مشاكل كثيرة في جهازي

M

majed6

زيزوومي جديد
إنضم
25 أكتوبر 2009
المشاركات
70
مستوى التفاعل
0
النقاط
80
غير متصل
المشكلة الأولى :
* تكرار رسائل الخطأ في أكثر من برنامج
و المشكلة الثانية :
حدوث بطء شديد في إقلاع[نظام التشغيل]أو تنفيذ بعض التطبيقات
ومشاكل كثيرة مع المتصفح ورسائل تنبية اذا جيت اطفي الجهاز بعض الأحيان
التقارير المطلوبة على الرابط :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


هذي صورة للمتصفح بينما انا اشغلة على السند بوكسي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


اول هذي :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


بعدها :

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


 

توقيع : majed6
ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام

احذف هالبرامج

PC Tools Firewall Plus

Microsoft Security Essentials

GoogleToolbar

ThreatFire

واثبت لك على برنامج حمايه واحد ,, انصحك بالكاسبر سيكورتي 2010

ومن تقرير الهاي جاك احذف ىالقيم التالية

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')


O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')


O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')


O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')


O16 - DPF: {C53BDC3D-19A0-4062-BF34-0897A4E6A6A2} (Wild Pockets Loader Plugin Control Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي





طريقة الحذف

mg%20%283%29.png


mg%20%284%29.png



ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

002.png


وياليت صورة من رسائل الخطا ان امكن
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
جزاك الله خير في ميزان حسناتك انشاء الله
طيب سويت كل الي قلتة وش الخطوة الي بعدها
 
توقيع : majed6
تأييد 0
بس اخوي لا زالة مشكلة المتصفح معي بس بالنسبة لبداء التشغيل الله يعطيك العافية صار احسن من اول
 
توقيع : majed6
تأييد 0

تفضل اخوي

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة




 
تأييد 0
التقرير
ComboFix 09-11-30.02 - عبدالإله 12/01/2009 10:22.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1033.18.958.552 [GMT 3:00]
Running from: c:\documents and settings\عبدالإله\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\majed\Desktop\منتديات شعاع القمر.exe
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\3.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\4.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\5.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\6.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\7.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\recycler\S-1-5-21-1085031214-813497703-725345543-1003
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Files Created from 2009-11-01 to 2009-12-01 )))))))))))))))))))))))))))))))
.
2009-12-01 07:35 . 2009-12-01 07:36 -------- d-----w- c:\documents and settings\TEMP
2009-11-29 16:16 . 2009-11-29 16:16 69648 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\x64\sbhook64.dll
2009-11-29 16:15 . 2009-11-29 16:16 700432 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\x64\oeas.dll
2009-11-29 16:15 . 2009-11-29 16:15 15376 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\x64\kloehk.dll
2009-11-29 16:15 . 2009-11-29 16:15 76304 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\vkbd.dll
2009-11-29 16:15 . 2009-11-29 16:15 72208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sbhook.dll
2009-11-29 16:15 . 2009-11-29 16:15 353296 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\x64\6.0\klif.sys
2009-11-29 16:15 . 2009-11-29 16:15 311312 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\6.0\klif.sys
2009-11-29 16:15 . 2009-11-29 16:15 328720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\x64\5.2\klif.sys
2009-11-29 16:15 . 2009-11-29 16:15 72656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\kis\kavupgr.exe
2009-11-29 16:15 . 2009-11-29 16:15 72656 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\kav\kavupgr.exe
2009-11-29 16:14 . 2009-11-29 16:14 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd3.dll
2009-11-29 16:14 . 2009-11-29 16:14 59920 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\mzvkbd.dll
2009-11-29 16:13 . 2009-11-29 16:14 264720 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\klwtbbho.dll
2009-11-29 16:11 . 2009-11-29 16:11 156688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\x64\kl1.sys
2009-11-29 16:11 . 2009-11-29 16:11 128016 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\kl1.sys
2009-11-29 16:11 . 2009-11-29 16:11 330768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\x64\6.0\klif.sys
2009-11-29 16:11 . 2009-11-29 16:11 280592 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\6.0\klif.sys
2009-11-29 16:10 . 2009-11-29 16:11 307728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\x64\5.2\klif.sys
2009-11-29 16:10 . 2009-11-29 16:10 296976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.459\sys\i386\5.1\klif.sys
2009-11-29 13:32 . 2009-11-29 13:32 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-11-29 13:32 . 2009-11-29 13:32 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-11-29 13:32 . 2009-11-29 13:32 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-11-29 13:32 . 2009-11-29 13:32 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-11-29 13:32 . 2009-11-29 13:32 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-11-29 13:07 . 2009-11-29 13:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-11-29 12:06 . 2009-11-29 12:19 2704371 ----a-w- c:\documents and settings\عبدالإله\Application Data\IDM\DwnlData\عبدالإله\kav9.0.0.463ar_246\kav9.0.0.463ar.exe
2009-11-29 11:41 . 2009-11-29 11:41 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\CyberScrub
2009-11-29 10:43 . 2009-11-29 10:48 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\QuickScan
2009-11-29 10:40 . 2009-11-29 10:40 -------- d-----w- c:\documents and settings\عبدالإله\Local Settings\Application Data\Runscanner.net
2009-11-26 18:04 . 2009-11-26 18:08 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\Notepad++
2009-11-26 03:37 . 2009-11-26 03:39 -------- d-----w- c:\documents and settings\majed\Application Data\Notepad++
2009-11-26 03:37 . 2009-11-26 03:38 -------- d-----w- c:\program files\Notepad++
2009-11-25 11:25 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-11-23 19:42 . 2009-11-23 19:42 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-11-23 19:40 . 2009-11-23 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-11-23 19:39 . 2009-11-23 19:39 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\TuneUp Software
2009-11-23 07:26 . 2009-11-23 07:27 -------- d-----w- c:\documents and settings\عبدالإله\Local Settings\Application Data\WildPockets
2009-11-21 11:04 . 2009-11-21 11:05 3135864 ----a-w- c:\documents and settings\عبدالإله\Application Data\IDM\idmupdt.exe
2009-11-20 19:29 . 2009-11-20 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2009-11-20 19:28 . 2009-11-20 19:28 -------- d-----w- c:\program files\Panda USB Vaccine
2009-11-19 15:49 . 2009-11-20 06:16 -------- d-----w- c:\program files\PS3 Theme Builder
2009-11-12 19:26 . 2009-11-12 19:26 -------- d-----w- c:\documents and settings\majed\Application Data\Microsoft FxCop
2009-11-12 19:25 . 2009-11-12 19:25 -------- d-----w- c:\program files\Microsoft FxCop 1.32
2009-11-12 18:13 . 2009-11-12 18:13 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-11 16:12 . 2009-11-11 16:12 10752 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Microsoft Visual Studio 6.0 Enterprise Edition\10000004900002h\winhlp32.exe
2009-11-11 16:12 . 2009-11-11 16:12 10752 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Microsoft Visual Studio 6.0 Enterprise Edition\10000001400002h\NOTEPAD.EXE
2009-11-11 15:58 . 2009-11-11 15:58 10752 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Microsoft Visual Studio 6.0 Enterprise Edition\4000009e00003h\LINK.EXE
2009-11-11 15:58 . 2009-11-11 15:58 10752 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Microsoft Visual Studio 6.0 Enterprise Edition\400000aa00003h\C2.EXE
2009-11-11 15:54 . 2009-11-11 15:58 -------- d-----w- c:\documents and settings\majed\Local Settings\Application Data\Icon Constructor 3
2009-11-11 14:10 . 2009-09-09 10:43 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-11-11 13:22 . 2009-11-11 13:22 -------- d-----w- c:\documents and settings\majed\Local Settings\Application Data\Microsoft Help
2009-11-11 13:13 . 2009-11-11 13:20 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-11 13:13 . 2009-11-11 13:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-10 07:27 . 2004-08-18 09:17 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2009-11-10 03:51 . 2009-11-10 03:55 -------- d-----w- c:\program files\Alcohol Soft
2009-11-10 03:05 . 2009-11-10 03:31 -------- d-----w- c:\program files\DaemonTools_WhenUSave_Installer
2009-11-10 03:05 . 2009-11-10 03:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-11-10 03:05 . 2009-11-10 03:05 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\DAEMON Tools Pro
2009-11-10 03:04 . 2009-11-10 03:31 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-11-10 02:52 . 2009-11-10 02:52 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-08 14:35 . 2009-11-08 14:35 7680 ----a-w- c:\documents and settings\عبدالإله\Application Data\Thinstall\Golden Al-Wafi Translator\10000001600002i\msiexec.exe
2009-11-06 14:22 . 2009-11-06 14:22 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\DivX
2009-11-06 05:32 . 2009-11-06 05:34 -------- d-----w- c:\documents and settings\majed\Local Settings\Application Data\WildPockets
2009-11-06 04:41 . 2009-11-13 18:26 -------- d-----w- c:\documents and settings\majed\Application Data\uTorrent
2009-11-05 14:51 . 2009-11-06 04:42 -------- d-----w- c:\program files\uTorrent
2009-11-05 14:50 . 2009-11-10 09:35 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\uTorrent
2009-11-05 05:02 . 2009-11-05 14:44 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\.ABC
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-01 06:50 . 2009-11-29 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-01 06:50 . 2009-09-25 13:14 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\DMCache
2009-11-29 15:13 . 2009-10-25 15:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-29 14:56 . 2009-08-18 17:42 -------- d-----w- c:\program files\Google
2009-11-29 13:31 . 2009-11-29 13:31 397328 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2009-11-29 13:31 . 2009-11-29 13:31 315408 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\sys\i386\5.1\klif.sys
2009-11-29 13:31 . 2009-11-29 13:31 19472 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2009-11-29 13:31 . 2009-11-29 13:31 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2009-11-29 13:31 . 2009-11-29 13:31 397328 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\oeas.dll
2009-11-29 13:31 . 2009-11-29 13:31 17936 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\kloehk.dll
2009-11-29 13:31 . 2009-11-29 13:31 109072 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\mzvkbd3.dll
2009-11-29 13:31 . 2009-11-29 13:31 315408 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav9exec\9.0.0.736\sys\i386\5.1\klif.sys
2009-11-29 13:13 . 2009-11-29 13:13 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-11-29 13:13 . 2009-11-29 13:13 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-11-29 13:11 . 2009-11-29 13:11 -------- d-----w- c:\program files\Kaspersky Lab
2009-11-29 11:51 . 2009-10-25 17:31 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\PCToolsFirewallPlus
2009-11-29 11:39 . 2009-11-29 11:39 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\cleaner
2009-11-27 02:33 . 2009-09-29 03:18 -------- d-----w- c:\documents and settings\majed\Application Data\DMCache
2009-11-26 17:57 . 2009-08-18 19:02 -------- d-----w- c:\program files\PopCap Games
2009-11-26 17:49 . 2009-10-25 17:02 -------- d-----w- c:\program files\Smarty Uninstaller Pro
2009-11-25 18:43 . 2009-09-25 13:14 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\IDM
2009-11-22 11:38 . 2009-11-22 11:38 7383 ----a-w- c:\windows\system32\drivers\pctplfw.cat
2009-11-22 11:38 . 2009-10-25 15:08 55208 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2009-11-22 11:37 . 2009-11-22 11:37 7435 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.cat
2009-11-22 11:37 . 2009-11-22 11:37 7399 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.cat
2009-11-21 11:08 . 2009-09-17 01:01 -------- d-----w- c:\program files\Internet Download Manager
2009-11-11 15:54 . 2009-10-30 10:02 -------- d-----w- c:\documents and settings\majed\Application Data\Thinstall
2009-11-11 13:13 . 2009-08-18 18:30 -------- d-----w- c:\program files\Microsoft.NET
2009-11-02 17:42 . 2009-10-11 10:43 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-02 14:17 . 2009-09-02 21:41 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-02 07:22 . 2009-10-31 11:03 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\Thinstall
2009-10-31 12:33 . 2009-10-04 09:20 -------- d-----w- c:\program files\SWiSH Max3
2009-10-31 12:13 . 2009-10-04 09:20 -------- d-----w- c:\program files\Common Files\SWiSHzone.com
2009-10-31 11:03 . 2009-10-31 11:03 7680 ----a-w- c:\documents and settings\عبدالإله\Application Data\Thinstall\Golden Al-Wafi Translator\4000005e00002i\vcmd.exe
2009-10-30 18:26 . 2009-10-30 18:26 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Golden Al-Wafi Translator\400000b300002i\Golden Al-Wafi Translator.exe
2009-10-30 18:19 . 2009-10-30 18:19 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Golden Al-Wafi Translator\4000005e00002i\vcmd.exe
2009-10-30 17:58 . 2009-08-20 07:15 172032 ------w- c:\windows\Setup1.exe
2009-10-30 17:58 . 2009-08-20 07:15 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-10-30 17:35 . 2009-10-30 17:35 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\CDisplay 1.8\40000018b00002i\CDisplay.exe
2009-10-30 17:29 . 2009-10-30 17:29 294912 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\ThinstallBuilder.FUNARULEZ\300000003400002i\dwwin.exe
2009-10-30 13:51 . 2009-10-30 13:51 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Hotspot Shield 1.31\400000c00002i\GoogleToolbarNotifier.exe
2009-10-30 13:51 . 2009-10-30 13:51 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Hotspot Shield 1.31\4000003800002i\wltuser.exe
2009-10-30 13:51 . 2009-10-30 13:51 7680 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\Hotspot Shield 1.31\4000009c00002i\IEXPLORE.EXE
2009-10-30 13:06 . 2009-10-30 13:06 294912 ----a-w- c:\documents and settings\majed\Application Data\Thinstall\ThinstallBuilder.FUNARULEZ\4000007d00003i\tlink.exe
2009-10-30 10:08 . 2009-10-30 10:08 -------- d-----w- c:\program files\VMware
2009-10-28 19:10 . 2009-10-24 12:29 -------- d-----w- c:\program files\Circle Developement
2009-10-27 17:40 . 2009-10-27 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\WinZip
2009-10-27 12:30 . 2009-10-27 12:30 -------- d-----w- c:\documents and settings\majed\Application Data\DivX
2009-10-27 10:45 . 2009-10-27 10:44 -------- d-----w- c:\documents and settings\All Users\Application Data\DFX
2009-10-27 10:38 . 2009-10-27 10:31 605320 ----a-w- c:\documents and settings\majed\Application Data\IDM\DwnlData\majed\DivXCreate_267\DivXCreate.exe
2009-10-27 10:29 . 2009-10-27 10:29 124187 ----a-w- c:\documents and settings\majed\Application Data\IDM\DwnlData\majed\DivXCreate_266\DivXCreate.exe
2009-10-26 13:55 . 2009-10-26 13:55 61440 ----a-w- c:\documents and settings\majed\Application Data\IDM\cpil.dll
2009-10-26 13:55 . 2009-09-29 03:18 -------- d-----w- c:\documents and settings\majed\Application Data\IDM
2009-10-26 13:51 . 2009-10-26 13:51 -------- d-----w- c:\program files\Atelier Web
2009-10-26 12:49 . 2009-10-12 09:32 39 ----a-w- c:\windows\popcinfot.dat
2009-10-25 17:28 . 2009-08-18 17:42 -------- d-----w- c:\program files\DivX
2009-10-25 15:03 . 2009-10-25 15:03 -------- d-----w- c:\program files\Ashampoo
2009-10-24 12:29 . 2009-08-18 17:14 -------- d-----w- c:\program files\Messenger Plus! Live
2009-10-21 09:22 . 2009-08-21 07:12 98328 ----a-w- c:\documents and settings\عبدالإله\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-20 17:34 . 2009-10-20 17:34 219664 ----a-w- c:\windows\system32\klogon.dll
2009-10-20 17:20 . 2009-10-20 16:50 -------- d-----w- c:\documents and settings\majed\Application Data\PlayFirst
2009-10-20 17:20 . 2009-10-20 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2009-10-20 16:54 . 2009-10-20 16:54 59992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2010 9.0.0.736\English\setup.exe
2009-10-20 11:27 . 2009-10-02 19:03 98328 ----a-w- c:\documents and settings\majed\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-16 09:59 . 2009-10-16 09:59 -------- d-----w- c:\program files\Sandboxie
2009-10-15 10:31 . 2009-10-15 10:31 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\Windows Search
2009-10-15 10:30 . 2009-10-15 10:30 -------- d-----w- c:\documents and settings\عبدالإله\Application Data\Windows Desktop Search
2009-10-15 09:35 . 2009-10-15 09:35 -------- d-----w- c:\documents and settings\majed\Application Data\COWON
2009-10-15 09:17 . 2009-10-15 09:17 -------- d-----w- c:\documents and settings\majed\Application Data\vlc
2009-10-15 08:41 . 2009-10-15 08:41 -------- d-----w- c:\program files\Save Flash
2009-10-15 08:28 . 2009-10-15 08:28 128 ----a-w- c:\documents and settings\majed\Local Settings\Application Data\fusioncache.dat
2009-10-15 08:00 . 2009-10-15 08:00 -------- d-----w- c:\documents and settings\majed\Application Data\CyberScrub
2009-10-15 08:00 . 2009-10-15 07:59 -------- d-----w- c:\documents and settings\majed\Application Data\cleaner
2009-10-15 03:22 . 2009-10-14 16:16 -------- d-----w- c:\program files\Windows Desktop Search
2009-10-14 18:18 . 2009-10-14 18:18 36880 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-10-14 16:34 . 2009-10-14 16:34 -------- d-----w- c:\documents and settings\majed\Application Data\Windows Search
2009-10-14 16:17 . 2009-10-11 16:48 -------- d-----w- c:\program files\Microsoft
2009-10-14 16:16 . 2009-10-14 16:16 -------- d-----w- c:\documents and settings\majed\Application Data\Windows Desktop Search
2009-10-14 16:01 . 2009-10-14 16:01 -------- d-----w- c:\program files\Windows Media Connect 2
2009-10-14 15:28 . 2009-10-14 15:28 -------- d-----w- c:\documents and settings\majed\Application Data\Windows Live Writer
2009-10-14 11:52 . 2009-10-14 10:37 5807934 ----a-w- c:\documents and settings\majed\Application Data\IDM\DwnlData\majed\_171\.exe
2009-10-14 11:49 . 2009-10-14 11:49 -------- d-----w- c:\program files\MSBuild
2009-10-14 11:49 . 2009-10-14 11:49 -------- d-----w- c:\program files\Reference Assemblies
2009-10-13 17:08 . 2009-08-17 19:03 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-11 19:05 . 2009-10-11 18:53 -------- d-----w- c:\documents and settings\majed\Application Data\SecondLife
2009-10-11 16:55 . 2009-08-18 17:28 -------- d-----w- c:\program files\Windows Live
2009-10-11 16:51 . 2009-10-11 16:51 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-10-11 16:50 . 2009-10-11 16:50 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-10-11 16:48 . 2009-10-11 16:48 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-11 15:44 . 2009-10-11 15:44 -------- d-----w- c:\program files\Common Files\Windows Live
2009-10-11 14:07 . 2009-10-08 18:06 -------- d-----w- c:\documents and settings\majed\Application Data\Hide IP NG
2009-10-11 14:07 . 2009-10-11 14:03 -------- d-----w- c:\documents and settings\majed\Application Data\MyProxy
2009-10-11 14:03 . 2009-10-11 14:03 -------- d-----w- c:\documents and settings\majed\Application Data\Obsidium
2009-10-11 12:55 . 2009-10-11 12:55 -------- d-----w- c:\program files\Microsoft Silverlight
2009-10-11 10:09 . 2009-10-11 10:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-10-08 11:57 . 2008-07-29 16:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 11:57 . 2004-08-04 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 11:56 . 2004-08-04 11:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-04 09:41 . 2009-10-04 09:23 -------- d-----w- c:\documents and settings\majed\Application Data\SWiSH Max3
2009-10-04 09:20 . 2009-10-04 09:20 -------- d-----w- c:\program files\LameACM
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-21 149280]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-10-20 340456]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2006-09-21 53248]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-05-28 1826816]
"S3Trayp"="S3trayp.exe" - c:\windows\system32\S3Trayp.exe [2007-06-11 176128]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2007-06-13 16377344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Attractive Clock
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sandboxie\\Start.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14/10/2009 09:18 م 36880]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/11/2009 05:52 ص 685816]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14/09/2009 02:42 م 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [02/10/2009 07:39 م 19472]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [18/08/2009 10:31 م 332928]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [18/08/2009 03:41 م 714240]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [30/09/2009 12:15 م 116736]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S2 gupdate1ca202b5733fb6c;خدمة تحديث Google (gupdate1ca202b5733fb6c);c:\program files\Google\Update\GoogleUpdate.exe [18/08/2009 08:43 م 133104]
S3 DrvFltIp;DrvFltIp;\??\c:\documents and settings\majed\Local Settings\TEMP\DrvFltIp --> c:\documents and settings\majed\Local Settings\TEMP\DrvFltIp [?]
S3 pctNDIS;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [25/10/2009 06:08 م 55208]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-18 17:42]
2009-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-18 17:42]
2009-12-01 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2009-11-20 13:45]
2009-12-01 c:\windows\Tasks\User_Feed_Synchronization-{2821AA67-6444-4B8D-9E31-39A7DE97A9C7}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
2009-12-01 c:\windows\Tasks\User_Feed_Synchronization-{E0F168E5-AD5A-4808-955D-8A4A37D60A13}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-MSSE - c:\program files\Microsoft Security Essentials\msseces.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-12-01 10:38
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\documents and settings\majed\Local Settings\TEMP\ASFWHide"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DrvFltIp]
"ImagePath"="\??\c:\documents and settings\majed\Local Settings\TEMP\DrvFltIp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{441a2ee7-fe48-4d79-8fb4-42b46c93b918}]
@Denied: (Full) (Everyone)
"Model"=dword:0000014e
"Therad"=dword:0000000c
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c7,1c,90,5f,40,2b,1b,c1,cf,85,9c,8c,32,fa,8d,d1,a6,26,18,f2,07,
ef,7d,32,88,f6,72,e8,2f,3a,f7,7b,59,de,ef,c4,3b,07,27,2e,00,00,00,00,00,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\shmgrate.exe
c:\windows\system32\shmgrate.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\shmgrate.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2009-12-01 10:45 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-01 07:45
Pre-Run: 20,440,764,416 bytes free
Post-Run: 20,538,527,744 bytes free
- - End Of File - - A4DCB62E9CB7F40B5F3986665FD74500
 
توقيع : majed6
تأييد 0

تقرير هايجاك جديد
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:00:45, on 02/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda USB Vaccine\USBVaccine.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Documents and Settings\majed\My Documents\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: خدمة تحديث Google (gupdate1ca202b5733fb6c) (gupdate1ca202b5733fb6c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 9319 bytes
 
توقيع : majed6
تأييد 0


تفضل اخوي





للغة العربية

افتح الاكسبلورر
ادوات >>>> خيارات الانترنت >>>> ثم اعمل كما الصورة

wh_40105661.jpg


للغة الانجليزية

tools >>>>internet options

wh_71269606.png






بعدها اذهب الى اضافة وازالة البرامج واحذف التولبار الموجود عندك (toolbar)>> ممكن ما يكون موجود
ثم نظف جهازك بهذه الاداة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



وبلغنا اخر النتائج


 
التعديل الأخير بواسطة المشرف:
تأييد 0
سويت المطلوب و انا في انتظار النتائج جزاك الله خير على اهتمامك الله يوفقك
اذا كانت المشكلة مستمرة راح اعلمك انشاء الله تكون انحلت عطني مهلة اسبوع اذا اشتكيت و لا تكون المشكلة انتهت
اسف على اشغالك معي ^___^
 
توقيع : majed6
تأييد 0



الله يجزاك خير على هالدعوه

وأبشرك لا تعب ولا شي حمدلله لكن انا اعتذر عن التأخير في الرد بسبب انشغالي والاخوان مايقصرون معك في اي شي تطلبه



 
تأييد 0
توقيع : majed6
تأييد 0


آخرالمشاكل ان شالله
وماقصروا الاخوان الله يعطيهم العافيه
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى