تم حل المشكلة خطأ في النظام - hkcmd.exe

المصدر: خطأ في النظام - hkcmd.exe
في منتدى : مشاكل الأعضاء التي تم الانتهاء منها

السلام عليكم

هالرساله تظهر لي في كل مره افتح فيها الجهاز

 

وعليكم السلام
​

حمل هذا البرنامج
www.zyzoom.net/shswelh/Zyzoom_HijackThis.exe
بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:05:14 PM, on 12/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\me\سطح المكتب\JavaSetup6u17-rv.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Documents and Settings\me\سطح المكتب\Zyzoom_HijackThis.exe
C:\WINDOWS\system32\MsiExec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Java\jre6\bin\unpack200.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 5213 bytes

 

حملي هذه الاداه ​

دبل كلك عليها تظهر قائمة بالبرامج المثبته ​

اعملي صوره وضعيها بردك القادم​

 

الغي اشاره الصح من المربع

مثل ما هو موجود بالصوره ( الي باللون الاحمر )



وبعدها اضغطي apply ​

 

اختي بعد تطبيق المشاركة السابقة

اعملي التالي

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة​

 

تفضل التقرير



ComboFix 09-12-27.04 - me 12/28/2009 20:26:13.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.503.199 [GMT 3:00]
Running from: c:\downloads\Software\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-28 )))))))))))))))))))))))))))))))
.
2009-12-28 16:55 . 2009-12-28 16:55 -------- d-----w- C:\Downloads
2009-12-28 15:28 . 2009-12-28 15:36 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-12-28 15:13 . 2009-12-28 17:25 -------- d-----w- c:\documents and settings\me\Application Data\Free Download Manager
2009-12-28 15:13 . 2009-12-28 15:13 -------- d-----w- c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG
2009-12-28 15:13 . 2009-12-28 15:13 -------- d-----w- c:\program files\Free Download Manager
2009-12-28 15:10 . 2009-12-28 15:10 -------- d-sh--w- c:\documents and settings\me\PrivacIE
2009-12-28 15:07 . 2009-12-28 15:07 -------- d-sh--w- c:\documents and settings\me\IETldCache
2009-12-28 15:05 . 2009-12-28 15:05 -------- d-----w- c:\documents and settings\me\Application Data\VitySoft
2009-12-28 15:05 . 2009-12-28 15:04 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-28 15:04 . 2009-12-28 15:04 -------- d-----w- c:\program files\Java
2009-12-28 15:04 . 2009-12-28 15:04 152576 ----a-w- c:\documents and settings\me\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-28 14:56 . 2009-12-28 16:52 -------- d-----w- c:\documents and settings\me\Application Data\Skype
2009-12-28 14:56 . 2009-12-28 14:56 -------- d-----w- c:\program files\Common Files\Skype
2009-12-28 14:56 . 2009-12-28 14:56 -------- d-----r- c:\program files\Skype
2009-12-28 14:56 . 2009-12-28 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2009-12-28 14:54 . 2009-12-28 14:54 -------- d-----w- c:\windows\ie8updates
2009-12-28 14:52 . 2009-12-28 14:52 79488 ----a-w- c:\documents and settings\me\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-28 14:52 . 2009-12-28 14:54 -------- dc-h--w- c:\windows\ie8
2009-12-28 14:50 . 2009-10-29 07:40 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-28 14:50 . 2009-10-29 07:40 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-28 14:50 . 2009-10-29 07:40 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-28 14:50 . 2009-10-29 07:40 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-28 14:50 . 2009-10-29 07:40 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-28 14:50 . 2009-10-29 07:40 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-28 14:43 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-28 13:11 . 2008-06-14 17:59 271616 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-28 09:40 . 2009-12-28 09:40 -------- d-----w- c:\windows\ServicePackFiles
2009-12-28 09:36 . 2009-02-09 11:48 2182016 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-12-28 09:36 . 2009-02-09 11:48 2017280 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-28 09:36 . 2009-02-09 11:48 2059264 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-28 09:35 . 2009-02-09 11:48 2137600 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-28 09:07 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-28 00:00 . 2009-12-28 15:24 -------- d--h--w- c:\windows\$hf_mig$
2009-12-27 20:40 . 2009-12-27 20:40 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Adobe
2009-12-27 20:38 . 2009-12-27 20:39 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-27 20:01 . 2009-11-20 11:08 38784 ----a-w- c:\documents and settings\me\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-27 20:01 . 2009-11-20 11:08 38784 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2009-12-27 20:00 . 2009-12-27 20:00 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-12-27 19:39 . 2009-12-27 19:39 -------- d-----w- c:\documents and settings\me\Local Settings\Application Data\Adobe
2009-12-27 19:37 . 2009-12-27 19:38 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-12-27 19:27 . 2009-12-28 00:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-27 18:06 . 2009-12-27 18:06 -------- d-----w- C:\Intel
2009-12-27 18:06 . 2009-12-27 18:06 -------- d-s---w- c:\documents and settings\me\UserData
2009-12-27 17:32 . 2007-01-13 10:33 5672032 ----a-w- c:\windows\system32\drivers\igxpmp32.sys
2009-12-27 17:32 . 2007-01-13 10:33 57344 ----a-w- c:\windows\system32\igxprd32.dll
2009-12-27 17:32 . 2007-01-13 10:32 1563776 ----a-w- c:\windows\system32\igxpdv32.dll
2009-12-27 17:32 . 2007-01-13 10:46 204800 ----a-w- c:\windows\system32\igfxCoIn_v4764.dll
2009-12-27 17:32 . 2007-01-13 10:33 2482688 ----a-w- c:\windows\system32\igxpdx32.dll
2009-12-27 17:32 . 2007-01-13 10:32 149504 ----a-w- c:\windows\system32\igxpgd32.dll
2009-12-27 17:29 . 2007-01-30 17:12 45568 ----a-w- c:\windows\system32\drivers\bcm4sbxp.sys
2009-12-27 17:28 . 2008-01-07 12:36 2216064 ----a-w- c:\windows\system32\drivers\w29n51.sys
2009-12-27 17:28 . 2007-02-12 10:41 2732032 ----a-w- c:\windows\system32\Netw2r32.dll
2009-12-27 17:28 . 2007-02-12 10:40 557056 ----a-w- c:\windows\system32\Netw2c32.dll
2009-12-27 15:48 . 2006-03-16 14:24 68096 ------w- c:\windows\system32\agrsmdel.exe
2009-12-27 15:48 . 2009-12-27 15:48 -------- d-----w- c:\windows\Options
2009-12-27 15:26 . 2009-12-27 15:26 -------- d-----w- c:\program files\CONEXANT
2009-12-27 15:26 . 2005-05-03 12:09 1033728 ----a-w- c:\windows\system32\drivers\HSF_DPV.SYS
2009-12-27 15:26 . 2005-05-03 12:08 208384 ----a-w- c:\windows\system32\drivers\HSFHWICH.sys
2009-12-27 15:26 . 2005-05-03 12:08 705408 ----a-w- c:\windows\system32\drivers\HSF_CNXT.sys
2009-12-27 15:26 . 2005-02-23 12:02 42858 ----a-w- c:\windows\system32\hsfci014.dll
2009-12-27 15:26 . 2004-03-17 09:04 13059 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-12-27 15:26 . 2004-03-17 09:00 86016 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-12-27 04:44 . 2007-03-16 15:10 33664 ----a-w- c:\windows\system32\drivers\BCMWLNPF.SYS
2009-12-27 04:44 . 2007-03-16 15:10 86016 ----a-w- c:\windows\system32\preflib.dll
2009-12-27 04:44 . 2007-03-16 15:10 69632 ----a-w- c:\windows\system32\bcmwlpkt.dll
2009-12-27 04:44 . 2007-03-16 15:10 2129920 ----a-w- c:\windows\system32\WLBCGCBPRO731.DLL
2009-12-27 04:44 . 2007-03-16 15:10 757760 ----a-w- c:\windows\system32\bcm1xsup.dll
2009-12-27 03:58 . 2005-05-26 13:29 192512 ----a-w- c:\windows\system32\AegisI5.exe
2009-12-27 03:58 . 2005-05-26 13:29 1396831 ----a-w- c:\windows\system32\AegisE5.dll
2009-12-27 03:58 . 2005-05-26 13:29 69632 ----a-w- c:\windows\system32\BCMWLD2K.EXE
2009-12-27 03:58 . 2005-05-26 13:42 376192 ------w- c:\windows\system32\drivers\BCMWL5.SYS
2009-12-27 03:29 . 2009-12-27 04:45 27824 ----a-w- c:\documents and settings\me\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-27 03:28 . 2009-12-27 15:27 -------- d-----w- c:\program files\Broadcom
2009-12-27 03:14 . 2009-12-28 09:01 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-27 03:14 . 2009-03-30 07:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-27 03:14 . 2009-02-13 09:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-27 03:14 . 2009-02-13 09:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-27 03:14 . 2009-12-27 03:14 -------- d-----w- c:\program files\Avira
2009-12-27 03:14 . 2009-12-27 03:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-27 03:11 . 2004-08-03 22:55 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-27 03:11 . 2009-12-27 03:11 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-27 03:09 . 2009-12-27 03:10 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-12-27 03:09 . 2009-12-27 03:09 -------- d-----w- c:\windows\system32\LogFiles
2009-12-27 03:09 . 2009-01-07 15:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-27 03:08 . 2009-12-27 03:08 -------- d-----w- c:\program files\Common Files\xing shared
2009-12-27 03:08 . 2009-12-27 03:08 -------- d-----w- c:\program files\Common Files\Real
2009-12-27 03:08 . 2009-12-27 03:08 -------- d-----w- c:\program files\Real
2009-12-27 03:07 . 2009-12-27 03:07 -------- d-----w- c:\documents and settings\me\Application Data\Avant Profiles
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 17:22 . 2001-09-19 12:00 40316 ----a-w- c:\windows\system32\perfc001.dat
2009-12-28 17:22 . 2001-09-19 12:00 251946 ----a-w- c:\windows\system32\perfh001.dat
2009-12-27 02:42 . 2009-12-27 02:25 -------- d-----w- c:\program files\Dell
2009-12-27 02:42 . 2009-12-27 02:23 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-27 02:37 . 2009-12-27 02:23 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-27 02:36 . 2009-12-27 02:36 -------- d-----w- c:\program files\BlueTooth
2009-12-27 02:35 . 2009-12-27 02:35 -------- d-----w- c:\program files\Toshiba
2009-12-27 02:25 . 2009-12-27 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-12-27 02:25 . 2009-12-27 02:25 -------- d-----w- c:\program files\Intel
2009-12-27 02:23 . 2009-12-27 02:23 -------- d-----w- c:\program files\SigmaTel
2009-12-27 00:15 . 2009-12-26 23:42 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 23:43 . 2009-12-26 23:43 -------- d-----w- c:\program files\microsoft frontpage
2009-12-26 23:37 . 2009-12-26 23:37 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-29 07:40 . 2004-08-03 22:55 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-12 13:51 . 2004-08-03 22:55 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:51 . 2004-08-03 22:55 112128 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-30 3399727]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 110592]
"PMX Daemon"="ICO.EXE" [2006-06-09 47104]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2005-02-07 606208]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-27 185872]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-28 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\docume~1\ALLUSE~1\A007~1\7D39~1\D51D~1\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-6-16 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"igfxtray"=c:\windows\system32\igfxtray.exe
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/27/2009 6:14 AM 108289]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: تحميل الفيديو بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: تحميل الكل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: تحميل المحددة بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: تحميل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HijackThis - c:\documents and settings\me\سطح المكتب\HijackThis.exe

**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-28 20:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1136)
c:\windows\System32\BCMLogon.dll
- - - - - - - > 'explorer.exe'(2168)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-12-28 20:31:53
ComboFix-quarantined-files.txt 2009-12-28 17:31
Pre-Run: 24,469,258,240 bytes free
Post-Run: 24,572,862,464 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 740EA80119702791B6FB4A595C669024

 

اخر شي نظف جهازك بهذه الاداة

http://tools.zyzoom.org/tools/system/zyzoom_cleaner.com

وبلغنا اخر النتائج​

 

الحمد لله الرسالة ماعاد طلعت لي k:

 

بالتوفيق ​

 

وماهي فوائد هذه البرامج
igfxpers.exe

 

موضوع قديم ..
يغلق للإنتهاء ..