logo

هوامير البورصة السعودية > الاقسام العامة لموقع هوامير البورصة > قسم الكمبيوتر والأنترنت والإتصالات > طلبات واستفسارات برامج الحاسب

حلل بيانات جهازك وقم باصلاحه بنفسك



صفحة 2 من 7
1
2
3
4
5
6
7
قديم 25-08-2011, 12:42 AM
  المشاركه #13
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 


حلل بيانات جهازك وقم باصلاحه بنفسك

اقتباس:
المشاركة الأصلية كتبت بواسطة aaiedh
السلام عليكم ورحمة الله وبركاته

بارك الله فيك اخي rafraaf

البرامج مهمه لتحليل مشاكل الجهاز واصلاح الخلل

اذا انتهيت من هنا

ياليت رساله على الخاص لنقله لقسم الكمبيوتر

فنحن نبحث عن هكذا مواضيع قيمه ومفيده
وياك ان شاء الله اخي الكريم

باذن الله اذا مانسيت



 
  
قديم 25-08-2011, 12:43 AM
  المشاركه #14
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



اقتباس:
المشاركة الأصلية كتبت بواسطة الدوسري.
رد: حلل بيانات جهازك وقم باصلاحه بنفسك
وياك يارب ...





قديم 25-08-2011, 12:45 AM
  المشاركه #15
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



وياك يارب

هذا تقرير مايتحلل

هذا تقرير ComboFix يوضح لك استبدال ملفات معينه واصلاح اخرى وحذف اخرى

اللي يتحلل تقرير برنامج الهاجاك

اول واحد

اللي هو هذا

رد: حلل بيانات جهازك وقم باصلاحه بنفسك

هات تقريره وابشر



قديم 25-08-2011, 12:50 AM
  المشاركه #16
BJAD
عضو هوامير المميز
تاريخ التسجيل: Aug 2006
المشاركات: 2,212
 



وهذا الاول الله يحفظك

HijackThis.de Security ect download
To the authors homepage




HijackThis log file analysis
HijackThis opens you a possibility to find and fix nasty entries on your computer easier.
Therefore it will scan special parts in the registry and on your harddisk and compare them with the default settings. If there is some abnormality detected on your computer HijackThis will save them into a logfile. In order to find out what entries are nasty and what are installed by the user, you need some background information.
A logfile is not so easy to analyze. Even for an advanced computer user. With the help of this automatic analyzer you are able to get some additional support. Just paste your complete logfile into the textbox at the bottom of this page.
Due to a few misunderstandings, I just want to make it clear that this site provides only an online analysis, and not HijackThis the program.
Service & Support
HijackThis.de Supportforum Deutsch | English
Forospyware.com (Spanish) www.forospyware.com
Malwarecrypt.com www.malwarecrypt.com
Computerhilfen www.computerhilfen.com

Did you know...?
..., that you can also use the MD5-Hash function of HijackThis in order to get a better analyzing result?


Log file
You can paste a logfile in this textbox

or you can choose a logfile from your computer



Show the visitors ratings



Help us to keep this free service online! Please give us a small donation via PayPal.


We couldn't detect any active process of a firewall on your system. Possible reasons:
(1.) You are using the windows firewall or a hardware firewall.
(2.) You are using a firewall of an unknown vendor.
(3.) You are using a firewall, but for unknown reasons it is disabled
(4.) You don't use any firewall at all.
We recommend you to use a firewall. Download and install one or activate windows xp´s own one. In case you got questions or you want us to add the firewall you use to our database, contact us at our forum.
Actions Entry Kind Visitor's assessment Information
Logfile of Trend Micro HijackThis v2.0.2
This should be the newest version.
Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)
This should be the newest version.
Boot mode: Normal
Very safe This entry was classified from our visitors as good.
C:\WINDOWS\System32\smss.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\winlogon.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\services.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\lsass.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\Ati2evxx.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\svchost.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

Microsoft Windows Defender
C:\WINDOWS\System32\svchost.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\Ati2evxx.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\spoolsv.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\AstSrv.exe
Extremely nasty Safe (4.31 / 5.00)
C:\Program Files\Bonjour\mDNSResponder.exe
Neutral
Part of Apple iTunes 5
C:\WINDOWS\system32\cisvc.exe
Safe
Microsoft Index Service
C:\Program Files\Java\jre6\bin\jqs.exe
Safe This is a unknown process.
This entry was classified from our visitors as good.
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
Safe
Machine Debug Manager. Used by developers.
C:\WINDOWS\RTHDCPL.EXE
Very safe
This entry was classified from our visitors as good.
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
Safe
Possibly nasty! According to our database this process runs normally in c:\windows\system\! Check if you know this process and arrange a viruscheck where required. This entry was classified from our visitors as good.
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
Very safe
Microsoft Office 2007 Groove file monitoring
C:\WINDOWS\system32\HPZipm12.exe
Very safe
HP Taskbar Utility
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
Neutral
Hewlett-Packard Printer Driver
C:\Program Files\Microsoft Security Client\msseces.exe
Very safe
Possibly nasty! According to our database this process runs normally in c:\programme\microsoft security essentials\! Check if you know this process and arrange a viruscheck where required. This entry was classified from our visitors as good.
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
Neutral Safe (3.61 / 5.00)
C:\program files\real\realplayer\update\realsched.exe
Safe
Possibly nasty! According to our database this process runs normally in c:\programme\gemeinsame dateien\real\update_ob\! Check if you know this process and arrange a viruscheck where required. Checks for updates for RealPlayer
C:\WINDOWS\system32\svchost.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
Very safe
Toshiba Application Service
C:\WINDOWS\system32\ctfmon.exe
Very safe
This entry was classified from our visitors as good.
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Very safe
This entry was classified from our visitors as good.
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Very safe
ONENOTEM.EXE is a part of the note taking program that ships with Microsoft Office 2003. Its required for the side note windows to work.
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
Safe This is a unknown process.
This entry was classified from our visitors as good.
C:\WINDOWS\System32\svchost.exe
Very safe
This entry was classified from our visitors as good.
C:\WINDOWS\system32\cidaemon.exe
Safe
This entry was classified from our visitors as good.
C:\WINDOWS\explorer.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Internet Explorer\iexplore.exe
Safe
This entry was classified from our visitors as good.
C:\Program Files\Windows Live\Toolbar\wltuser.exe
Safe Safe (3.71 / 5.00)
C:\Program Files\Java\jre6\bin\java.exe
Neutral

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Safe Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups! This entry was classified from our visitors as good.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
Safe This entry was classified from our visitors as good.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This entry was classified from our visitors as good.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
Safe This entry was classified from our visitors as good.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
Very safe This entry was classified from our visitors as good.
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.codecguide.com/
Very safe This page has been identified as safe.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
Neutral Nasty (2.86 / 5.00)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
Neutral rpbrowserrecordplugin.dll - RealPlayer, http://www.real.com/realsuperpass.html?o page=404__404_index.html
O2 - BHO: Search - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search \Search.dll
Safe Windows Live Toolbar beta Search Enhancement Pack
O2 - BHO: Groove GFS Browser - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
Very safe GrooveShellExtensions.dll Groove Virtual Office
O2 - BHO: ??C?I E???? C?II?? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
WindowsLiveLogin.dll - Microsoft Windows_Live, http://ideas.live.com/
O2 - BHO: Java(tm) Plug-In 2 SSV - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
Very safe jp2ssv.dll - Sun_Java, http://java.sun.com/javase/downloads/ind ex.jsp browser plugin
O2 - BHO: Windows Live Toolbar - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
Safe Unknown application. This entry was classified from our visitors as good.
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
Very safe This entry was classified from our visitors as good.
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
Safe Windows Live Toolbar
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
Very safe Associated with the Fn keys on Toshiba laptops. When disabled some keys still worked, like the one that regulates the volume of the system beep, but others didnt, like the one that immediately blackens your screen
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
Very safe Office 2007 Groove Monitor
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
Safe This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [Azkary] C:\Program Files\Azkary\Azkary
Very safe Unknown application.
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
Very safe Unknown application. This entry was classified from our visitors as good.
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
Part of RealPlayer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
Neutral Not dangerous, but unnecessary. System Tray access to Apple's "Quick Time" viewer from version 5 onwards
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
Safe This entry was classified from our visitors as good.
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
Microsoft Application Error reporting
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
Safe This entry was classified from our visitors as good.
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Safe ONENOTEM.EXE is a part of the note taking program that ships with Microsoft Office 2003. It's required for the side note windows to work.
O4 - Global Startup: Bluetooth Manager.lnk = ?
Safe Unknown application.
The entry is unnecessary and can be fixed. This entry was classified from our visitors as good.
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
Safe The entry Add to Google Photos Screensa&ver has been identified as safe.
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
Very safe The entry E&xport to Microsoft Excel has been identified as safe.
O9 - Extra button: EI??? ??C ?? C??I??E - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
The entry EI??? ??C ?? C??I??E has been identified as safe.
O9 - Extra 'Tools' menuitem: &EI??? ??C ?? Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
The entry &EI??? ??C ?? Windows Live Writer has been identified as safe.
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
The entry Send to OneNote has been identified as safe.
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
The entry S&end to OneNote has been identified as safe.
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
Very safe The entry Research has been identified as safe.
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Safe This entry was classified from our visitors as good.
O9 - Extra 'Tools' menuitem: xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
Safe This entry was classified from our visitors as good.
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Safe This entry was classified from our visitors as good.
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
Safe This entry was classified from our visitors as good.
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
Safe This entry has been identified as safe.
O23 - Service: Ast Service - Nalpeiron Ltd. - C:WINDOWSsystem32\AstSrv.exe
Safe (4.71 / 5.00)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
Safe This service (Ati2evxx.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
Neutral This service (mDNSResponder.exe) was identified as a good one.
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Neutral This service (GoogleUpdaterService.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
Safe This service (iPodService.exe) was identified as a good one.
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
Safe Unknown service. (jqs.exe) This entry was classified from our visitors as good.
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Safe This service (HPZipm12.exe) was identified as a good one. This entry was classified from our visitors as good.
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
Very safe This service (TAPPSRV.exe) was identified as a good one.
Short analysis
Use these tips at your own risk!


© 2004 - 2011 Mathias Mattner | Contact







قديم 25-08-2011, 12:59 AM
  المشاركه #17
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



تقريرك ماهو صحيح الله يطول عمرك على طاعته

او ان نظامك غريب
ياليت تحفظ المفكرة اللي تطلع لك وترفعها على اي موقع وتحط الرابط



قديم 25-08-2011, 01:02 AM
  المشاركه #18
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



التقرير الصحيح يكون كذا لاحظ البداية والنهايه

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:27:46 م, on 23/08/11
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10v_ActiveX.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: AcroIEStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: إضافة إلى مكافحة الشعارات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O9 - Extra button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio \PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio \PwdBank.exe
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: فحص &عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pu...sh/swflash.cab
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: خدمة Kaspersky لمكافحة الفيروسات (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - C:\Program Files\Acer Bio \BASVC.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 5238 bytes



قديم 25-08-2011, 01:09 AM
  المشاركه #19
عبد المنان
عضو هوامير المميز
تاريخ التسجيل: Feb 2006
المشاركات: 5,042
 



بارك الله فيك



قديم 25-08-2011, 01:09 AM
  المشاركه #20
BJAD
عضو هوامير المميز
تاريخ التسجيل: Aug 2006
المشاركات: 2,212
 



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:08:38 AM, on 8/25/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\AstSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.codecguide.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Search - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search \Search.dll
O2 - BHO: Groove GFS Browser - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ??C?I E???? C?II?? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: EI??? ??C ?? C??I??E - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &EI??? ??C ?? Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Ast Service - Nalpeiron Ltd. - C:\WINDOWS\system32\\AstSrv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe

--
End of file - 7350 bytes



قديم 25-08-2011, 01:15 AM
  المشاركه #21
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



اقتباس:
المشاركة الأصلية كتبت بواسطة عبد المنان
بارك الله فيك
ويبارك فيك اخوي ان شاء الله



قديم 25-08-2011, 01:24 AM
  المشاركه #22
rafraaf
كاتب مميز
تاريخ التسجيل: Dec 2005
المشاركات: 3,315
 



حلو نعم هذا تقرير

جهازك حلو مافيه شيء يذكر قيمة وحده خطرة فقط

اول شيء روح لازالة البرامج واي برنامج تحصل من ضمن اسمه

تول بار احذفه

وايضاً ينصح الموقع بموجود برنامج حمايه لانه غير موجود على الجهاز

احذف هالقيم وطريقة الحذف موضحه بالموضوع

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.codecguide.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local


O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll


O2 - BHO: Search - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search \Search.dll


O2 - BHO: Groove GFS Browser - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll


O2 - BHO: Java(tm) Plug-In 2 SSV - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll


O2 - BHO: Windows Live Toolbar - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll


O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot



قديم 25-08-2011, 01:27 AM
  المشاركه #23
aboraed
عضو هوامير المميز
تاريخ التسجيل: Nov 2010
المشاركات: 1,710
 



الله يعطيك العافيه

وجزاك الله خير

شيك على البرنامج الثالث

اعتقد رابط البرنامج محذوف



قديم 25-08-2011, 01:27 AM
  المشاركه #24
rod2004sa
عضو هوامير المميز
تاريخ التسجيل: Apr 2007
المشاركات: 126
 



الرابط لا يعمل
/www.mediafire.com/?hg4zizbzemd

Invalid or Deleted File.



صفحة 2 من 7
1
2
3
4
5
6
7



الكلمات الدلالية (Tags)

وقم

,

بنفسك

,

باصلاحه

,

بيانات

,

جهازك

,

حلل


«

فزعة تكفون

 |

-

»
أدوات الموضوع

تعليمات المشاركة
لا تستطيع إضافة مواضيع جديدة
لا تستطيع الرد على المواضيع
لا تستطيع إرفاق ملفات
لا تستطيع تعديل مشاركاتك
BB code is متاحة
كود [IMG] متاحة
كود HTML معطلة
الانتقال السريع

هوامير البورصة السعودية - الأرشيف - الأعلى


06:42 PM

images

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions, Inc.

جميع المواضيع و الردود المطروحة لا تعبر عن رأي الموقع بل تعبر عن رأي كاتبها وقرار البيع والشراء مسؤليتك وحدك بناء على نظام السوق المالية بالمرسوم الملكي م/30 وتاريخ 2/6/1424هـ ولوائحه التنفيذية الصادرة من مجلس هيئة السوق المالية: تعلن الهيئة للعموم بانه لا يجوز جمع الاموال بهدف استثمارها في اي من اعمال الاوراق المالية بما في ذلك ادارة محافظ الاستثمار او الترويج لاوراق مالية كالاسهم او الاستتشارات المالية او اصدار التوصيات المتعلقة بسوق المال أو بالاوراق المالية إلا بعد الحصول على ترخيص من هيئة السوق المالية.