[تم حل المشكلة]مشكلة البلوتوث

فتاة النرجس · 19 سبتمبر 2009

السلام عليكم ورحمة الله وبركاته
أنا عضوه جديده بينكم وعندي مشكلتين في جهازي واتمنى أن تكون الحلول عندكم
1ـ لابتوبي توشيبا ويندوز فيستا بدون بلوتوث ولكن مركبه في قطعة بلوتوث في مدخل USB وكانت في الاستخدام كل شي تمام ولكن اليوم ظهرت لي مشكله وهي إن البلوتوث مايرسل وتظهر لي هذه الرسالة
وهذه الصورة الأولى

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهذه الصورة الثانيه

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وإذا ضغطت على الخيار الموجودة تظهر لي أيضا ً رسالة يتعذر
2ـ اللابتوب كثير التوقيف
إذا كنت أريد أن أضع رابط في العنوان أحيانا ًَ يوقف أو إذا أريد أن أشغل مقطع صوتي أيضا ً يتوقف عن العمل
فما هو الحل !!!!؟؟؟؟

البارون · 19 سبتمبر 2009

الله يحييك اخوي
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

فتاة النرجس · 19 سبتمبر 2009

مشكور أخوي على المساعدة السريعة

وهذا هو نص التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:21:10 م, on 19/09/09
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~1\Toolbar\grabber.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: سرعة تشغيل Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: خدمة تحديث Google (gupdate1ca125ce56413a) (gupdate1ca125ce56413a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 8950 bytes

algnral · 19 سبتمبر 2009

عطل برنامج الحمايه <<<سكري الكاسبر من شريط المهام

حمل الاداه وضعها على سطح المكتب
حملي من احد هالروابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes

بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

اثناء الفحص ممكن يعاد تشغيل الجهاز

وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى
وانسخه والصقه بردك القادم

البارون · 19 سبتمبر 2009

احذف التالي

O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll

O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll

O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)

حذف القيم , للفيستا

ثم

استخدم هذه الاداة للتنظيف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم تقرير جديد

فتاة النرجس · 20 سبتمبر 2009

مشكور أخي الجنرال
وهذا هو نص التقرير تفضل

ComboFix 09-09-18.02 - zero one 09/20/2009 0:03.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1256.966.1025.18.1915.1129 [GMT 3:00]
Running from: c:\users\zero one\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\system32\kakle.dll
.
((((((((((((((((((((((((( Files Created from 2009-08-19 to 2009-09-19 )))))))))))))))))))))))))))))))
.
2009-09-19 20:18 . 2009-09-19 20:18 -------- d-----w- c:\program files\Trend Micro
2009-09-16 13:58 . 2009-09-19 19:17 -------- d-----w- c:\users\zero one\Tracing
2009-09-16 13:05 . 2009-08-05 19:48 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-09-16 13:05 . 2009-09-16 13:05 -------- dc----w- c:\windows\system32\DRVSTORE
2009-09-16 13:04 . 2009-09-16 13:04 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-16 13:03 . 2006-11-29 10:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-09-16 13:02 . 2009-09-16 13:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-16 12:59 . 2009-09-16 12:59 -------- d-----w- c:\program files\Microsoft
2009-09-16 12:59 . 2009-09-16 12:59 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-16 12:19 . 2009-09-16 12:19 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-10 18:58 . 2009-09-10 18:58 -------- d-----w- c:\program files\ImageBadger
2009-09-10 18:58 . 2009-09-10 18:58 -------- d-----w- c:\users\zero one\AppData\Roaming\ImageBadger
2009-09-09 12:47 . 2009-07-11 19:32 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 12:47 . 2009-07-11 19:32 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 12:47 . 2009-07-11 19:32 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 12:47 . 2009-07-11 19:32 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-09-09 12:47 . 2009-07-11 19:32 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-09-09 12:47 . 2009-07-11 19:26 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 01:09 . 2009-09-09 01:09 -------- d-----w- c:\users\zero one\AppData\Roaming\Uniblue
2009-09-09 01:09 . 2009-09-09 01:09 -------- d-----w- c:\program files\Uniblue
2009-09-02 23:47 . 2009-09-02 23:49 -------- d-----w- c:\users\zero one\AppData\Local\MediaMonkey
2009-09-02 23:47 . 2009-09-02 23:49 -------- d-----w- c:\program files\MediaMonkey
2009-09-02 01:05 . 2009-08-29 03:41 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-09-02 01:05 . 2009-08-29 03:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 01:05 . 2009-08-28 23:31 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-31 00:37 . 2009-09-02 23:26 -------- d-----w- c:\program files\mpegjoin
2009-08-26 23:27 . 2009-06-22 08:44 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-24 02:01 . 2009-06-15 15:25 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-08-24 02:01 . 2009-06-15 15:23 494592 ----a-w- c:\windows\system32\kerberos.dll
2009-08-24 02:01 . 2009-06-15 18:12 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-08-24 02:01 . 2009-06-15 15:29 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-08-24 02:01 . 2009-06-15 15:28 72704 ----a-w- c:\windows\system32\secur32.dll
2009-08-24 02:01 . 2009-06-15 15:28 272384 ----a-w- c:\windows\system32\schannel.dll
2009-08-24 02:01 . 2009-06-15 15:23 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2009-08-24 02:01 . 2009-06-15 13:10 7680 ----a-w- c:\windows\system32\lsass.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-19 19:17 . 2009-07-07 08:29 -------- d-----w- c:\programdata\Kaspersky Lab
2009-09-19 19:17 . 2009-07-07 07:11 1356 ----a-w- c:\users\zero one\AppData\Local\d3d9caps.dat
2009-09-19 19:08 . 2009-07-07 08:29 4744 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-09-19 19:08 . 2009-07-07 08:29 458784 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-09-19 19:08 . 2009-07-07 08:29 3395552 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-09-19 19:08 . 2009-07-07 08:29 30768 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-09-19 19:08 . 2009-07-07 14:53 4132 ----a-w- c:\windows\bthservsdp.dat
2009-09-16 13:05 . 2009-07-07 09:02 -------- d-----w- c:\program files\Windows Live
2009-09-16 12:59 . 2009-07-07 09:03 -------- d-----w- c:\programdata\WindowsLiveInstaller
2009-09-11 01:35 . 2009-07-07 08:29 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-09-11 01:35 . 2009-07-07 08:29 107547 ----a-w- c:\windows\system32\drivers\klin.dat
2009-09-10 00:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-10 00:00 . 2009-07-07 07:39 -------- d-----w- c:\programdata\Microsoft Help
2009-08-14 17:16 . 2009-09-09 12:52 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-08-14 16:42 . 2009-09-09 12:52 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-08-14 16:40 . 2009-09-09 12:52 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-14 16:40 . 2009-09-09 12:52 15360 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 14:25 . 2009-09-09 12:52 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 14:25 . 2009-09-09 12:52 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 14:25 . 2009-09-09 12:52 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 14:25 . 2009-09-09 12:52 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 14:25 . 2009-09-09 12:52 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 14:25 . 2009-09-09 12:52 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 14:25 . 2009-09-09 12:52 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 14:24 . 2009-09-09 12:52 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 14:23 . 2009-09-09 12:52 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-08-02 01:34 . 2009-08-02 01:34 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-08-02 01:34 . 2009-07-07 07:12 115576 ----a-w- c:\users\zero one\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-02 01:22 . 2009-07-07 07:42 -------- d-----w- c:\program files\Microsoft Works
2009-08-01 19:27 . 2009-07-19 21:31 -------- d-----w- c:\program files\DivX
2009-08-01 04:13 . 2009-08-01 04:13 -------- d-----w- c:\users\zero one\AppData\Roaming\Media Player Classic
2009-08-01 03:56 . 2009-07-19 21:32 -------- d-----w- c:\program files\Google
2009-07-31 23:50 . 2009-07-31 23:47 -------- d-----w- c:\program files\IDA
2009-07-31 23:47 . 2009-07-31 23:47 -------- d-----w- c:\users\zero one\AppData\Roaming\Internet Download Accelerator
2009-07-31 22:41 . 2009-07-15 20:36 -------- d-----w- c:\program files\DAP
2009-07-31 22:40 . 2009-07-15 23:19 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-07-31 22:39 . 2009-07-15 20:36 -------- d-----w- c:\programdata\SpeedBit
2009-07-31 22:33 . 2009-07-31 22:33 -------- d-----w- c:\program files\Ask.com
2009-07-30 11:38 . 2009-07-30 11:38 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-30 11:38 . 2009-07-07 15:49 -------- d-----w- c:\program files\Common Files\Real
2009-07-30 11:38 . 2009-07-30 11:38 -------- d-----w- c:\program files\Real
2009-07-30 11:15 . 2009-07-30 11:14 482336 ----a-w- c:\users\zero one\RealPlayer11GOLD.exe
2009-07-26 13:44 . 2009-07-26 13:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-21 21:52 . 2009-08-02 01:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-08-02 01:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-08-02 01:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-08-02 01:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-19 21:32 . 2009-07-19 21:32 56 --sh--r- c:\windows\system32\B542134524.sys
2009-07-19 21:32 . 2009-07-19 21:32 1890 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-07-17 14:52 . 2009-08-13 05:12 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 17:27 . 2009-07-14 17:26 4708336 ----a-w- c:\users\zero one\ikey.exe
2009-07-14 13:02 . 2009-08-13 05:12 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 13:01 . 2009-08-13 05:12 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 13:00 . 2009-08-13 05:12 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 11:11 . 2009-08-13 05:12 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-10 10:07 . 2009-07-10 10:07 306544 ----a-w- c:\windows\WLXPGSS.SCR
2009-07-09 00:19 . 2009-07-09 00:19 268800 ----a-w- c:\windows\system32\es.dll
2009-07-08 02:13 . 2009-07-08 02:13 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-07-08 02:13 . 2009-07-08 02:13 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-07-08 02:13 . 2009-07-08 02:13 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-07-08 02:13 . 2009-07-08 02:13 272896 ----a-w- c:\windows\system32\polstore.dll
2009-07-08 02:11 . 2009-07-08 02:11 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-07-08 02:11 . 2009-07-08 02:11 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-07-08 02:11 . 2009-07-08 02:11 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-07-08 02:11 . 2009-07-08 02:11 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-07-08 02:11 . 2009-07-08 02:11 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-07-08 02:11 . 2009-07-08 02:11 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-07-08 02:10 . 2009-07-08 02:10 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-07-08 02:10 . 2009-07-08 02:10 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-07-08 02:10 . 2009-07-08 02:10 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-07-08 02:10 . 2009-07-08 02:10 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2009-07-08 02:10 . 2009-07-08 02:10 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2009-07-08 02:10 . 2009-07-08 02:10 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-07-08 02:10 . 2009-07-08 02:10 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2009-07-08 02:09 . 2009-07-08 02:09 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-07-08 02:09 . 2009-07-08 02:09 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-07-08 02:09 . 2009-07-08 02:09 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-07-08 00:54 . 2009-07-08 00:54 2028032 ----a-w- c:\windows\system32\win32k.sys
2009-07-08 00:53 . 2009-07-08 00:53 49664 ----a-w- c:\windows\system32\csrsrv.dll
2009-07-08 00:53 . 2009-07-08 00:53 376320 ----a-w- c:\windows\system32\winsrv.dll
2009-07-08 00:51 . 2009-07-08 00:51 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-07-08 00:50 . 2009-07-08 00:50 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-07-08 00:49 . 2009-07-08 00:49 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-07-08 00:49 . 2009-07-08 00:49 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-07-08 00:48 . 2009-07-08 00:48 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-07-08 00:48 . 2009-07-08 00:48 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2009-07-08 00:47 . 2009-07-08 00:47 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-07-08 00:47 . 2009-07-08 00:47 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-07-08 00:45 . 2009-07-08 00:45 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-07-08 00:45 . 2009-07-08 00:45 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-07-08 00:45 . 2009-07-08 00:45 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-07-08 00:44 . 2009-07-08 00:44 414208 ----a-w- c:\windows\system32\msscp.dll
2009-07-08 00:43 . 2009-07-08 00:43 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-07-08 00:43 . 2009-07-08 00:43 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-07-08 00:43 . 2009-07-08 00:43 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-07-08 00:43 . 2009-07-08 00:43 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-07-08 00:43 . 2009-07-08 00:43 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-07-08 00:43 . 2009-07-08 00:43 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-07-08 00:43 . 2009-07-08 00:43 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-07-08 00:43 . 2009-07-08 00:43 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-04-02 16:50 809864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-04-02 809864]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-08 1232896]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-30 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-07-08 1006264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-29 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-29 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-29 141848]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-07-21 208616]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-09-18 29696]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-09-29 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-30 198160]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-7 113664]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-7-7 118784]
«©م، ¢¬نïé Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7D92A1CB-2149-4E17-A5CB-306F36C73C9F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{C7D9169B-9033-49CE-8EEC-779CD263DC90}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{422F0C29-EB6A-4B78-9145-34A4E7687A40}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{2C0D1B5C-132B-490F-9404-D9146AF774A2}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A4F6339E-3667-4C09-B46B-2244D712954E}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/08 05:29 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/08 05:28 م 20496]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\System32\drivers\BthAvrcp.sys [24/08/07 07:34 م 15872]
S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [07/07/09 10:38 ص 240128]
S2 gupdate1ca125ce56413a;خدمة تحديث Google (gupdate1ca125ce56413a);c:\program files\Google\Update\GoogleUpdate.exe [01/08/09 06:56 ص 133104]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [16/09/09 04:05 م 54632]
S3 fsssvc;خدمة أمان العائلة في Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/09 10:48 م 704864]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-01 03:56]
2009-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-01 03:56]
2009-09-19 c:\windows\Tasks\User_Feed_Synchronization-{EEE639EA-7F8C-4175-89FA-BA4688C5B426}.job
- c:\windows\system32\msfeedssync.exe [2009-08-02 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Download ALL with IDA
IE: Download with IDA
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Internet Download Accelerator - c:\program files\IDA\ida.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-09-20 00:09
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-09-19 0:11
ComboFix-quarantined-files.txt 2009-09-19 21:10
Pre-Run: 112,448,303,104 bytes free
Post-Run: 112,738,074,624 bytes free
279 --- E O F --- 2009-09-18 00:26

algnral · 20 سبتمبر 2009

جربي البلتوث الحين

algnral · 20 سبتمبر 2009

من اظافة وازالة البرامج
احذفي
Toolbar SpeedBit Video Downloader
Google Toolbar
Ask.com Toolbar
Windows Live Toolbar

فتاة النرجس · 20 سبتمبر 2009

مشكور أخوي الجنراال ضبطت الطريقة والحين البلوتوث شغال 100%

رحم الله والديكم جميعا ً بارون والجنرال ماقصرتوا

algnral · 20 سبتمبر 2009

احلى شي كنت بطلع عندي اشغال وقلت اشيك على موضوعك
وحمدلله انحلت المشكله بس التولبارات احذفيها الي بردي الاخير

MAAX · 20 سبتمبر 2009

الله يوفقك اختي

[تم حل المشكلة]مشكلة البلوتوث

فتاة النرجس

زيزوومي جديد

البارون

زيزوومى فضى

توقيع : البارون

فتاة النرجس

زيزوومي جديد

algnral

زيزوومى مميز

توقيع : algnral

البارون

زيزوومى فضى

توقيع : البارون

فتاة النرجس

زيزوومي جديد

algnral

زيزوومى مميز

توقيع : algnral

algnral

زيزوومى مميز

توقيع : algnral

فتاة النرجس

زيزوومي جديد

algnral

زيزوومى مميز

توقيع : algnral

MAAX

عضوشرف