برنامجين حاولت حذفهمها ولم استطع بكل المحاولات ..

ز

زهرة الياسمين

زيزوومي نشيط
إنضم
3 أبريل 2009
المشاركات
156
مستوى التفاعل
0
النقاط
200
غير متصل
سلام عليكم

أسعد الله أقاتكم بكل خير

إخوتي

مشكلتي مع برنامجي ادوبا

Adobe Flash CS3
Adobe Dreamweaver CS4

طبعا كانوا موجودين في جهازي وانتهيت منهم والحين حابه احذفهم

حاولت حذفهم عن طريق control panel ولم ينحذفوا

حاولت معاهم عن طريق برنامج perfect uninstaller ولم ينحذفوا

حاولت معاهم عن طريق أدوات موجودة في موقع ادوبا ولم ينحذفوا

كل المحاولات السابقة جربتها عن طريق save mode

وبرضه ما زالا في الجهاز

طبعا أرجو منكم مساعدتي بأسرع وقت ممكن وهذا تقرير الجهاز

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:32:25 PM, on 3/3/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\ApVxdWin.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ????? ????? ?????? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] "%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [OnScreenDisplay] "C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [hpqSRMon] "C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe"
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] "C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Ashampoo AntiSpyWare 2 Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MalwareRemovalBot] C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Vongo Tray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Vbuzzer RSS list - C:\Program Files\vbuzzer\addurl.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MalwareRemovalBot Scanning Engine (MalwareRemovalBotSrv) - Unknown owner - C:\Program Files\MalwareRemovalBot\MalwareRemovalBot.srv.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrvx86.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12085 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات

يمه :er:

للأسف ماا اعرف :no:

<<<< انت حل مشكلتك بالاول وبعدين حل مشاكل الناس :d:

الي يشوف مصيبت غيره تهون عليه مصيبته :hh:

انا مشكلتي شحليلهاا صغينونه :i:

بس انتي مشكلتك كبيره :er:

الله يعنيك خيتووو :er:

تحياتي :b:
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : algnral
تأييد 0
يعيطكم العافية [/FONT]

أخوي الجنرال هذا التقرير [/FONT]

ComboFix 09-06-29.02 - Ab 06/29/2009 21:16.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1982.940 [GMT -5:00]
Running from: c:\users\Ab\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
AV: The Shield Deluxe 2009 Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Avira AntiVir PersonalEdition *enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: MalwareRemovalBot *enabled* (Updated) {7B12ED0D-E836-4C9A-AD31-661435BB9C3D}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: The Shield Deluxe 2009 Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\System\Uninstall
c:\windows\system32\KBL.LOG
D:\Desktop.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_RelevantKnowledge


((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 )))))))))))))))))))))))))))))))
.

2009-06-30 02:05 . 2009-06-30 02:05 -------- d-----w- C:\32788R22FWJFW.0.tmp
2009-06-28 05:39 . 2009-06-28 05:39 -------- d-----w- c:\program files\Opera
2009-06-27 00:18 . 2009-06-27 00:18 746744 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-06-26 00:18 . 2009-06-26 12:16 -------- d-----w- C:\Portfolio
2009-06-15 06:45 . 2009-06-15 07:14 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-10 05:10 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-10 05:10 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-09 11:09 . 2009-06-09 11:11 -------- d-----w- C:\SmartDraw 2009
2009-06-08 23:12 . 2009-06-08 23:12 33808 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-06-08 23:12 . 2009-06-08 23:12 206088 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-06-08 23:12 . 2009-06-08 23:12 239120 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\Vista\klif.sys
2009-06-08 23:02 . 2009-06-08 23:12 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-08 23:02 . 2009-06-08 23:12 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-08 23:01 . 2009-06-30 00:58 -------- d-----w- c:\programdata\Kaspersky Lab
2009-06-08 23:01 . 2009-06-08 23:01 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-08 23:01 . 2009-06-30 02:28 876576 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-08 23:01 . 2009-06-30 02:28 7562272 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-08 22:11 . 2009-06-30 00:03 -------- d-----w- c:\program files\Perfect Uninstaller
2009-06-08 21:31 . 2009-06-08 21:31 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-06-06 00:21 . 2009-06-06 00:28 -------- d-----w- c:\users\Ab\AppData\Roaming\Download Manager
2009-06-05 04:14 . 2009-06-05 04:58 -------- d-----w- c:\users\Ab\New Folder (2)
2009-06-02 22:41 . 2009-06-02 22:41 -------- d-----w- c:\program files\Ask Search Assistant
2009-06-02 01:53 . 2009-06-02 01:53 -------- d--h--r- C:\MSOCache
2009-06-02 00:09 . 2009-06-02 00:33 -------- d-----w- c:\users\Ab\AppData\Roaming\GetRightToGo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-30 02:28 . 2009-06-08 23:01 61208 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-30 02:28 . 2009-06-08 23:01 4076 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-30 02:28 . 2008-03-27 03:50 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-29 02:27 . 2008-09-01 05:11 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-25 10:35 . 2008-11-11 05:21 -------- d-----w- c:\users\Ab\AppData\Roaming\MxBoost
2009-06-15 07:16 . 2008-07-12 20:12 -------- d-----w- c:\program files\DivX
2009-06-15 07:15 . 2008-09-06 21:26 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-15 06:49 . 2008-04-07 03:18 -------- d-----w- c:\program files\Google
2009-06-14 23:24 . 2009-01-17 05:58 1 ----a-w- c:\users\Ab\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-10 05:19 . 2007-11-02 09:16 -------- d-----w- c:\programdata\Microsoft Help
2009-06-08 23:12 . 2008-01-29 22:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-08 21:07 . 2009-05-28 08:23 -------- d-----w- c:\programdata\Avira
2009-06-05 23:08 . 2009-02-28 12:57 -------- d-----w- c:\users\Ab\AppData\Roaming\MalwareRemovalBot
2009-06-05 06:52 . 2008-04-20 08:23 7944 ----a-w- c:\users\Ab\AppData\Local\d3d9caps.dat
2009-06-03 08:09 . 2008-03-16 19:15 112032 ----a-w- c:\users\Ab\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-03 07:18 . 2008-03-26 16:30 -------- d-----w- c:\users\Ab\AppData\Roaming\Skype
2009-06-03 05:08 . 2008-03-26 16:41 -------- d-----w- c:\users\Ab\AppData\Roaming\skypePM
2009-06-02 22:41 . 2008-03-26 04:10 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-02 02:01 . 2008-11-02 14:14 -------- d-----w- c:\program files\Microsoft.NET
2009-06-02 00:15 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-05-28 18:31 . 2008-08-01 04:38 -------- d-----w- c:\program files\oovooToolbar
2009-05-28 08:12 . 2007-11-02 07:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-22 16:31 . 2007-11-02 08:53 -------- d-----w- c:\program files\Microsoft Works
2009-05-22 16:31 . 2008-10-12 02:38 -------- d-----w- c:\program files\Common Files\Skype
2009-05-22 16:31 . 2009-02-27 21:29 -------- d-----w- c:\programdata\Backup
2009-05-18 19:54 . 2009-05-17 02:55 -------- d-----w- c:\program files\Gabest
2009-05-16 00:44 . 2009-05-16 00:44 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2009-05-13 04:50 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-12 10:33 . 2009-05-05 13:18 -------- d-----w- c:\program files\Athan
2009-05-12 10:31 . 2009-05-12 10:32 737280 ----a-w- c:\windows\iun6002.exe
2009-05-09 05:50 . 2009-06-09 21:19 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-09 21:19 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-06 07:15 . 2009-05-06 07:15 -------- d-----w- c:\users\Ab\AppData\Roaming\PeerNetworking
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-23 12:43 . 2009-06-09 21:19 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-09 21:19 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-09 21:19 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-24 455968]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-07 3885408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"RegistryMechanic"="c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-19 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-19 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-19 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-02 289576]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-24 185872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"Athan"="c:\program files\Athan\Athan.exe" [2009-05-01 1130496]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-06-08 206088]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Vongo Tray.lnk - c:\windows\Installer\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}\NewShortcut2_DB7E00C96DEF489A8112D8F81614F45A.exe [2007-11-2 53248]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-1-22 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Ab^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
path=c:\users\Ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Media Player.lnk
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Ab^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WordWeb.lnk]
path=c:\users\Ab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WordWeb.lnk
backup=c:\windows\pss\WordWeb.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy]
"<NO NAME>"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
"<NO NAME>"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications]
"<NO NAME>"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\AuthorizedApplications\List]
"<NO NAME>"=
"c:\\Program Files\\Vongo\\VongoService.exe"= c:\program files\Vongo\VongoService.exe:*:enabled:VongoService

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0D1A302D-8F2B-415C-86F9-DA1542419F2D}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D03E6D96-2E82-4B3C-B1C8-48029A001DF0}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{28C3ABFA-31CF-4625-9894-78C32C773282}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4D630C61-B791-4168-9D33-4A64A5F7450F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8F96A033-C107-4059-B309-EF34092D92F5}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{45AEBAB3-743C-4A9F-A278-BA597C8B0134}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{91D340FD-2951-4E5B-87C2-57F25A5923BC}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{97FC2888-0F83-456D-B694-B39264C88932}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{57A55DCB-2730-478E-98EB-6CC3C4E96661}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{0AD5B223-8147-4E9A-B40B-8DF3ECAA4298}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{7F4D586F-1FB1-4F87-978D-12AB0058D589}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{6EB0336D-53F9-4864-8A4A-8B14ED0069F1}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{53E28EF3-3999-4DDD-A7B6-72AD067CFC28}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{149F0C43-358E-424E-8C98-7097337AB19B}"= UDP:443:ooVoo TCP port 443
"{D4526310-F637-4861-987C-7075B9BD624B}"= TCP:443:ooVoo UDP port 443
"{3781E248-A3A1-465A-BC02-EB96B3B8B70E}"= UDP:37674:ooVoo TCP port 37674
"{810A7D12-2ED6-43FD-B1D4-48C6015E2DA6}"= TCP:37674:ooVoo UDP port 37674
"{6C1823E1-0A80-4745-A01D-B48EBA80E556}"= TCP:37675:ooVoo UDP port 37675
"TCP Query User{78387AC9-89AD-4919-B16C-AF82C42EA843}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{082BE4E4-D006-44BA-A12C-8061B64CC8B1}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{C27C5A97-7BA3-481C-B085-CF1EFAC41B20}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{FF0909DA-4CB6-490E-9CC1-7641C75E4E3D}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{13CE4F1D-E58C-4A63-902F-0017B1FDC37B}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{ECB6366E-B9A0-47F4-9AEE-AD0CE8C611DA}c:\\program files\\safari\\safari.exe"= UDP:c:\program files\safari\safari.exe:Safari Web Browser
"UDP Query User{C15A5F38-570D-44FD-A33F-41DD280E388B}c:\\program files\\safari\\safari.exe"= TCP:c:\program files\safari\safari.exe:Safari Web Browser
"{5357FFFD-AE59-48FC-BD22-C6A4E9A22B37}"= UDP:c:\program files\vbuzzer\VBuzzer.exe:VBuzzer Messenger
"{43BC8E64-861A-4F65-A7CB-B6CC1CDE4B3B}"= TCP:c:\program files\vbuzzer\VBuzzer.exe:VBuzzer Messenger
"TCP Query User{F0AE9DC7-3F2C-42B9-B6AF-70B8915C95F2}c:\\program files\\relevantknowledge\\rlvknlg.exe"= UDP:c:\program files\relevantknowledge\rlvknlg.exe:rlvknlg.exe
"UDP Query User{9011E383-73B8-44F9-AB19-4D786147234D}c:\\program files\\relevantknowledge\\rlvknlg.exe"= TCP:c:\program files\relevantknowledge\rlvknlg.exe:rlvknlg.exe
"{7F56CB1D-2484-40C5-A508-937B90094F9F}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{57D72E47-D409-4572-8C2C-D3116E56B235}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A194E85E-FC02-455E-A1CF-BFFF83BF8B34}"= UDP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe
"{3DC2D009-EC90-4258-A01C-AD1D1A1D10CA}"= TCP:c:\program files\RelevantKnowledge\rlvknlg.exe:rlvknlg.exe
"TCP Query User{0B1A656A-6F23-48E6-AA88-6499F6DB318F}c:\\program files\\jlc's software\\internet tv\\internet tv.exe"= UDP:c:\program files\jlc's software\internet tv\internet tv.exe:Internet TV
"UDP Query User{24172EC0-A20D-47F6-AF45-163CE9E70376}c:\\program files\\jlc's software\\internet tv\\internet tv.exe"= TCP:c:\program files\jlc's software\internet tv\internet tv.exe:Internet TV
"{17653971-94D0-43DC-A845-6A8D1F8F2835}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{77D463FC-69BB-452A-9141-F08D361958F6}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [1/29/2008 5:29 PM 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [7/9/2008 5:28 PM 20496]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [3/13/2008 6:02 PM 26640]
S2 gupdate1c9ed85b900095;Google Update Service (gupdate1c9ed85b900095);c:\program files\Google\Update\GoogleUpdate.exe [6/15/2009 1:46 AM 133104]
S2 WRConsumerService;Webroot Client Service;"c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe" --> c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-06-30 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-15 06:45]

2009-06-30 c:\windows\Tasks\User_Feed_Synchronization-{048C482B-ED86-415A-A460-6FAB95109772}.job
- c:\windows\system32\msfeedssync.exe [2009-05-13 11:31]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Ashampoo AntiSpyWare 2 Guard - c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
HKCU-Run-SpybotSD TeaTimer - d:\spybot - search & destroy\TeaTimer.exe
HKCU-Run-AdobeBridge - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.plusnetwork.com
mStart Page = hxxp://iniciopagle.com/home.php?id=1866
uInternet Settings,ProxyOverride = *.local
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Add to Vbuzzer RSS list - c:\program files\vbuzzer\addurl.htm
IE: Add to Windows &Live Favorites -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - c:\users\Ab\AppData\Roaming\Mozilla\Firefox\Profiles\i1hwojll.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-29 21:33
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\wlanext.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\System32\drivers\XAudio.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2009-06-30 21:41 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-30 02:41

Pre-Run: 94,174,658,560 bytes free
Post-Run: 96,028,348,416 bytes free

320 --- E O F --- 2009-06-29 19:48
 
تأييد 0
جربي الحذف الان واذا مانذف صوري الشاشه على الرساله الي تطلع لك
 
توقيع : algnral
تأييد 0
أخوي الجنرال

لما اجي احذف البرنامج عن طريق الكنترول بانيل

يجلس معلق ولما اضغط عليه مره ثانية تطلع هالصورة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
مع العلم ان ثقافتي فرنسيه
بس نطقطق بالانجليزي
يقولك انتظري فيه برنامج يثبت اذا تثبتين برنامج اخر انتظري لمن ينتهيي
بعدين احذفي
 
توقيع : algnral
تأييد 0
معليش المربع النصي يقول

انتظر حتى البرنامج يحذف وتغير اللي تبغاه

بس هو على هذا الحال

الى ان اطفي الجهاز او اعمل له ريستار

اتمنى اتضحت الصورة

دمت بخير
 
تأييد 0
ماعليش ع المداخله
جربي برنامج Your Uninstaller 2008

و الاخ الجنرال الله يعافيه ماراح يقصير معاكي :)
 
تأييد 0
De16 قال:
ماعليش ع المداخله
جربي برنامج Your Uninstaller 2008

و الاخ الجنرال الله يعافيه ماراح يقصير معاكي :)
أنقر للتوسيع...

:ok::ok:
فديت الي رد انا
 
توقيع : algnral
تأييد 0
مشكورين على هالتفاعل

بس انا استخدم برنامج perfect uninstaller

من واقع تجربة افضل من Your Uninstaller 2008

دمتم بخير
 
التعديل الأخير بواسطة المشرف:
تأييد 0
لاجربت ذا ولا ذا ابشرك بس هذا الاخير الاشهر فيهم
جربي وشوفي
 
توقيع : algnral
تأييد 0
algnral قال:
:ok::ok:
فديت الي رد انا
أنقر للتوسيع...

:d:
:


زهرة الياسمين

بكيفك استخدمي الي تبين :d: لكن بصراحه البيرفكت هذا يقعد يبحث ويدووور سااعه وفي النهايه مايحذف كل الملفات
عكس Your Uninstaller يحذفها تمااااااااااااامااا
عن تجربه :ok:
 
تأييد 0
مشكورين ولكن ليس هناك اي فائدة من برنامج Your Uninstaller

للرفع
 
تأييد 0
اهلاً بك اختي زهرة الياسمين :smile: ...

تفضلي هذا البرنامج المطلوب نسخة محمولة \ Portable ,,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



,,,

وهذي برامج اضافية ... :smile:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


,,,

وياليت تعطيني تقرير هايجاك جديد :smile:
 
توقيع : فـهـد
تأييد 0
أخوي فهد

يعطيك العافية

حاولت استخدم البرنامج الاول و الثاني ولكن للاسف ما نفعوا في حذف البرنامج

بالنسبة لبرنامج ريفو صار له اكثر من ساعة ونص على هذا الحال شوف الصورة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


دمت بخير
 
تأييد 0
للاحاطة الان control panel متعطلة

وهذه صورة لها

1g5uiv4p8.jpg
 
تأييد 0
شوفي اختي في طريقه سهله
اول شي دخلي ملف تثبيت الفوتوشوب ثم بيطلعلك ثلاث خيارات وهي اصلاح او ازاله
اختاري ازاله
 
توقيع : v.i.p
تأييد 0
اهلاً بك مرة اخرى :smile: ,,

جربي هذا البرنامج :smile:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا حملتي البرنامج افعلي الآتي:


i19898_122.png


من هنا الغي تثبيت البرنامجين

,,,,,

وبعدها هاتي تقرير هايجاك :smile:

لتحميل البرنامج:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغلي البرنامج ----> واضغطي على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة ----> انسخيه والصقيه بردك القادم :smile: ,,
 
توقيع : فـهـد
تأييد 0
أخوي فهد يعطيك العافية البرنامج لم يستطع حذفه

للايضاح اكثر حينما اضغط على زر الالغاء لا يعمل

بينما جربت تنظيف الجهاز من الملفات الضارة وحذفها

دمت بخير
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى