أرجو أعلامي ما هي مشاكل جهازي، لأني تبهذلت، ثاني مره افرمته ويهنق علي ويسوي مشاكل ما لهاا اول مالهاا ثاني
كود:
Deckard's System Scanner v20071014.68
Run by vip on 2009-01-06 09:18:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
-- Last 5 Restore Point(s) --
34: 2009-01-05 06:41:41 UTC - RP167 - Deckard's System Scanner Restore Point
33: 2009-01-04 09:28:37 UTC - RP166 - نقطة اختبار النظام
32: 2008-12-31 09:55:35 UTC - RP165 - نقطة اختبار النظام
31: 2008-12-29 09:57:34 UTC - RP164 - نقطة اختبار النظام
30: 2008-12-23 05:13:06 UTC - RP163 - Installed HP Update
-- First Restore Point --
1: 2008-10-12 12:06:58 UTC - RP134 - نقطة اختبار النظام
Backed up registry hives.
Performed disk cleanup.
-- HijackThis Clone ------------------------------------------------------------
Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2009-01-06 09:21:04
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Salaat Time\SalaatTime.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\expiorer.exe
C:\Documents and Settings\vip\سطح المكتب\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = **:8080
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [LanTalk.NET] C:\Program Files\CEZEO software\LanTalk NET\LanTalk.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SalaatTime] C:\Program Files\Salaat Time\SalaatTime.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [vamsoft] C:\WINDOWS\system32\vamsoft.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
--
End of file - 7064 bytes
-- File Associations -----------------------------------------------------------
[COLOR=red].scr - scrfile - shell\open\command - "%1" %*[/COLOR]
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: وحدة تحكم SM Bus
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_101517AA&REV_01\3&61AAA01&0&FB
Manufacturer:
Name: وحدة تحكم SM Bus
PNP Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_101517AA&REV_01\3&61AAA01&0&FB
Service:
-- Files created between 2008-12-06 and 2009-01-06 -----------------------------
2009-01-06 08:01:05 122140 -r-hs---- C:\yb12j.cmd
2009-01-05 09:29:24 0 drahs---- C:\WINDOWS\system32\wmdrtc32.dll
2009-01-05 09:29:24 0 drahs---- C:\WINDOWS\system32\wmdrtc32.dl_
2009-01-05 09:29:24 0 drahs---- C:\WINDOWS\system32\ntfsus.exe
2009-01-05 09:29:24 0 drahs---- C:\WINDOWS\system32\dnsq.dll
2009-01-05 08:53:02 122271 -r-hs---- C:\r8.bat
2009-01-05 08:50:51 104421 -r-hs---- C:\2u.com
2009-01-05 08:09:00 120558 -r-hs---- C:\fr.com
2009-01-04 08:23:51 84992 -r-hs---- C:\WINDOWS\system32\cvnmhg1.dll
2009-01-04 08:23:43 121534 -r-hs---- C:\wqesvxa.exe
2009-01-04 08:15:49 85504 -r-hs---- C:\WINDOWS\system32\ciuytr1.dll
2009-01-04 08:00:22 85504 -----n--- C:\WINDOWS\system32\ciuytr0.dll
2009-01-04 07:52:25 84992 -----n--- C:\WINDOWS\system32\cvnmhg0.dll
2008-12-31 08:00:13 104421 -r-hs---- C:\nyh9ok.exe
2008-12-25 09:41:58 121609 -r-hs---- C:\e8kj.exe
2008-12-25 07:33:58 104421 -r-hs---- C:\iqe68o.bat
2008-12-25 07:33:58 107226 -r-hs---- C:\2w.cmd
2008-12-22 13:03:29 85504 -r-hs---- C:\WINDOWS\system32\vbsdfe1.dll
2008-12-22 08:01:49 104421 -r-hs---- C:\1gk8ha.bat
2008-12-21 08:13:12 104421 -r-hs---- C:\iky.bat
2008-12-18 08:03:24 104421 -r-hs---- C:\p1y2.cmd
2008-12-17 07:44:36 85504 -r-hs---- C:\WINDOWS\system32\vbsdfe2.dll
2008-12-16 07:45:25 106664 -r-hs---- C:\rcukd.cmd
2008-12-15 08:13:46 107733 -r-hs---- C:\3.com
2008-12-15 08:10:43 104421 -r-hs---- C:\h3.bat
2008-12-15 08:10:09 85504 -r-hs---- C:\WINDOWS\system32\vbsdfe0.dll
2008-12-15 08:10:09 122140 -r-hs---- C:\WINDOWS\system32\vamsoft.exe
-- Find3M Report ---------------------------------------------------------------
2009-01-06 07:56:02 339866 --a------ C:\WINDOWS\system32\perfh001.dat
2009-01-06 07:56:02 63428 --a------ C:\WINDOWS\system32\perfc001.dat
2009-01-06 07:52:43 121534 -r-hs---- C:\WINDOWS\system32\amvo.exe
2009-01-06 07:52:08 84992 -r-hs---- C:\WINDOWS\system32\gasretyw0.dll
2009-01-05 09:04:59 84992 -r-hs---- C:\WINDOWS\system32\kav320.dll
2009-01-01 13:40:42 84992 -r-hs---- C:\WINDOWS\system32\kav321.dll
2008-12-23 08:13:07 0 d-------- C:\Program Files\HP
2008-12-16 09:45:50 104421 -r-hs---- C:\WINDOWS\system32\kamsoft.exe
2008-12-16 07:44:59 84992 -r-hs---- C:\WINDOWS\system32\gasretyw1.dll
2008-12-03 09:07:54 103831 -r-hs---- C:\e.cmd
2008-12-03 07:01:56 106120 -r-hs---- C:\qquq.bat
2008-12-02 08:47:40 106254 -r-hs---- C:\i.bat
2008-11-30 12:11:46 111636 -r-hs---- C:\o1.com
2008-11-30 07:09:32 108477 -r-hs---- C:\m2nl.bat
2008-11-27 11:24:19 104480 -r-hs---- C:\ij.bat
2008-11-26 09:52:34 108888 -r-hs---- C:\abk.bat
2008-11-26 07:51:52 109333 -r-hs---- C:\ln9.exe
2008-11-23 09:01:20 105746 -r-hs---- C:\ceb6eu98.bat
2008-11-23 07:52:53 106174 -r-hs---- C:\yannh.cmd
2008-11-19 10:38:24 106363 -r-hs---- C:\0w.com
2008-11-18 11:13:47 106436 -r-hs---- C:\xfl3hx.exe
2008-11-18 07:48:52 85504 -r-hs---- C:\WINDOWS\system32\ckvo0.dll
2008-11-17 13:52:09 106982 -r-hs---- C:\WINDOWS\system32\ckvo.exe
2008-11-17 13:52:09 106982 -r-hs---- C:\nq0cq.cmd
2008-11-16 08:03:30 104594 -r-hs---- C:\xih9.cmd
2008-11-16 07:03:05 85504 -r-hs---- C:\WINDOWS\system32\ckvo1.dll
2008-11-13 14:19:34 99504 -r-hs---- C:\ogcikeq.com
2008-11-13 14:18:56 84992 -r-hs---- C:\WINDOWS\system32\amvo0.dll
2008-11-13 13:12:53 110013 -r-hs---- C:\sq.com
2008-11-13 11:58:56 108271 -r-hs---- C:\whi.com
2008-11-13 07:57:19 108075 -r-hs---- C:\i.exe
2008-11-11 07:42:43 84992 -r-hs---- C:\WINDOWS\system32\amvo1.dll
2008-11-11 07:42:43 109000 -r-hs---- C:\60k281bl.com
2008-11-05 08:03:52 104809 -r-hs---- C:\x.bat
2008-11-04 14:05:37 54 --a------ C:\Program Files\setup.log
2008-11-04 14:05:37 213 --a------ C:\Program Files\avpsetup.rep
2008-11-03 13:52:15 104927 -r-hs---- C:\vfjc8mxm.exe
2008-10-28 08:28:08 104028 -r-hs---- C:\ev60a2.cmd
2008-10-28 07:27:52 104535 -r-hs---- C:\b.com
2008-10-26 13:16:45 103594 -r-hs---- C:\v0s.cmd
2008-10-26 07:44:12 103570 -r-hs---- C:\je26200.com
2008-10-23 13:01:58 105018 -r-hs---- C:\xlk9.com
2008-10-23 07:59:52 102278 -r-hs---- C:\pnt.com
2008-10-22 07:27:03 105115 -r-hs---- C:\2fiji.com
2008-10-19 11:59:07 99694 -r-hs---- C:\xk2n.bat
2008-10-18 07:16:46 101418 -r-hs---- C:\bo1dhu.bat
2008-10-15 12:08:15 106742 -r-hs---- C:\cqdis.cmd
2008-10-14 09:37:17 48 --a------ C:\WINDOWS\system32\TTGMEval.Dat
2008-10-14 02:33:48 85504 -r-hs---- C:\WINDOWS\system32\ckvo2.dll
2008-10-14 02:33:47 104628 -r-hs---- C:\68.exe
2008-10-14 01:33:21 101686 -r-hs---- C:\vva0hc0p.cmd
2008-10-13 21:31:42 101564 -r-hs---- C:\wjlfhtfm.cmd
2008-10-12 23:21:09 101500 -r-hs---- C:\08dgu.com
2008-10-11 12:12:13 40 --a------ C:\WINDOWS\system32\d3d9prs.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [08/15/2006 01:39 AM]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [08/15/2006 01:41 AM]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [08/15/2006 01:38 AM]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [01/07/2005 05:07 PM C:\WINDOWS\system32\HdAShCut.exe]
"ToolBoxFX"="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [06/15/2006 08:43 AM]
"LanTalk.NET"="C:\Program Files\CEZEO software\LanTalk NET\LanTalk.exe" []
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [01/02/2007 12:22 AM]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [10/11/2008 08:08 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [05/08/2007 04:24 PM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/21/2008 11:20 AM]
"SalaatTime"="C:\Program Files\Salaat Time\SalaatTime.exe" [08/26/2007 12:38 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/04/2004 01:09 AM]
"amva"="C:\WINDOWS\system32\amvo.exe" [01/06/2009 07:52 AM]
"kamsoft"="C:\WINDOWS\system32\kamsoft.exe" [12/16/2008 09:45 AM]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [10/11/2008 08:08 AM]
"vamsoft"="C:\WINDOWS\system32\vamsoft.exe" [01/06/2009 08:00 AM]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [01/19/2007 12:55 PM]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDesktop"=0 (0x0)
"NoFileMenu"=0 (0x0)
"StartMenuLogoff"=0 (0x0)
"NoClose"=0 (0x0)
"NoStartMenuMorePrograms"=0 (0x0)
"NoUserNameInStartMenu"=0 (0x0)
"NoSetTaskbar"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C5F43BEF-CE2F-46D8-AFE6-A647BACD1F09}"= C:\WINDOWS\system32\haozs1.dll [08/04/2004 01:56 AM 78848]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed8901bc-5ad7-11dd-9151-001558e44cd6}]
AutoRun\command- F:\f0.cmd
explore\Command- F:\f0.cmd
open\Command- F:\f0.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd1f8d8a-774c-11dd-916d-001558e44cd6}]
AutoRun\command- vy.cmd
explore\Command- vy.cmd
open\Command- vy.cmd
-- End of Deckard's System Scanner: finished at 2009-01-06 09:21:23 ------------
