مشكلتي مايعيد التشغيل الجهاز

moad3 · 28 يونيو 2009

السلام عليكم

عندي المشكلة بالجهاز لاحظتها

اني لما اعمل اعادة تشغيل يتوقف الجهاز على (جاري ايقاف التشغيل)

حاولت في كذا اداة لكن لا جدوا في ذالك

هذه التقارير

بالهي جاك

PHP:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:15:02 ص, on 28/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243202403609
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://voice34.digivoice.net/talk.cab
O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) - http://voice34.digivoice.net/ReadUid.CAB
O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) - http://174.36.238.30/saudi1999/talks3n.cab
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8668 bytes

كود بأداة ComboFix

PHP:

ComboFix 09-06-26.02 - User 06/28/2009  8:19.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1256.966.1025.18.1526.1107 [GMT 3:00]
Running from: c:\documents and settings\User\سطح المكتب\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\kakle.dll

.
(((((((((((((((((((((((((   Files Created from 2009-05-28 to 2009-06-28  )))))))))))))))))))))))))))))))
.

2009-06-28 05:08 . 2009-06-28 05:08    --------    d-----w-    c:\program files\Trend Micro
2009-06-25 17:31 . 2009-06-25 17:31    928316    ----a-w-    c:\documents and settings\User\Application Data\IDM\DwnlData\User\avira_antivir_personal_en_478\avira_antivir_personal_en.exe
2009-06-25 00:06 . 2009-06-25 00:06    --------    d-----w-    c:\windows\Sun
2009-06-25 00:02 . 2009-06-27 22:15    --------    d-----w-    c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-06-25 00:02 . 2009-06-27 22:14    --------    d-----w-    c:\program files\Spybot - Search & Destroy
2009-06-24 17:49 . 2009-06-24 19:01    --------    d-----w-    c:\documents and settings\User\Application Data\LimeWire
2009-06-24 17:46 . 2009-06-24 17:46    410984    ----a-w-    c:\windows\system32\deploytk.dll
2009-06-24 17:46 . 2009-06-24 17:46    --------    d-----w-    c:\program files\Java
2009-06-24 17:46 . 2009-06-24 17:46    152576    ----a-w-    c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_11\lzma.dll
2009-06-24 17:43 . 2009-06-24 17:47    --------    d-----w-    c:\program files\LimeWire
2009-06-22 23:03 . 2009-06-22 23:03    --------    d-----w-    c:\documents and settings\User\Local Settings\Application Data\Ares
2009-06-22 23:03 . 2009-06-22 23:03    --------    d-----w-    c:\program files\Ares
2009-06-22 19:45 . 2009-06-24 18:04    --------    d-----w-    c:\documents and settings\User\Application Data\dvdcss
2009-06-22 19:35 . 2009-06-26 22:53    --------    d-----w-    c:\documents and settings\User\Application Data\vlc
2009-06-22 08:33 . 2009-06-22 08:33    --------    d-----w-    c:\documents and settings\User\Local Settings\Application Data\WMTools Downloaded Files
2009-06-19 17:08 . 2009-06-19 17:08    --------    d-----w-    c:\documents and settings\User\Application Data\Malwarebytes
2009-06-19 17:08 . 2009-06-19 17:08    --------    d-----w-    c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-19 16:39 . 2008-03-17 08:56    103168    ----a-w-    c:\windows\system32\drivers\ewusbfake.sys
2009-06-19 16:39 . 2008-03-17 08:03    101376    ----a-w-    c:\windows\system32\drivers\ewusbmdm.sys
2009-06-19 16:39 . 2008-03-16 11:47    872192    ----a-w-    c:\windows\system32\drivers\mod7700.sys
2009-06-19 16:39 . 2008-01-22 12:09    100992    ----a-w-    c:\windows\system32\drivers\ewusbnet.sys
2009-06-19 16:39 . 2007-08-09 01:13    24448    ----a-w-    c:\windows\system32\drivers\ewdcsc.sys
2009-06-19 16:38 . 2009-06-19 16:39    --------    d-----w-    c:\program files\Maxis Broadband
2009-06-15 19:54 . 2008-04-14 18:29    76800    ------w-    c:\windows\system32\qutil.dll
2009-06-15 19:50 . 2009-06-15 19:55    --------    d-----w-    c:\windows\ServicePackFiles
2009-06-15 19:50 . 2008-04-14 18:29    294912    -c----w-    c:\windows\system32\dllcache\dlimport.exe
2009-06-15 14:22 . 2009-06-15 15:00    --------    d-----w-    c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-14 22:08 . 2009-06-14 22:08    --------    d-----w-    c:\program files\Gabest
2009-06-14 20:46 . 2009-06-14 20:46    --------    d-----w-    c:\program files\Unlocker
2009-06-14 20:43 . 2009-06-14 20:43    3584    ----a-r-    c:\documents and settings\User\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-06-14 20:43 . 2009-06-14 20:43    --------    d-----w-    c:\program files\Windows Installer Clean Up
2009-06-14 20:43 . 2009-06-14 20:43    --------    d-----w-    c:\program files\MSECACHE
2009-06-14 20:32 . 2009-06-14 20:56    --------    d-----w-    c:\program files\Windows Live
2009-06-14 20:31 . 2009-06-14 20:31    --------    d-----w-    c:\program files\Windows Live SkyDrive
2009-06-14 20:22 . 2009-06-14 20:22    --------    d-----w-    c:\program files\Common Files\Windows Live
2009-06-14 14:56 . 2009-06-14 14:56    --------    d-----w-    c:\program files\Microsoft
2009-06-14 14:56 . 2009-06-14 20:25    --------    d-----w-    c:\documents and settings\User\Tracing
2009-06-13 21:00 . 2008-04-14 18:28    6144    ----a-w-    c:\windows\system32\kbd106.dll
2009-06-13 21:00 . 2001-08-17 19:36    8704    -c--a-w-    c:\windows\system32\dllcache\kbdjpn.dll
2009-06-13 21:00 . 2001-08-17 19:36    8704    ----a-w-    c:\windows\system32\kbdjpn.dll
2009-06-13 21:00 . 2001-08-17 19:36    8192    -c--a-w-    c:\windows\system32\dllcache\kbdkor.dll
2009-06-13 21:00 . 2001-08-17 19:36    8192    ----a-w-    c:\windows\system32\kbdkor.dll
2009-06-13 21:00 . 2001-08-17 11:55    6144    -c--a-w-    c:\windows\system32\dllcache\kbd101c.dll
2009-06-13 21:00 . 2001-08-17 11:55    6144    -c--a-w-    c:\windows\system32\dllcache\kbd101b.dll
2009-06-13 21:00 . 2001-08-17 11:55    6144    ----a-w-    c:\windows\system32\kbd101c.dll
2009-06-13 21:00 . 2001-08-17 11:55    6144    ----a-w-    c:\windows\system32\kbd101b.dll
2009-06-13 21:00 . 2001-08-17 11:55    5632    -c--a-w-    c:\windows\system32\dllcache\kbd103.dll
2009-06-13 21:00 . 2001-08-17 11:55    5632    ----a-w-    c:\windows\system32\kbd103.dll
2009-06-13 20:10 . 2009-06-13 20:10    --------    d-----w-    c:\program files\Common Files\xing shared
2009-06-11 20:50 . 2009-06-11 20:50    --------    d-----w-    c:\program files\Microsoft Virtual PC
2009-06-11 20:36 . 2009-06-11 20:36    --------    d-----w-    c:\program files\Common Files\EZB Systems
2009-06-11 20:36 . 2009-06-11 20:37    --------    d-----w-    c:\program files\UltraISO
2009-06-10 04:10 . 2009-06-10 04:10    --------    d-----w-    c:\program files\DIFX
2009-06-10 04:09 . 2009-06-10 04:09    --------    d-----w-    c:\program files\Common Files\Nokia
2009-06-10 04:09 . 2009-06-10 04:10    --------    d-----w-    c:\documents and settings\User\Application Data\PC Suite
2009-06-10 04:09 . 2009-06-10 04:10    --------    d-----w-    c:\documents and settings\All Users\Application Data\PC Suite
2009-06-10 04:09 . 2009-06-10 04:09    --------    d-----w-    c:\program files\Common Files\PCSuite
2009-06-10 04:09 . 2006-05-29 05:26    50688    ----a-w-    c:\windows\system32\nmwcdcls.dll
2009-06-10 04:09 . 2009-06-10 04:09    --------    d-----w-    c:\program files\Nokia
2009-06-07 21:12 . 2009-06-07 21:12    --------    d-----w-    c:\program files\uTorrent
2009-06-07 21:12 . 2009-06-27 22:09    --------    d-----w-    c:\documents and settings\User\Application Data\uTorrent
2009-06-07 20:27 . 2008-07-10 07:38    28672    ----a-w-    c:\windows\Getdisk.exe
2009-06-07 20:27 . 2009-06-07 20:27    --------    d-----w-    c:\windows\Recover Data for FAT & NTFS
2009-06-07 20:27 . 2009-06-07 20:27    --------    d-----w-    c:\program files\Recover Data for FAT & NTFS
2009-06-07 07:03 . 2009-06-07 07:03    --------    d-----w-    c:\windows\system32\LogFiles
2009-06-04 18:47 . 2009-06-04 18:47    --------    d-----w-    c:\windows\OemDir
2009-06-04 16:44 . 2008-01-31 04:30    159744    ----a-w-    c:\windows\system32\igfxres.dll
2009-06-04 16:40 . 2001-09-19 12:00    16896    -c--a-w-    c:\windows\system32\dllcache\status.dll
2009-06-04 16:39 . 2001-09-19 12:00    22016    -c--a-w-    c:\windows\system32\dllcache\logscrpt.dll
2009-06-04 16:38 . 2008-04-14 18:28    56320    -c--a-w-    c:\windows\system32\dllcache\chtskdic.dll
2009-06-04 16:00 . 2001-09-19 12:00    13312    -c--a-w-    c:\windows\system32\dllcache\irclass.dll
2009-06-04 16:00 . 2001-09-19 12:00    13312    ----a-w-    c:\windows\system32\irclass.dll
2009-06-04 16:00 . 2001-09-19 12:00    24661    -c--a-w-    c:\windows\system32\dllcache\spxcoins.dll
2009-06-04 16:00 . 2001-09-19 12:00    24661    ----a-w-    c:\windows\system32\spxcoins.dll
2009-06-04 00:43 . 2009-06-04 00:43    --------    d-----w-    c:\program files\LtUcx
2009-06-03 21:41 . 2008-12-23 08:18    104448    ----a-w-    c:\windows\system32\drivers\br3gmdm.sys
2009-06-03 21:41 . 2009-06-03 21:41    --------    d-----w-    c:\program files\BandRich
2009-05-31 20:12 . 2009-05-31 20:12    --------    d-----w-    c:\documents and settings\User\Application Data\Toshiba
2009-05-29 19:46 . 2009-05-29 19:46    --------    d-----w-    c:\documents and settings\User\Application Data\Media Player Classic

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-28 05:21 . 2009-05-24 22:16    --------    d-----w-    c:\documents and settings\User\Application Data\DMCache
2009-06-27 22:20 . 2001-09-19 11:00    47904    ----a-w-    c:\windows\system32\perfc001.dat
2009-06-27 22:20 . 2001-09-19 11:00    276238    ----a-w-    c:\windows\system32\perfh001.dat
2009-06-24 23:32 . 2009-05-24 19:46    --------    d-----w-    c:\program files\K-Lite Codec Pack
2009-06-18 23:23 . 2009-05-25 14:25    165232    ---ha-w-    c:\documents and settings\User\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll
2009-06-15 17:31 . 2009-05-24 19:44    --------    d-----w-    c:\program files\The KMPlayer
2009-06-14 22:09 . 2009-05-24 19:45    --------    d-----w-    c:\program files\DivX
2009-06-14 20:58 . 2009-05-24 19:45    --------    d-----w-    c:\program files\Messenger Plus! Live
2009-06-14 15:01 . 2009-05-21 14:33    73400    ----a-w-    c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-13 20:10 . 2009-05-21 16:39    --------    d-----w-    c:\program files\Common Files\Real
2009-06-12 00:24 . 2009-05-24 22:16    --------    d-----w-    c:\documents and settings\User\Application Data\IDM
2009-06-04 16:36 . 2009-05-21 14:25    23380    ----a-w-    c:\windows\system32\emptyregdb.dat
2009-06-02 16:11 . 2009-05-24 19:46    85504    ----a-w-    c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2004-12-20 10:08    205824    ----a-w-    c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2004-12-20 10:03    881664    ----a-w-    c:\windows\system32\xvidcore.dll
2009-05-27 23:59 . 2009-05-27 23:59    --------    d-----w-    c:\documents and settings\User\Application Data\Avira
2009-05-27 21:40 . 2009-05-27 21:39    --------    d-----w-    c:\documents and settings\User\Application Data\Paltalk
2009-05-27 21:40 . 2009-05-27 21:39    --------    d-----w-    c:\program files\Paltalk Messenger
2009-05-26 12:09 . 2009-05-26 12:09    --------    d-----w-    c:\program files\Avira
2009-05-26 12:09 . 2009-05-24 22:37    --------    d-----w-    c:\documents and settings\All Users\Application Data\Avira
2009-05-25 05:09 . 2009-05-25 05:09    --------    d-----w-    c:\program files\WinASO
2009-05-25 05:03 . 2009-05-25 05:03    --------    d-----w-    c:\program files\ANWIDA Soft
2009-05-25 05:02 . 2009-05-25 05:01    --------    d-----w-    c:\program files\Antares
2009-05-25 05:01 . 2009-05-25 05:01    --------    d-----w-    c:\documents and settings\User\Application Data\Volcano
2009-05-25 05:01 . 2009-05-25 05:01    --------    d-----w-    c:\program files\FabFilter
2009-05-25 05:01 . 2009-05-25 05:01    --------    d-----w-    c:\program files\Digidesign
2009-05-25 05:01 . 2009-05-25 05:01    --------    d-----w-    c:\program files\Steinberg
2009-05-25 04:27 . 2009-05-24 21:11    --------    d-----w-    c:\program files\Toshiba
2009-05-25 04:27 . 2009-05-21 14:47    --------    d-----w-    c:\program files\Common Files\InstallShield
2009-05-25 04:24 . 2009-05-25 04:24    --------    d-----w-    c:\program files\Antares Audio Technologies
2009-05-25 02:55 . 2009-05-25 02:55    --------    d-----w-    c:\program files\Magix
2009-05-24 23:18 . 2009-05-24 23:18    --------    d-----w-    c:\program files\Atheros
2009-05-24 23:18 . 2009-05-21 14:47    --------    d--h--w-    c:\program files\InstallShield Installation Information
2009-05-24 23:18 . 2009-05-24 23:18    --------    d-----w-    c:\documents and settings\All Users\Application Data\Atheros
2009-05-24 22:58 . 2009-05-24 22:58    --------    d-----w-    c:\documents and settings\User\Application Data\COWON
2009-05-24 22:34 . 2009-05-24 19:51    --------    d-----w-    c:\program files\Common Files\Adobe
2009-05-24 22:17 . 2009-05-24 22:17    198064    ----a-w-    c:\documents and settings\User\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-05-24 22:14 . 2009-05-24 22:14    6279    ----a-w-    c:\program files\un_Internet Download Manager_16575.txt
2009-05-24 22:14 . 2009-05-24 22:14    --------    d-----w-    c:\program files\Internet Download Manager
2009-05-24 22:14 . 2009-05-24 22:14    --------    d-----w-    c:\program files\FormatFactory
2009-05-24 21:20 . 2009-05-24 21:20    --------    d-----w-    c:\documents and settings\All Users\Application Data\TOSHIBA
2009-05-24 20:47 . 2009-05-24 20:47    0    ----a-w-    c:\windows\nsreg.dat
2009-05-24 20:47 . 2009-05-24 20:47    --------    d-----w-    c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-05-24 20:02 . 2009-05-24 20:02    --------    d-----w-    c:\documents and settings\All Users\Application Data\GRETECH
2009-05-24 20:02 . 2009-05-24 20:02    --------    d-----w-    c:\documents and settings\User\Application Data\GRETECH
2009-05-24 19:56 . 2009-05-24 19:56    --------    d-----w-    c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-24 19:53 . 2009-05-24 19:53    --------    d-----w-    c:\program files\Common Files\Ahead
2009-05-24 19:53 . 2009-05-24 19:53    --------    d-----w-    c:\program files\Ahead
2009-05-24 19:50 . 2009-05-21 16:39    499712    ----a-w-    c:\windows\system32\msvcp71.dll
2009-05-24 19:50 . 2009-05-21 16:39    348160    ----a-w-    c:\windows\system32\msvcr71.dll
2009-05-24 19:49 . 2009-05-24 19:49    99965    ----a-w-    c:\windows\UninstallFirefox.exe
2009-05-24 19:49 . 2009-05-24 19:49    2654    ----a-w-    c:\windows\mozver.dat
2009-05-24 19:49 . 2009-05-24 19:49    --------    d-----w-    c:\program files\JetAudio
2009-05-24 19:48 . 2009-05-24 19:48    90112    ----a-w-    c:\windows\system32\agsaami.dll
2009-05-24 19:48 . 2009-05-24 19:48    610304    ----a-w-    c:\windows\system32\agsaamg.dll
2009-05-24 19:48 . 2009-05-24 19:48    372736    ----a-w-    c:\windows\system32\agsaamc.dll
2009-05-24 19:48 . 2009-05-24 19:48    2535424    ----a-w-    c:\windows\system32\agsaamj.dll
2009-05-24 19:48 . 2009-05-24 19:48    1986560    ----a-w-    c:\windows\system32\akll.dll
2009-05-24 19:48 . 2009-05-24 19:48    196608    ----a-w-    c:\windows\system32\maag.dll
2009-05-24 19:48 . 2009-05-24 19:48    1245184    ----a-w-    c:\windows\system32\bkll.dll
2009-05-24 19:48 . 2009-05-24 19:48    1212416    ----a-w-    c:\windows\system32\ckll.dll
2009-05-24 19:48 . 2009-05-24 19:48    --------    d-----w-    c:\program files\Real_SC
2009-05-24 19:47 . 2009-05-24 19:47    128000    ----a-w-    c:\windows\system32\Dsslji.dat
2009-05-24 19:47 . 2009-05-24 19:47    2678    ----a-w-    c:\windows\java\Packages\Data\31BVZXND.DAT
2009-05-24 19:47 . 2009-05-24 19:47    2678    ----a-w-    c:\windows\java\Packages\Data\TVPZFV53.DAT
2009-05-24 19:47 . 2009-05-24 19:47    2678    ----a-w-    c:\windows\java\Packages\Data\NBRZNF97.DAT
2009-05-24 19:47 . 2009-05-24 19:47    2678    ----a-w-    c:\windows\java\Packages\Data\G8AJ9N7T.DAT
2009-05-24 19:47 . 2009-05-24 19:47    2678    ----a-w-    c:\windows\java\Packages\Data\VTBXZ5VR.DAT
2009-05-24 19:47 . 2009-05-24 19:47    2232    ----a-w-    c:\windows\java\Packages\Data\D3J5Z53P.DAT
2009-05-24 19:47 . 2009-05-24 19:47    155995    ----a-w-    c:\windows\java\Packages\XBNXB71B.ZIP
2009-05-24 19:46 . 2009-05-24 19:46    --------    d-----w-    c:\program files\GRETECH
2009-05-24 19:46 . 2009-05-24 19:46    --------    d-----w-    c:\program files\FLVPlayer4Free
2009-05-24 19:45 . 2009-05-24 19:45    --------    d-----w-    c:\program files\Google
2009-05-24 19:44 . 2009-05-24 19:44    --------    d-----w-    c:\program files\mpegable
2009-05-24 19:44 . 2009-05-24 19:44    47104    ----a-w-    c:\windows\AKDeInstall.exe
2009-05-24 19:44 . 2009-05-24 19:44    --------    d-----w-    c:\program files\MediaInfo
2009-05-24 19:43 . 2009-05-24 19:43    --------    d-----w-    c:\program files\Real Alternative
2009-05-24 19:43 . 2009-05-24 19:43    --------    d-----w-    c:\program files\Xilisoft
2009-05-24 19:43 . 2009-05-24 19:43    --------    d-----w-    c:\program files\VideoLAN
2009-05-24 19:43 . 2009-05-24 19:43    --------    d-----w-    c:\program files\URUSoft
2009-05-24 19:42 . 2009-05-24 19:42    --------    d-----w-    c:\program files\SLD Codec Pack
2009-05-24 19:42 . 2009-05-24 19:42    --------    d-----w-    c:\program files\Quranzu1
2009-05-23 15:32 . 2009-05-21 14:27    86327    ----a-w-    c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-21 16:39 . 2009-05-21 16:39    --------    d-----w-    c:\program files\Real
2009-05-21 16:37 . 2009-05-21 16:37    --------    d-----w-    c:\program files\Genuine Advantage Plus
2009-05-21 16:37 . 2009-05-21 16:37    --------    d-----w-    c:\program files\hammadfz
2009-05-21 16:37 . 2009-05-21 16:37    --------    d-----w-    c:\documents and settings\User\Application Data\InstallShield
2009-05-21 16:35 . 2009-05-21 16:35    --------    d-----w-    c:\program files\Golden Al-Wafi Translator
2009-05-21 16:35 . 2009-05-21 16:35    172032    ----a-w-    c:\windows\Setup1.exe
2009-05-21 16:35 . 2009-05-21 16:35    73216    ----a-w-    c:\windows\ST6UNST.EXE
2009-05-21 15:27 . 2009-05-21 15:27    --------    d-----w-    c:\program files\Microsoft.NET
2009-05-21 14:47 . 2009-05-21 14:47    --------    d-----w-    c:\program files\Hewlett-Packard
2009-05-21 14:28 . 2009-05-21 14:28    --------    d-----w-    c:\program files\microsoft frontpage
2009-03-30 07:33 . 2009-05-26 12:09    96104    ----a-w-    c:\windows\system32\drivers\avipbb.sys
2008-09-28 19:00 . 2009-05-24 22:14    439440    ----a-w-    c:\program files\un_Internet Download Manager_16575.exe
2007-06-02 00:25 . 2009-05-25 05:01    1171456    ----a-w-    c:\program files\FabFilter Volcano.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-03 2794928]
"ares"="c:\program files\Ares\Ares.exe" [2007-02-26 969728]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba Hotkey Utility"="c:\program files\Toshiba\Windows Utilities\Hotkey.exe" [2007-08-21 1773568]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-31 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-31 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-31 138008]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-13 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-3-19 2532680]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Reader Synchronizer.lnk]
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
backup=c:\windows\pss\PalTalk.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^سرعة تشغيل Adobe Reader.lnk]
backup=c:\windows\pss\سرعة تشغيل Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [26/05/2009 03:09 م 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [26/05/2009 03:09 م 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [26/05/2009 03:09 م 434945]
R2 BandLuxe_Service;BandLuxe Service;c:\program files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe [30/03/2009 10:17 ص 87264]
R3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys [25/05/2009 02:18 ص 57024]
S3 br3gmdm;BandLuxe 3.5G HSDPA Adapter - USB;c:\windows\system32\drivers\br3gmdm.sys [04/06/2009 12:41 ص 104448]
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=%s
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: Microsoft XML Parser for Java
DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} - hxxp://voice34.digivoice.net/ReadUid.CAB
DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} - hxxp://174.36.238.30/saudi1999/talks3n.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\rvy3u7jd.default\
FF - component: c:\documents and settings\User\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-28 08:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1056)
c:\windows\system32\igfxdev.dll

- - - - - - - > 'lsass.exe'(1112)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2009-06-28  8:22
ComboFix-quarantined-files.txt  2009-06-28 05:22

Pre-Run: 75,649,503,232 bytes free
Post-Run: 75,671,306,240 bytes free

282

FireFox · 28 يونيو 2009

مرحباً

ياليت تقرير هايجك بدون كود .. وياليت تقولي من متى حدثت معاك المشكله ؟

moad3 · 28 يونيو 2009

المشكلة لاحظتها في الفتره الاخيرة

لاني من زمان وانا اخلي الجهاز على وضع الإستعداد

طبعاً الجهاز لاب توب

التقارير جميعهم هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عاشق الصيانة · 28 يونيو 2009

تأكدي ان جهاز خالي من الفيروسات والباتشان
الان بعض الفيروسات تعمل المشاكل دي

moad3 · 28 يونيو 2009

بحثت بالافيرا نفس الشي ماطلع لي اي شي

وشكراً لمشاركتك يعطيك العافيه

moad3 · 28 يونيو 2009

uppppp

FireFox · 28 يونيو 2009

مرحباً

قم بأصلاح القيم التاليه في الهايجك

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

---
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

---
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

---
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
---

طريقة الاصلاح

---

بعد ذلك قم بتحميل اداة المكافي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وخلها تعمل فحص للجهاز وعطنا التقرير مع تقرير هايجك جديد .

moad3 · 28 يونيو 2009

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:50:30 م, on 28/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {B7FDB0C3-4724-46D2-B8DB-6FA1DC63F7CA} (ReadUid.UserControlMacEntry) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:\Program Files\BandRich\BandLuxe HSDPA Utility R11\BRService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 7864 bytes

جاري التحميل اداة المكافي

moad3 · 29 يونيو 2009

تسلم والله يعطيك العافيه

ماقصرت

ابشرك انحلت المشكلة
وشكرا

FireFox · 29 يونيو 2009

الحمدلله على حل المشكله ..

مشكلتي مايعيد التشغيل الجهاز

moad3

زيزوومى متألق

توقيع : moad3

FireFox

زيزوومى مبدع

توقيع : FireFox

moad3

زيزوومى متألق

توقيع : moad3

عاشق الصيانة

زيزوومي جديد

moad3

زيزوومى متألق

توقيع : moad3

moad3

زيزوومى متألق

توقيع : moad3

FireFox

زيزوومى مبدع

توقيع : FireFox

moad3

زيزوومى متألق

توقيع : moad3

moad3

زيزوومى متألق

توقيع : moad3

FireFox

زيزوومى مبدع

توقيع : FireFox

NTLite Business 2025.8.10552 X64