جهاز يعلق

م

ماااجد

زيزوومى متألق
إنضم
6 ديسمبر 2007
المشاركات
450
مستوى التفاعل
0
النقاط
470
غير متصل
سلام عليكمشخباركم وش مسوينشريت جهاز جديد مكتبيماخذ له شهر وصار لم افتح كذا موقع يعلق الصفحه ولازم اسكرها واسوي انهاء الان بحيث تسكر وافتحها من جديد مع اني مو منزل برامج كثيرةوين المشكله ؟؟؟
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
لأقرب متابع اعمل التالي


عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم

اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​



 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
:king:

ما شفت ردك خيو
 
توقيع : السّاجد لله
تأييد 0

ولاتهتم ,, الله يعطيك العافيه :ok:
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
ثواني والتقرير جاهز
 
تأييد 0
ComboFix 08-12-03.04 - MAS 12/04/2008 17:57:45.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.1383 [GMT 3:00]
Running from: c:\documents and settings\MAS\Desktop\ComboFix.exe
* Created a new restore point
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\IE4 Error Log.txt
c:\windows\system32\divx.dll
.
((((((((((((((((((((((((( Files Created from 2008-11-04 to 2008-12-04 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-04 12:56 --------- d-----w c:\documents and settings\MAS\Application Data\HPAppData
2008-11-30 17:38 --------- d-----w c:\program files\Wireless WEP Key Password Spy
2008-11-28 09:08 --------- d-----w c:\program files\Google
2008-11-28 09:07 --------- d-----w c:\program files\VideoLAN
2008-11-27 14:08 --------- d-----w c:\documents and settings\MAS\Application Data\Internet Download Accelerator
2008-11-26 16:01 --------- d-----w c:\program files\IDA
2008-11-26 13:52 --------- d-----w c:\program files\Internet Download Manager
2008-11-25 17:29 --------- d-----w c:\documents and settings\MAS\Application Data\DMCache
2008-11-25 17:28 --------- d-----w c:\documents and settings\MAS\Application Data\SlipStream
2008-11-25 17:28 --------- d-----w c:\documents and settings\MAS\Application Data\IDM
2008-11-25 17:11 --------- d-----w c:\program files\Jap
2008-11-25 16:33 --------- d-----w c:\program files\GreenBrowser
2008-11-24 14:14 --------- d-----w c:\program files\LeapFTP
2008-11-23 17:10 --------- d-----w c:\program files\Xilisoft
2008-11-23 16:17 --------- d-----w c:\program files\Video Convert Premier
2008-11-23 16:06 81,920 ----a-w c:\documents and settings\MAS\Application Data\ezpinst.exe
2008-11-23 16:06 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-11-23 16:06 47,360 ----a-w c:\documents and settings\MAS\Application Data\pcouffin.sys
2008-11-20 13:40 499,712 ----a-w c:\windows\system32\msvcp71.dll
2008-11-20 13:40 348,160 ----a-w c:\windows\system32\msvcr71.dll
2008-11-20 13:40 --------- d-----w c:\program files\Common Files\xing shared
2008-11-20 13:40 --------- d-----w c:\program files\Common Files\Real
2008-11-20 13:39 --------- d-----w c:\program files\PremierOpinion
2008-11-20 13:39 --------- d-----w c:\program files\ESET
2008-11-20 13:37 --------- d-----w c:\program files\CEDP Stealer 6.0 for Messenger
2008-11-20 11:24 --------- d-----w c:\documents and settings\MAS\Application Data\vlc
2008-11-18 16:36 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
2008-11-18 16:22 --------- d-----w c:\program files\Windows Live
2008-11-18 16:22 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-18 16:06 --------- d-----w c:\program files\MSN Messenger
2008-11-18 15:47 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2008-11-18 07:01 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-18 07:01 --------- d-----w c:\program files\Wirelwss LAN Utility
2008-11-17 16:32 --------- d-----w c:\documents and settings\MAS\Application Data\Ahead
2008-11-17 16:31 --------- d-----w c:\program files\Common Files\Ahead
2008-11-17 16:31 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead
2008-11-17 16:29 --------- d-----w c:\program files\Nero
2008-11-17 16:29 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2008-11-17 16:25 --------- d-----w c:\documents and settings\MAS\Application Data\HP
2008-11-17 16:24 --------- d-----w c:\documents and settings\All Users\Application Data\WEBREG
2008-11-17 16:21 --------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2008-11-17 16:20 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2008-11-17 16:19 --------- d-----w c:\program files\HP
2008-11-17 16:19 --------- d-----w c:\program files\Common Files\HP
2008-11-17 16:19 --------- d-----w c:\documents and settings\All Users\Application Data\HP Product Assistant
2008-11-17 15:33 --------- d-----w c:\program files\Common Files\snp2std
2008-11-17 15:31 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2008-11-17 15:30 --------- d-----w c:\program files\CyberLink
2008-11-17 15:30 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-17 15:27 --------- d-----w c:\program files\Real
2008-11-17 15:25 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-17 15:22 --------- d-----w c:\program files\DivX
2008-11-17 15:20 47,104 ------w c:\windows\AKDeInstall.exe
2008-11-17 15:20 --------- d-----w c:\program files\mpegable
2008-11-17 15:20 --------- d-----w c:\program files\GRETECH
2008-11-17 15:19 --------- d-----w c:\program files\QuickTime
2008-11-17 15:19 --------- d-----w c:\program files\Nokia
2008-11-17 15:19 --------- d-----w c:\program files\Common Files\Nokia
2008-11-17 15:19 --------- d-----w c:\documents and settings\MAS\Application Data\Apple Computer
2008-11-17 15:18 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-17 15:06 1,023,035 ----a-w c:\windows\system32\Setup.scr
2008-11-17 15:05 --------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2008-11-17 14:59 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-17 14:59 --------- d-----w c:\program files\Circle Developement
2008-11-17 14:48 155,995 ----a-w c:\windows\java\Packages\5ZVJ5B53.ZIP
2008-11-17 14:44 --------- d-----w c:\program files\Common Files\Adobe
2008-11-17 14:31 73,216 ----a-w c:\windows\ST6UNST.EXE
2008-11-17 14:31 172,032 ------w c:\windows\Setup1.exe
2008-11-17 14:21 512,096 ----a-w c:\windows\system32\drivers\amon.sys
2008-11-17 14:21 298,104 ----a-w c:\windows\system32\imon.dll
2008-11-17 14:21 15,424 ----a-w c:\windows\system32\drivers\nod32drv.sys
2008-11-17 14:02 --------- d-----w c:\program files\Microsoft.NET
2008-11-17 14:02 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-17 14:02 --------- d-----w c:\program files\Common Files\L&H
2008-11-17 14:01 --------- d-----w c:\program files\Microsoft Works
2008-11-17 13:46 --------- d-----w c:\program files\Realtek
2008-11-17 13:45 16,608 ----a-w c:\windows\gdrv.sys
2008-11-17 13:44 315,392 ----a-w c:\windows\HideWin.exe
2008-11-17 13:42 --------- d-----w c:\program files\Intel
2008-11-17 08:35 --------- d-----w c:\program files\microsoft frontpage
2008-10-16 11:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 11:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 11:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 11:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 11:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 11:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 11:08 34,328 ----a-w c:\windows\system32\wups.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [11/19/2008 05:37 PM 5724184]
"Internet Download Accelerator"="c:\program files\IDA\ida.exe" [04/10/2006 09:04 PM 45056]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [08/04/2004 01:06 AM 1667584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m‘|\ü" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [09/05/2007 12:13 PM 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [09/05/2007 12:13 PM 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [09/05/2007 12:13 PM 137752]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [11/17/2008 05:21 PM 949376]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [11/17/2008 06:18 PM 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [12/07/2005 10:57 PM 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [05/18/2006 11:29 AM 49152]
"FixCamera"="c:\windows\FixCamera.exe" [07/11/2007 04:09 PM 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [05/12/2007 11:19 AM 270336]
"snp2std"="c:\windows\vsnp2std.exe" [09/28/2007 04:32 PM 344064]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [10/14/2007 09:17 PM 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [08/22/2007 04:31 PM 80896]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [03/01/2007 02:57 PM 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [11/26/2007 02:54 PM 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [11/26/2007 02:54 PM 1057064]
"TI WLAN"="c:\program files\Wirelwss LAN Utility\TIWLANCu.exe" [12/09/2004 04:49 PM 1150976]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [11/20/2008 04:40 PM 185872]
"RTHDCPL"="RTHDCPL.EXE" [02/13/2008 09:31 AM 16857600 c:\windows\RTHDCPL.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [08/04/2004 12:56 AM 110592 c:\windows\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-02-08 394856]
«©م، ¢¬نïé Adobe Reader.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.X264"= x264vfw.dll
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-17 15424]
R3 TNET1130;EDUP 802.11 WLAN;c:\windows\system32\DRIVERS\TNET1130.sys [2008-11-18 438912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Connection Wizard,ShellNext = hxxp://www.google.com.sa/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download ALL with IDA - c:\program files\IDA\idaieall.htm
IE: Download with IDA - c:\program files\IDA\idaie.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
O16 -: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FireFox -: Profile - c:\documents and settings\MAS\Application Data\Mozilla\Firefox\Profiles\5conje8q.default\
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-04 17:58:50
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(924)
c:\windows\system32\imon.dll
.
Completion time: 12/04/2008 17:59:17
ComboFix-quarantined-files.txt 2008-12-04 14:59:15
Pre-Run: 60,276,695,040 bytes free
Post-Run: 60,424,048,640 bytes free
202
 
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:00:26 م, on 04/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\tsnp2std.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IDA\_IDA.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wirelwss LAN Utility\tiwlnsvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\MAS\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: IDA Bar - {C70E30C7-140A-4166-A2E8-43557E62B41A} - C:\Program Files\IDA\idabar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: سرعة تشغيل Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wirelwss LAN Utility\tiwlnsvc.exe
--
End of file - 8276 bytes
 
تأييد 0
احذف

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


 O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll (file missing)


 O4 - HKLM\..\Run: [GEST] m‘|\ü


 O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe


 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe


 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot


 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




طريقة الحذف

mg%20%283%29.png


mg%20%284%29.png


ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


التوافق : ويندوز اكسبيفقط

شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

000.png


001.png


وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

002.png

وتقرير جديد
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
عند الحذف طلع لي مسج

7ba8vkl3di3zv2tef5ec.jpg
 
تأييد 0
اضغط موافق واكمل ؟؟
 
تأييد 0
قفل المتصفح واعد حذف القيم ,, مفاد الرساله
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:16:39 م, on 04/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IDA\_IDA.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wirelwss LAN Utility\tiwlnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\MAS\Desktop\HiJackThis.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: IDA Bar - {C70E30C7-140A-4166-A2E8-43557E62B41A} - C:\Program Files\IDA\idabar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [TI WLAN] C:\Program Files\Wirelwss LAN Utility\TIWLANCu.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\MAS\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\MAS\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: سرعة تشغيل Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
O23 - Service: TI Wlan Service (tiwlnsvc) - Unknown owner - C:\Program Files\Wirelwss LAN Utility\tiwlnsvc.exe
--
End of file - 7929 bytes
 
تأييد 0
استخدم الان اداه التنظيف الي اعطيتك بالصفحه الاولى وسوف يعيد تشغيل جهازك ,,
وقول لنا هل فيه تحسن ,,
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
لا الحمد الله احسن بكثير

تسلم يمنااااك
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى