[تم حل المشكلة]مشكلة مع إختفاء أيقونات سطح المكتب + ظهور securti tool [ بالتقارير]

الحالة
مغلق و غير مفتوح للمزيد من الردود.
س

سمآرتْ

زيزوومي جديد
إنضم
23 أكتوبر 2009
المشاركات
7
مستوى التفاعل
0
النقاط
0
غير متصل
:d:سلاااااااام

مشكلة كبيرة :f:

أول مافتحت الجهاز شفت برنامج securti tool

وزعجني مررررررررررة

وكمان سطح المكتب فاضية ماكو ولا أيقونة حولت أضغط كلك يمين


بس ماحصل شي !

والتقارير:

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



التقرير الأخير صبرت ولاحصل شي
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
طبق التالي بالترتيب
اولا
3.gif

عطل برامج الحماية لديك

نزل هذه الاداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
 بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
 انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بردك الاول

 ثانيا
3.gif

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك الثاني
 
التعديل الأخير بواسطة المشرف:
توقيع : السّاجد لله
تأييد 0
ComboFix 09-10-24.01 - 2009 10/25/2009 16:05.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1014.575 [GMT 3:00]
Running from: c:\documents and settings\2009\My Documents\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\!\سطح المكتب\Security Tool.lnk
c:\documents and settings\!\قائمة ابدأ\البرامج\Security Tool.lnk
c:\documents and settings\2009\سطح المكتب\Security Tool.lnk
c:\documents and settings\2009\قائمة ابدأ\البرامج\بدء التشغيل\wbhwin32.exe
c:\documents and settings\2009\قائمة ابدأ\البرامج\Security Tool.lnk
c:\documents and settings\2009\Application Data\wiaserva.log
c:\documents and settings\2009\ldtten.exe
c:\documents and settings\All Users\Application Data\84690330
c:\documents and settings\All Users\Application Data\84690330\84690330.exe
c:\progra~1\NOBLEQ~1.0\QURAn_~1.exe
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\system32\drivers\npf.sys
c:\windows\system32\ieuinit.inf
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF

((((((((((((((((((((((((( Files Created from 2009-09-25 to 2009-10-25 )))))))))))))))))))))))))))))))
.
2009-10-25 13:29 . 2009-10-25 13:29 -------- d-----w- c:\windows\ServicePackFiles
2009-10-25 13:27 . 2009-10-25 13:44 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-10-25 12:02 . 2009-10-25 12:02 -------- d-----w- c:\documents and settings\!\Tracing
2009-10-25 12:02 . 2009-10-25 12:02 101496 ----a-w- c:\documents and settings\!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-25 12:01 . 2009-10-25 12:01 -------- d-----w- c:\documents and settings\!\Application Data\TOSHIBA
2009-10-24 13:56 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-10-23 15:06 . 2009-10-25 13:38 -------- d--h--w- c:\windows\$hf_mig$
2009-10-23 13:48 . 2009-10-23 13:48 -------- d-----w- c:\documents and settings\2009\Local Settings\Application Data\Runscanner.net
2009-10-23 13:36 . 2009-10-23 13:36 -------- d-----w- c:\program files\Trend Micro
2009-10-23 13:13 . 2009-10-23 13:13 -------- d-----w- c:\documents and settings\!\Local Settings\Application Data\Conduit
2009-10-23 13:13 . 2009-10-23 13:13 -------- d-----w- c:\documents and settings\!\Local Settings\Application Data\Theme_XP
2009-10-23 13:13 . 2009-10-23 13:13 -------- d-----w- c:\documents and settings\!\Application Data\DivX
2009-10-23 13:12 . 2009-04-21 20:14 -------- d-----r- c:\documents and settings\!\قائمة ابدأ
2009-10-23 13:12 . 2009-10-25 12:02 -------- d-----w- c:\documents and settings\!
2009-10-23 12:20 . 2009-10-23 12:20 -------- d-----w- c:\windows\system32\NtmsData
2009-10-23 06:49 . 2008-10-16 11:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-10-23 06:49 . 2008-10-16 11:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-10-05 23:47 . 2009-10-05 23:49 -------- d-----w- c:\program files\edFullEditor1.3
2009-10-05 03:51 . 2009-10-05 03:52 -------- d-----w- c:\documents and settings\2009\Application Data\ViStart
2009-10-05 03:51 . 2009-10-05 03:51 -------- d-----w- c:\documents and settings\2009\Application Data\Styler
2009-10-05 03:51 . 2009-10-05 03:51 -------- d-----w- c:\documents and settings\2009\Local Settings\Application Data\Conduit
2009-10-05 03:51 . 2009-10-05 03:59 -------- d-----w- c:\documents and settings\2009\Local Settings\Application Data\Theme_XP
2009-10-05 03:51 . 2009-10-05 03:52 -------- d-----w- c:\program files\Vistart Live bY Pri2sh
2009-10-05 03:51 . 2009-10-05 03:51 -------- d-----w- c:\program files\Conduit
2009-10-05 03:51 . 2008-05-04 15:08 -------- d-----w- c:\program files\TrueTransparency
2009-10-05 03:51 . 2008-03-12 18:42 -------- d-----w- c:\program files\Styler
2009-10-05 03:51 . 2009-10-05 03:51 -------- d-----w- c:\program files\Theme_XP
2009-10-05 03:48 . 2009-10-22 06:41 -------- d-----w- c:\program files\Findbasic
2009-10-05 03:48 . 2009-10-21 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Findbasic
2009-10-05 03:48 . 2009-10-05 03:48 -------- d-----w- c:\windows\Icons
2009-10-04 06:10 . 2009-10-04 06:10 -------- d-----w- c:\program files\Circle Dvelopement
2009-10-04 05:37 . 2009-10-04 05:37 -------- d-----w- c:\program files\Circle Devlopement
2009-10-04 05:28 . 2009-10-04 05:28 -------- d-----w- c:\program files\Cicle Developement
2009-10-04 05:23 . 2009-10-04 05:23 -------- d-----w- c:\program files\Circle Developement
2009-10-04 05:20 . 2009-10-04 05:20 -------- d-----w- c:\program files\Crcle Developement
2009-10-04 05:11 . 2009-10-04 05:11 -------- d-----w- c:\program files\Microsoft Sync Framework
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-25 13:42 . 2009-08-24 20:32 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-10-25 13:42 . 2009-08-24 20:40 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-10-25 13:18 . 2009-08-28 19:34 -------- d-----w- c:\documents and settings\2009\Application Data\Orbit
2009-10-25 13:14 . 2009-04-21 17:55 -------- d-----w- c:\program files\Noble Quran with Tafsser v 2.0
2009-10-25 12:31 . 2009-10-23 13:13 -------- d-----w- c:\documents and settings\!\Application Data\Orbit
2009-10-16 16:57 . 2009-08-11 22:11 10 ----a-w- c:\windows\popcinfo.dat
2009-10-08 06:56 . 2009-04-21 17:45 101496 ----a-w- c:\documents and settings\2009\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-07 22:39 . 2009-04-21 17:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-04 23:51 . 2009-04-21 18:11 -------- d-----w- c:\documents and settings\2009\Application Data\U3
2009-10-04 06:25 . 2009-04-21 17:46 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-04 05:44 . 2009-08-28 19:57 -------- d-----w- c:\program files\MessenPass
2009-10-04 05:12 . 2009-04-21 17:45 -------- d-----w- c:\program files\Windows Live
2009-09-13 01:46 . 2009-08-28 19:34 -------- d-----w- c:\program files\Orbitdownloader
2009-09-11 16:04 . 2009-09-11 16:04 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-09-11 16:03 . 2009-04-21 17:56 -------- d-----w- c:\program files\MSECache
2009-09-11 10:55 . 2001-09-19 10:00 41622 ----a-w- c:\windows\system32\perfc001.dat
2009-09-11 10:55 . 2001-09-19 10:00 254930 ----a-w- c:\windows\system32\perfh001.dat
2009-09-11 09:43 . 2009-09-11 09:43 -------- d-----w- c:\program files\Microsoft
2009-09-08 17:04 . 2009-08-24 20:33 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-09-07 04:13 . 2009-04-21 17:50 -------- d-----w- c:\program files\JetAudio
2009-09-06 03:19 . 2009-09-06 03:19 -------- d-----w- c:\documents and settings\2009\Application Data\funkitron
2009-09-04 20:45 . 2004-08-03 19:55 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 07:30 . 2009-09-03 07:29 -------- d-----w- c:\program files\SWiSHmax
2009-09-03 03:24 . 2009-09-03 03:24 -------- d-----w- c:\documents and settings\2009\Application Data\ACD Systems
2009-08-28 19:57 . 2009-08-28 19:57 39424 ----a-w- c:\windows\zipinst.exe
2009-08-28 16:08 . 2009-08-24 20:40 56680 ----a-w- c:\windows\system32\rpcnet.exe
2009-08-26 08:14 . 2004-08-03 19:55 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 19:48 . 2009-09-11 09:54 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-08-05 09:05 . 2004-08-03 19:55 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 07:21 . 2004-08-03 19:55 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:51 . 2001-09-19 10:00 82432 ----a-w- c:\windows\system32\fontsub.dll
.
------- Sigcheck -------
[-] 2008-03-15 . DABAD58A8BA625B241B90FB1A81154ED . 1547776 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{d3dc5de2-0384-43b1-bea5-80d202086138}"= "c:\program files\Theme_XP\tbThe1.dll" [2009-10-05 2215960]
[HKEY_CLASSES_ROOT\clsid\{d3dc5de2-0384-43b1-bea5-80d202086138}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d3dc5de2-0384-43b1-bea5-80d202086138}]
2009-10-05 03:55 2215960 ----a-w- c:\program files\Theme_XP\tbThe1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d3dc5de2-0384-43b1-bea5-80d202086138}"= "c:\program files\Theme_XP\tbThe1.dll" [2009-10-05 2215960]
[HKEY_CLASSES_ROOT\clsid\{d3dc5de2-0384-43b1-bea5-80d202086138}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D3DC5DE2-0384-43B1-BEA5-80D202086138}"= "c:\program files\Theme_XP\tbThe1.dll" [2009-10-05 2215960]
[HKEY_CLASSES_ROOT\clsid\{d3dc5de2-0384-43b1-bea5-80d202086138}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-21 185896]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"Toshiba Controls Utility"="c:\program files\TOSHIBA\Controls\VolumeIndicator.exe" [2008-02-01 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-25 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-25 137752]
"Toshiba Hotkey Utility"="c:\program files\Toshiba\Windows Utilities\Hotkey.exe" [2008-01-04 1773568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1024000]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-21 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-8-28 1670336]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R2 Findbasic Service;Findbasic Service;c:\documents and settings\All Users\Application Data\Findbasic\findbasic131.exe [21/10/2009 07:33 م 54776]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/09/2009 12:54 م 54752]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDAud.sys [11/08/2009 04:24 م 732160]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [11/08/2009 04:24 م 48600]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [29/05/2007 11:01 ص 6912]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [11/08/2009 04:38 م 288000]
S3 fsssvc;خدمة أمان العائلة في Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 10:48 م 704864]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Internet Connection Wizard Setup Tool - c:\program files\Internet Explorer\Connection Wizard\icwsetup.exe
HKLM-Run-84690330 - c:\docume~1\ALLUSE~1\APPLIC~1\84690330\84690330.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-10-25 16:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3836)
c:\program files\Findbasic\findbasic.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\windows\system32\rpcnet.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\SoftwareDistribution\Download\417565b6679f14d86851eed4f8e708ca\update\update.exe
c:\windows\system32\wscntfy.exe
c:\program files\Findbasic\findbasic.exe
c:\combofix\CF29711.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
c:\windows\system32\rundll32.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-25 17:05 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-25 14:05
Pre-Run: 85,117,239,296 bytes free
Post-Run: 87,535,702,016 bytes free
- - End Of File - - 4B80969B8FC59F9FBBF0E3ACE2BFCAA6
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:11:03 م, on 25/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic131.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\rpcnet.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\417565b6679f14d86851eed4f8e708ca\update\update.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Findbasic\findbasic.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\TOSHIBA\Controls\VolumeIndicator.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R3 - URLSearchHook: Theme XP Toolbar - {d3dc5de2-0384-43b1-bea5-80d202086138} - C:\Program Files\Theme_XP\tbThe1.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Theme XP Toolbar - {d3dc5de2-0384-43b1-bea5-80d202086138} - C:\Program Files\Theme_XP\tbThe1.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Theme XP Toolbar - {d3dc5de2-0384-43b1-bea5-80d202086138} - C:\Program Files\Theme_XP\tbThe1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [Toshiba Controls Utility] "C:\Program Files\TOSHIBA\Controls\VolumeIndicator.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Findbasic\findbasic131.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\system32\rpcnet.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 7592 bytes
 
تأييد 0
مشكورين..~

تم حل المشكلة

بس النت قطع عندي وماقدرت أدخل وأشكركم :d:
 
تأييد 0
الله يوفقك اخي
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى