مشكله في القرص c مره ثاانيه

[شــوق]

السلام عليكم​

مدري وش المشكله يطلع معي كذا ولا معلوميه جهازي فاضي مافيه شي كثير:no:
بعد حذفت الفتوشوب :y:​

مااني عارفه وش علة الاجهااز :er:​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[النقيب]

انقلي ملفاتك للقرص d
​

 

[bshanti]

حاولي تعرفي ايش اكثر ملف ماخذ منك مساحة واحذفيه او انقليه على D زي ما قالك yahweh او شوفيلك برنامج تنظيف زي CCleaner او ATF Cleaner يساعدك اكثر في تنظيف جهازك من الملفات الي مالها داعي

 

[شــوق]

اخواني سويت كل شي بس مااصر شي نفس المشكله:er:

 

[البارون]

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم​

 

[شــوق]

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log

لحظات .. ويظهر لك تقرير ==> انسخه والصقه بردك القادم
​

تفضل اخوووي :y:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:28:08 م, on 13/08/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2a.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Windows\system32\conime.exe
C:\Users\user\Desktop\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Win Base 4 Download] "C:\ProgramData\Burn ball bleh.7i7vl"
O4 - HKCU\..\Run: [WARN ONE] "C:\ProgramData\error help help.evssb"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
--
End of file - 6624 bytes​

 

[البارون]

عطل برامج الحماية عن العمل[/FONT]
[/FONT]ثم [/FONT]
[/FONT]حمل الاداة التالية واحفظها على سطح المكتب[/FONT]
[/FONT]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/FONT]عند تشغيلها بتظهر لك رسالة ,, اضغط على [/FONT]>> Yes[/FONT]
[/FONT]بعدها بتظهر لك رساله ثانيه ,, اضغط على [/FONT]>> Yes[/FONT]
[/FONT]اثناء الفحص ممكن يعاد تشغيل الجهاز[/FONT]
[/FONT]وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه[/FONT]
[/FONT]لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي[/FONT]
[/FONT]انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة[/FONT]​

 

[back1]

اختي من تقرير الهايجاك احذفي الآتي :

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKCU\..\Run: [Win Base 4 Download] "C:\ProgramData\Burn ball bleh.7i7vl"

O4 - HKCU\..\Run: [WARN ONE] "C:\ProgramData\error help help.evssb"


طريقة الحذف

​

 

[شــوق]

عطل برامج الحماية عن العمل[/FONT]

ثم [/FONT]
حمل الاداة التالية واحفظها على سطح المكتب[/FONT]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على [/FONT]>> Yes[/FONT]
بعدها بتظهر لك رساله ثانيه ,, اضغط على [/FONT]>> Yes[/FONT]
اثناء الفحص ممكن يعاد تشغيل الجهاز[/FONT]
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه[/FONT]
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي[/FONT]
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة[/FONT]​

تفضل اخوووووي




ComboFix 09-08-10.06 - user 08/13/2009 20:58.1.2 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1256.966.1025.18.1015.290 [GMT 3:00]
Running from: c:\users\user\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-51003140-4199384537-3980697693-500
c:\recycler\S-1-5-21-1220945662-527237240-1644491937-1003
c:\recycler\S-1-5-21-1644491937-682003330-908645863-1003
c:\windows\system32\kakle.dll
c:\windows\system32\Ultra.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
.
((((((((((((((((((((((((( Files Created from 2009-07-13 to 2009-08-13 )))))))))))))))))))))))))))))))
.
2009-08-13 18:16 . 2009-08-13 18:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-12 14:42 . 2009-08-12 14:42 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-12 14:22 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-08-12 14:22 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-12 14:22 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-12 14:22 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-12 14:22 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll
2009-08-12 14:22 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-12 14:22 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe
2009-08-12 14:22 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-12 06:08 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-12 06:08 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-12 06:07 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-12 06:07 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-12 06:06 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-12 06:06 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-12 06:06 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-12 06:06 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-05 16:03 . 2009-08-05 16:03 -------- d-----w- c:\program files\VS Revo Group
2009-07-23 16:46 . 2009-07-23 16:46 778240 ----a-w- c:\programdata\LOADMORELIST\girawsph.exe
2009-07-23 16:44 . 2009-07-23 16:44 294912 ----a-w- c:\programdata\LOADMORELIST\zmcshyjv.exe
2009-07-22 12:54 . 2009-07-22 12:54 390664 ----a-w- c:\users\user\AppData\Roaming\Real\RealPlayer\Update\realplayer11gold.exe
2009-07-22 12:53 . 2009-07-22 12:53 390664 ------w- c:\users\user\AppData\Roaming\Real\Update\temp\~Upg3\realplayer11gold.exe
2009-07-17 07:01 . 2009-07-17 07:01 932368 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-07-17 07:01 . 2009-07-17 07:01 678416 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-07-17 07:01 . 2009-07-17 07:01 604688 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-07-17 07:01 . 2009-07-17 07:01 1096208 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-07-17 07:01 . 2009-07-17 07:01 522768 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-07-17 06:58 . 2009-07-17 06:58 128016 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-07-17 06:58 . 2009-07-17 06:58 280592 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.459\sys\i386\6.0\klif.sys
2009-07-17 06:58 . 2009-07-17 06:58 128016 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-07-17 06:58 . 2009-07-17 06:58 280592 ----a-w- c:\programdata\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\6.0\klif.sys
2009-07-17 06:49 . 2009-07-17 06:49 604140 --sha-w- c:\windows\system32\drivers\ISwift3(48).dat
2009-07-17 06:49 . 2009-07-17 06:49 604140 ----a-w- c:\windows\system32\drivers\ISwift3(59).dat
2009-07-17 06:49 . 2009-07-17 06:49 604140 ----a-w- c:\windows\system32\drivers\ISwift3(46).dat
2009-07-17 06:49 . 2009-07-17 06:49 604140 ------w- c:\windows\system32\drivers\ISwift3.dat
2009-07-17 06:16 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-17 06:16 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-17 06:16 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-17 06:16 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-16 06:38 . 2009-07-16 06:38 835584 ----a-w- c:\windows\system32\maae.dll
2009-07-16 06:38 . 2009-07-16 06:38 729088 ----a-w- c:\windows\system32\maad.dll
2009-07-16 06:38 . 2009-07-16 06:38 450560 ----a-w- c:\windows\system32\maai.dll
2009-07-16 06:38 . 2009-07-16 06:38 335872 ----a-w- c:\windows\system32\maac.dll
2009-07-16 06:38 . 2009-07-16 06:38 315392 ----a-w- c:\windows\system32\maab.dll
2009-07-16 06:38 . 2009-07-16 06:38 311296 ----a-w- c:\windows\system32\maaf.dll
2009-07-16 06:38 . 2009-07-16 06:38 1040384 ----a-w- c:\windows\system32\maah.dll
2009-07-16 06:38 . 2009-07-16 06:38 1843200 ----a-w- c:\windows\system32\maaa.dll
2009-07-14 18:43 . 2009-07-16 06:39 -------- d-----w- c:\program files\ArabicSounde
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-30 15:05 . 2009-05-25 15:26 66792 ----a-w- c:\windows\Fonts\SC_SHARJAH.ttf
2016-12-30 15:02 . 2009-05-25 15:26 75820 ----a-w- c:\windows\Fonts\SC_DUBAI.ttf
2009-08-13 17:27 . 2009-06-17 10:35 -------- d-----w- c:\programdata\Kaspersky Lab
2009-08-13 14:49 . 2009-06-22 10:56 -------- d-----w- c:\programdata\Microsoft Help
2009-08-13 14:36 . 2009-05-15 04:46 177480 ----a-w- c:\users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-13 12:16 . 2009-06-20 17:15 -------- d-----w- c:\program files\Bug Doctor
2009-08-13 12:10 . 2006-12-05 05:25 71604 ----a-w- c:\windows\system32\perfc001.dat
2009-08-13 12:10 . 2006-12-05 05:25 407806 ----a-w- c:\windows\system32\perfh001.dat
2009-08-13 00:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-11 00:14 . 2009-06-27 10:42 -------- d-----w- c:\users\user\AppData\Roaming\MessengerDiscovery 2
2009-08-09 09:38 . 2009-07-13 06:27 -------- d-----w- c:\program files\Cirle Developement
2009-07-31 18:31 . 2009-07-31 18:36 26528 ----a-w- c:\windows\Fonts\NASALIZA.TTF
2009-07-23 19:08 . 2009-07-13 06:28 -------- d-----w- c:\programdata\Browse Dent Win Base
2009-07-23 16:46 . 2009-07-13 06:29 294912 ----a-w- c:\programdata\LOADMORELIST\Dupe Draw Grey Two.exe
2009-07-23 16:46 . 2009-07-13 06:28 -------- d-----w- c:\programdata\LOADMORELIST
2009-07-21 21:52 . 2009-07-29 15:04 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 15:04 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 15:04 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 15:04 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 06:58 . 2009-05-24 12:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-17 06:36 . 2009-06-17 10:35 -------- d-----w- c:\program files\Kaspersky Lab
2009-07-17 06:20 . 2009-05-15 05:45 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-07-16 06:38 . 2009-05-21 06:27 196608 ----a-w- c:\windows\system32\maag.dll
2009-07-16 06:38 . 2009-05-21 06:26 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-07-16 06:14 . 2009-05-19 20:24 -------- d-----w- c:\program files\Real_SC
2009-07-14 18:28 . 2009-07-14 16:14 -------- d-----w- c:\program files\AqarManager4
2009-07-14 16:23 . 2009-07-14 16:23 -------- d-----w- c:\program files\mp3DirectCut
2009-07-13 20:02 . 2009-07-10 10:05 -------- d-----w- c:\program files\Kelk 2000
2009-07-13 08:16 . 2009-07-13 08:16 -------- d-----w- c:\users\user\AppData\Roaming\FastStone
2009-07-13 08:16 . 2009-07-13 08:16 -------- d-----w- c:\program files\FastStone Capture
2009-07-13 07:25 . 2009-07-13 07:25 -------- d-----w- c:\program files\CCleaner
2009-07-13 06:28 . 2009-07-13 06:28 741376 ----a-w- c:\programdata\LOADMORELIST\ptmekmde.exe
2009-07-13 06:27 . 2009-05-15 09:10 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-12 08:30 . 2009-07-12 08:30 -------- d-----w- c:\program files\NiiMe
2009-07-11 16:31 . 2009-06-27 10:41 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-07-10 16:58 . 2009-05-22 11:07 -------- d-----w- c:\program files\JetAudio
2009-07-10 07:52 . 2009-07-10 07:52 -------- d-----w- c:\program files\RegCleaner
2009-07-07 17:18 . 2009-07-07 17:18 -------- d-----w- c:\program files\Systweak Photoalbum
2009-07-06 23:12 . 2009-07-06 23:12 -------- d-----w- c:\users\user\AppData\Roaming\TeamViewer
2009-07-05 12:52 . 2009-07-05 12:52 390664 ------w- c:\users\user\AppData\Roaming\Real\Update\temp\~Upg1\realplayer11gold.exe
2009-07-01 14:46 . 2009-07-01 14:46 -------- d-----w- c:\users\user\AppData\Roaming\InstallShield
2009-06-30 14:02 . 2009-06-30 14:02 -------- d-----w- c:\users\user\AppData\Roaming\Syntrillium
2009-06-30 14:01 . 2009-06-30 14:00 -------- d-----w- c:\program files\coolpro2
2009-06-25 07:38 . 2009-06-25 07:38 -------- d-----w- c:\programdata\WindowsSearch
2009-06-25 05:06 . 2009-05-16 07:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-24 13:00 . 2009-05-17 09:26 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-22 10:59 . 2009-06-22 10:59 -------- d-----w- c:\program files\Microsoft.NET
2009-06-21 10:14 . 2009-06-21 10:14 552 ----a-w- c:\users\user\AppData\Local\d3d8caps.dat
2009-06-20 19:50 . 2009-06-20 19:50 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Journal
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-20 09:31 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-06-20 09:28 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-20 09:05 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-06-20 09:04 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-06-20 08:22 . 2009-06-20 08:22 -------- d-----w- c:\program files\Common Files\delet
2009-06-18 16:27 . 2009-06-18 16:27 -------- d-----w- c:\users\user\AppData\Roaming\PeerNetworking
2009-06-18 08:49 . 2009-06-18 08:49 -------- d-----w- c:\program files\NO1 Video Converter
2009-06-17 11:23 . 2009-06-17 11:23 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-17 11:23 . 2009-06-17 11:23 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-16 11:00 . 2009-06-16 11:00 -------- d-----w- c:\program files\CONEXANT
2009-06-16 01:08 . 2009-06-16 01:08 -------- d-----w- c:\program files\Video-AVI to GIF Converter
2009-06-15 20:34 . 2009-06-15 20:34 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-06-15 20:33 . 2009-06-15 20:33 11264 ----a-w- c:\windows\system32\icardres.dll
2009-06-15 20:33 . 2009-06-15 20:33 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-06-15 20:33 . 2009-06-15 20:33 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-15 20:33 . 2009-06-15 20:33 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-06-15 20:33 . 2009-06-15 20:33 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-06-15 20:33 . 2009-06-15 20:33 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-06-15 19:50 . 2009-06-15 19:50 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-15 16:58 . 2009-06-15 16:58 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-06-04 16:00 . 2009-06-04 16:00 59992 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.459\English\setup.exe
2009-06-03 18:26 . 2009-06-03 18:32 37408 ----a-w- c:\windows\Fonts\Visitor TT2 -BRK-_0.ttf
2009-05-25 02:21 . 2009-05-25 02:21 219664 ----a-w- c:\windows\system32\klogon.dll
2009-05-25 02:18 . 2009-05-25 02:18 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-05-22 12:36 . 2009-05-22 12:36 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-22 12:36 . 2009-05-22 12:36 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-18 08:43 . 2009-05-18 08:44 110592 ----a-w- c:\windows\Fonts\Diwani_Letter.ttf
2009-05-17 08:39 . 2009-05-17 08:39 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-05-17 08:39 . 2009-05-17 08:39 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-17 08:39 . 2009-05-17 08:39 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-05-17 08:39 . 2009-05-17 08:39 83968 ----a-w- c:\windows\system32\mscories.dll
2009-05-17 08:39 . 2009-05-17 08:39 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-05-17 08:03 . 2009-05-17 08:03 98816 ----a-w- c:\windows\system32\mfps.dll
2009-05-17 08:03 . 2009-05-17 08:03 2868736 ----a-w- c:\windows\system32\mf.dll
2009-05-17 08:03 . 2009-05-17 08:03 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-05-17 08:03 . 2009-05-17 08:03 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-05-17 08:03 . 2009-05-17 08:03 2048 ----a-w- c:\windows\system32\mferror.dll
2009-05-17 08:03 . 2009-05-17 08:03 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-05-17 08:03 . 2009-05-17 08:03 94720 ----a-w- c:\windows\system32\logagent.exe
2009-05-17 07:56 . 2009-05-17 07:56 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-05-17 07:56 . 2009-05-17 07:56 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-05-17 07:55 . 2009-05-17 07:55 1645568 ----a-w- c:\windows\system32\connect.dll
2009-05-17 07:52 . 2009-05-17 07:52 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-05-17 07:39 . 2009-05-17 07:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-05-17 07:39 . 2009-05-17 07:39 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-05-16 17:59 . 2009-05-16 17:59 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-02-26 08:25 809864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-02-26 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Win Base 4 Download"="c:\programdata\Burn ball bleh.7i7vl" [X]
"WARN ONE"="c:\programdata\error help help.evssb" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-22 39408]
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2009-04-17 1824040]
"Google Update"="c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-06-24 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-22 198160]
"pdfFactory Pro Dispatcher v3"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" [2007-03-30 503808]
"pdfFactory Pro Dispatcher v2"="c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2003-11-10 385024]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-17 113664]
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-4-25 11057664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9C0AEB45-0EB1-4242-9AF1-DEDA3851FE51}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{7B893C00-5343-477C-841B-4D6994621F19}c:\\program files\\paltalk messenger\\paltalk.exe"= UDP:c:\program files\paltalk messenger\paltalk.exealtalkScene
"UDP Query User{39036182-143C-49FE-938E-35CCE38DD9FE}c:\\program files\\paltalk messenger\\paltalk.exe"= TCP:c:\program files\paltalk messenger\paltalk.exealtalkScene
"TCP Query User{64A08AD6-D88C-44E5-B385-FDF85CDE1FB3}c:\\program files\\windows sidebar\\sidebar.exe"= UDP:c:\program files\windows sidebar\sidebar.exe:‎‎الشريط الجانبي لـ Windows
"UDP Query User{7C5F3261-D7DF-477B-B290-AEC70985E50B}c:\\program files\\windows sidebar\\sidebar.exe"= TCP:c:\program files\windows sidebar\sidebar.exe:‎‎الشريط الجانبي لـ Windows
"{F6D4D1CF-CB94-4E82-A054-E82B638B1E9B}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{AED472DA-0AC4-4065-99DE-159B2E9A7FB9}c:\\appserv\\apache2.2\\bin\\httpd.exe"= UDP:c:\appserv\apache2.2\bin\httpd.exe:Apache HTTP Server
"UDP Query User{66567F2C-9193-4056-A06D-A24053679E93}c:\\appserv\\apache2.2\\bin\\httpd.exe"= TCP:c:\appserv\apache2.2\bin\httpd.exe:Apache HTTP Server
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/08 08:41 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/09 06:50 م 21008]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/09 08:59 م 19472]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\System32\drivers\ManyCam.sys [14/01/08 01:06 م 21632]
S2 Apache2.2;Apache2.2;c:\appserv\Apache2.2\bin\httpd.exe [09/01/07 07:17 م 20539]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555032462-853724406-3325650709-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-24 02:41]
2009-08-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2555032462-853724406-3325650709-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-24 02:41]
2009-08-13 c:\windows\Tasks\User_Feed_Synchronization-{7A277ECF-4D88-4738-B860-897BC77CC298}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-08-13 21:17
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-08-13 21:26
ComboFix-quarantined-files.txt 2009-08-13 18:26
Pre-Run: 888,606,720 bytes free
Post-Run: 1,451,270,144 bytes free
277 --- E O F --- 2009-08-13 00:16

 

[النقيب]

تقرير هاي جاك جديد
​

 

[شــوق]

اختي من تقرير الهايجاك احذفي الآتي :​

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)​

O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll​

O4 - HKCU\..\Run: [Win Base 4 Download] "C:\ProgramData\Burn ball bleh.7i7vl"​

O4 - HKCU\..\Run: [WARN ONE] "C:\ProgramData\error help help.evssb"​

طريقة الحذف​

​

​

حذفت اخوي بس ماصر شي :er:

 

[البارون]

تقرير هايجاك جديد

 

[شــوق]

تتفضل اخوووي



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:47:13 م, on 13/08/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2a.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Users\user\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Win Base 4 Download] "C:\ProgramData\Burn ball bleh.7i7vl"
O4 - HKCU\..\Run: [WARN ONE] "C:\ProgramData\error help help.evssb"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
--
End of file - 6088 bytes

 

[back1]

اختي انتي حذفتي اللي قبل ؟؟
لأني اشوف القيم لازالت موجوده في التقرير الجديد

احذفي هالقيم من التقرير

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKCU\..\Run: [Win Base 4 Download] "C:\ProgramData\Burn ball bleh.7i7vl"

O4 - HKCU\..\Run: [WARN ONE] "C:\ProgramData\error help help.evssb"

​

 

[back1]

وممكن تفتحين جهاز الكمبيوتر القرص c وتعطينا صورة منه ؟؟

 

[شــوق]

طيب الحين اخووووي ..



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:57:36 م, on 13/08/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2a.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_13\bin\npjpi142_13.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
--
End of file - 5982 bytes

 

[شــوق]

وممكن تفتحين جهاز الكمبيوتر القرص c وتعطينا صورة منه ؟؟

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[شــوق]

شو اسوي :er:

 

[النقيب]

​

حمل هذا البرنامج [/FONT]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير[/FONT]​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

​

​

​

​

​

انسخ ما بداخل التقرير والصقه بمشاركتك القادمة[/FONT]​

​

​

​

[/FONT]​

​

 

[شــوق]

حمل هذا البرنامج [/FONT]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير[/FONT]​

​

​

​

انسخ ما بداخل التقرير والصقه بمشاركتك القادمة[/FONT]

​

​

​

​

​

اوك الحظه