 0
جزاك الله خير وكتب لك الاجر
هذا هو التقرير بعد تعطيل الكاسبر
ComboFix 09-06-23.01 - user 06/24/2009 20:04.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.1015.635 [GMT 3:00]
Running from: c:\documents and settings\user\My Documents\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\kl1.sys
.
((((((((((((((((((((((((( Files Created from 2009-05-24 to 2009-06-24 )))))))))))))))))))))))))))))))
.
2009-06-24 16:43 . 2009-06-24 16:43 -------- dc----w- c:\windows\system32\dllcache\cache
2009-06-24 16:19 . 2009-06-24 16:19 -------- d-----w- c:\program files\Trend Micro
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\windows\system32\apigidsys
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\program files\Zabaware
2009-06-22 13:03 . 2009-06-22 13:03 -------- d-----w- c:\program files\Haptek
2009-06-22 13:03 . 2003-02-20 07:59 413696 ----a-w- c:\windows\system32\hapapi2.dll
2009-06-22 13:02 . 2009-06-22 13:02 -------- d-----w- c:\windows\lhsp
2009-06-20 13:19 . 2009-06-20 13:19 -------- d-----w- c:\program files\QuickTime
2009-06-13 21:59 . 2009-06-13 21:59 390664 ----a-w- c:\documents and settings\user\Application Data\Real\RealPlayer\Update\realplayer11gold.exe
2009-06-10 20:37 . 2009-04-30 21:22 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 20:37 . 2009-04-30 21:22 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 02:34 . 2009-06-10 02:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-06-06 15:22 . 2009-06-06 15:22 -------- d-----w- c:\program files\Common Files\Java
2009-05-31 15:15 . 2009-05-31 15:15 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-05-31 15:15 . 2009-05-31 15:15 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-05-31 15:15 . 2009-05-31 15:15 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-05-31 14:57 . 2009-06-24 16:56 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-31 14:57 . 2009-06-24 16:56 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-31 14:56 . 2009-06-24 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-31 14:56 . 2009-06-24 17:07 401440 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-31 14:56 . 2009-06-24 17:07 1989152 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-26 02:19 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2009-05-26 02:19 . 2009-05-26 02:19 -------- d-----w- c:\program files\NSS
2009-05-26 01:30 . 2009-05-26 01:30 -------- d-----w- c:\documents and settings\user\Application Data\Datalayer
2009-05-26 01:28 . 2009-05-26 01:31 -------- d-sh--w- c:\documents and settings\user\Phone Browser
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-24 17:07 . 2009-05-31 14:56 3500 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-24 17:07 . 2009-05-31 14:56 17668 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-24 15:47 . 2009-05-02 21:31 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2009-06-24 13:59 . 2009-04-28 20:19 -------- d-----w- c:\documents and settings\user\Application Data\skypePM
2009-06-19 18:12 . 2009-05-06 04:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-14 18:56 . 2009-03-15 17:46 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-14 18:56 . 2009-03-08 08:14 -------- d-----w- c:\program files\MSN Messenger
2009-06-08 01:10 . 2009-04-17 15:53 -------- d-----w- c:\program files\eLecta Live
2009-06-06 15:24 . 2009-05-07 21:41 -------- d-----w- c:\program files\iVocalize Web Conference 4
2009-06-06 15:23 . 2009-03-18 23:18 -------- d-----w- c:\program files\Java
2009-05-31 15:16 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-31 14:56 . 2009-05-09 14:35 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-31 14:54 . 2009-05-09 14:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-26 01:28 . 2009-05-09 22:40 -------- d-----w- c:\documents and settings\user\Application Data\PC Suite
2009-05-24 14:26 . 2009-05-24 14:26 32256 ----a-w- c:\documents and settings\user\Application Data\Thinstall\TeamViewer 4\4000009c00002i\IEXPLORE.EXE
2009-05-24 14:26 . 2009-05-24 14:26 32256 ----a-w- c:\documents and settings\user\Application Data\Thinstall\TeamViewer 4\1000000e00002i\mshta.exe
2009-05-24 14:13 . 2009-05-14 21:44 -------- d-----w- c:\documents and settings\user\Application Data\Thinstall
2009-05-22 20:57 . 2009-05-22 20:57 8704 ----a-w- c:\documents and settings\user\Application Data\Thinstall\PHOTOSHOP\1000000b00002h\verclsid.exe
2009-05-14 21:44 . 2009-05-14 21:44 8704 ----a-w- c:\documents and settings\user\Application Data\Thinstall\PHOTOSHOP\1000000b00002h\rundll32.exe
2009-05-13 21:50 . 2009-05-13 21:50 -------- d-----w- c:\program files\MSXML 4.0
2009-05-13 16:01 . 2009-03-08 06:50 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-13 15:45 . 2009-05-13 15:45 -------- d-----w- c:\program files\Driver-Soft
2009-05-13 05:15 . 2007-12-28 21:04 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-12 19:47 . 2009-05-12 19:47 -------- d-----w- c:\documents and settings\user\Application Data\Ashampoo
2009-05-12 19:34 . 2009-05-12 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2009-05-12 19:34 . 2009-05-12 19:34 -------- d-----w- c:\program files\Ashampoo
2009-05-12 06:39 . 2009-05-12 06:38 -------- d-----w- c:\documents and settings\Guest\Application Data\PC Suite
2009-05-11 19:25 . 2009-05-11 19:25 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-11 19:25 . 2009-03-08 08:11 -------- d-----w- c:\program files\Common Files\Real
2009-05-09 22:43 . 2009-05-09 22:43 -------- d-----w- c:\documents and settings\user\Application Data\Nokia Multimedia Player
2009-05-09 22:42 . 2009-05-09 22:41 -------- d-----w- c:\documents and settings\user\Application Data\Nokia
2009-05-09 22:42 . 2009-05-09 22:41 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-09 22:40 . 2009-05-09 22:39 -------- d-----w- c:\program files\Nokia
2009-05-09 22:40 . 2009-05-09 22:40 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-09 15:38 . 2009-03-15 17:46 -------- d-----w- c:\program files\Circle Developement
2009-05-09 15:29 . 2009-03-15 17:48 -------- d-----w- c:\documents and settings\user\Application Data\loginfoping
2009-05-07 15:32 . 2004-08-04 12:00 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-06 10:12 . 2009-05-06 10:12 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer
2009-05-06 04:48 . 2009-05-06 04:47 -------- d-----w- c:\program files\Apple Software Update
2009-05-06 04:47 . 2009-05-06 04:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-05-05 20:47 . 2009-05-05 20:47 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-05 00:01 . 2009-04-15 12:17 -------- d-----w- c:\documents and settings\user\Application Data\HP
2009-05-05 00:01 . 2009-05-04 23:49 -------- d-----w- c:\documents and settings\user\Application Data\Image Zone Express
2009-05-02 21:31 . 2009-05-02 21:31 -------- d-----w- c:\program files\Skype
2009-05-02 21:31 . 2009-04-28 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-05-02 21:31 . 2009-05-02 21:31 -------- d-----w- c:\program files\Common Files\Skype
2009-04-30 04:42 . 2009-04-30 04:42 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2009-04-28 20:19 . 2009-04-28 20:19 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-04-25 00:50 . 2009-04-25 00:50 57104 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-17 12:26 . 2004-08-04 12:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-08-04 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-14 13:11 . 2009-04-14 13:11 152576 ----a-w- c:\documents and settings\user\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-07 23:10 . 2009-04-07 22:54 110030 ----a-w- c:\windows\hpoins08.dat
2009-03-27 17:29 . 2009-03-08 08:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-03-27 17:29 . 2009-03-08 08:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-06-24_16.42.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-24 17:08 . 2009-06-24 17:08 16384 c:\windows\Temp\Perflib_Perfdata_404.dat
+ 2004-08-04 12:00 . 2009-06-24 17:13 41170 c:\windows\system32\perfc009.dat
- 2004-08-04 12:00 . 2009-06-24 13:42 41170 c:\windows\system32\perfc009.dat
+ 2009-06-24 16:43 . 2008-10-16 11:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-06-24 16:43 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-06-24 16:43 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-06-24 16:43 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-06-24 16:43 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-06-24 16:43 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-06-24 16:43 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-06-24 16:43 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-06-24 16:43 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-06-24 16:43 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2004-08-04 12:00 . 2009-06-24 17:13 314842 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-06-24 13:42 314842 c:\windows\system32\perfh009.dat
+ 2009-06-24 16:43 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-24 16:43 . 2009-05-13 05:15 915456 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-06-24 16:43 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-06-24 16:43 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-06-24 16:43 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-06-24 16:43 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\cache\services.exe
+ 2009-06-24 16:43 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-06-24 16:43 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-06-24 16:43 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-06-24 16:43 . 2008-04-14 00:11 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-06-24 16:43 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-06-24 16:43 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-06-24 16:43 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-06-24 16:43 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-11 185896]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-31 206088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [08/03/2009 10:30 ص 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [08/03/2009 10:30 ص 35712]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [08/03/2009 10:38 ص 40960]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [08/03/2009 10:38 ص 9088]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [08/03/2009 10:34 ص 57024]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [26/05/2009 05:19 ص 32377]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} - hxxp://skaam.redirectme.net/imscp/talkc38.cab
DPF: {7253A666-804A-1107-A4DC-00E04C504780} - hxxp://208.101.21.192/bmc.cab
DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} - hxxp://skaam.redirectme.net/imscp/talka.cab
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://67.198.202.138/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://76.76.24.112/saudi1999/talks3n.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-24 20:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3080)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\PC Connectivity Solution\ConnAPI.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\acs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\O2Micro Oz128 Driver\o2flash.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wbem\wmiadap.exe
.
**************************************************************************
.
Completion time: 2009-06-24 20:18 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-24 17:18
ComboFix2.txt 2009-06-24 16:44
Pre-Run: 70,515,945,472 bytes free
Post-Run: 70,504,960,000 bytes free
258 --- E O F --- 2009-06-22 13:44
 
تأييد 0
وهذا الهايجاك الجديد
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:30:17 م, on 24/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\System Control Manager\edd.exe
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504780} (BMC Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~2\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~2\kloehk.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7341 bytes
 
تأييد 0
أحذف التالي

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O16 - DPF: {3C8E8DD8-D86A-4E6D-AF37-AB3CA7FDF8CD} (IMS_Conference Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504780} (BMC Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {9E45BE3C-DE06-4492-AB7D-E51447CF2ED0} (clsUMS Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


طريقة الحذف

mg%20%283%29.png




mg%20%284%29.png


بعدها لتنظيف


التحميل من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبي فقط


شرح الاستخدام ,,,,,,

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )


000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))


002.png


وبلغـ،ـآ بالنتـ،ـآئج ..​

 
التعديل الأخير بواسطة المشرف:
توقيع : Corporation
تأييد 0
لا زالت المشكلة موجودة مع اني طبقت كل الخطوات الي قلتها :getsmile.tmp0019307


تعبت من هالمشكلة :er:
وادري تعبتك معاي الله يجزاك خير وللأسف ماضبط الحل
 
تأييد 0
ابطلع الآن ساعة وارجع بئذن الله لعل وعسى تلاقون لي حل
 
تأييد 0
رجعت ولكن للأسف الحين المشكلة وصلت المسنجر صار يقفل ويطلع لي لقد صادف windowslive messenger مشكلة ويجب إغلاقة إننا نأسف لإزعاج
:er:
وتوقيع الخطأ يطلع لي
AppName: msnmsgr.exe AppVer: 8.1.178.0 AppStamp:45b12d6a
ModName: mshtml.dll ModVer: 8.0.6001.18783 ModStamp:4a0a5789
fDebug: 0 Offset: 00209d7c


احس كل شي صار في مشكلة واخطاء :(
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى