الجهاز يعلق

  • بادئ الموضوع بادئ الموضوع yaseen1
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,112
Y

yaseen1

زيزوومي جديد
إنضم
3 أكتوبر 2007
المشاركات
35
مستوى التفاعل
0
النقاط
40
الإقامة
iraq
غير متصل
السلام عليكم اخواني
مشكلتي بجهازي هو عندما اول ما شغله ممتاز وسريع وبعد حوالي نص ساعه يعلق يجمد ولا يقوم بفتح صفحة انترنت او اي شي الا اعمل له ريستارت وبعد ما يشتغل اعتيادي ويرجع يعلق مع العلم اني قمت يتنظيف المروحه وعمل فورمات ونفس الشي بقى ما تغير شي

ولكم جزيل الشكر
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
و عليكم السلام و رحمة الله و بركته ...

حياك الله ...

أعمل التالي ...

حمل هذه الأداة ...

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها و روح على [ Do a system scan and save log ] ...

شوي و يعطيك تقرير داخل مفكرة ...

أنسخه كاملا ً ... و بشكل صحيح ...

و لصقه في ردك القادم ...
 
توقيع : format
تأييد 0
السلام عليكم اخي العزيز

هذا هو التقرير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:32:52 AM, on 6/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys\WUSB300N\WLService.exe
C:\Program Files\Linksys\WUSB300N\WUSB300N.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\SunShine\Desktop\New Folder\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: WUSB300NSvc - Unknown owner - C:\Program Files\Linksys\WUSB300N\WLService.exe
--
End of file - 10626 bytes
 
تأييد 0
هلا بك

عطل برامج الحماية وشغل الأداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes


اثناء الفحص ممكن يعاد تشغيل الجهاز


وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى


وارفع تقرير هايجاك جديد مع هذا التقرير
 
توقيع : AbOdy
تأييد 0
ComboFix 09-05-31.06 - SunShine 06/01/2009 12:35.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.964.1033.18.3327.2441 [GMT -4:00]
Running from: c:\documents and settings\SunShine\Desktop\New Folder\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\test.txt
.
((((((((((((((((((((((((( Files Created from 2009-05-01 to 2009-06-01 )))))))))))))))))))))))))))))))
.
2009-06-01 08:59 . 2009-06-01 08:59 -------- d-----w- c:\documents and settings\SunShine\Local Settings\Application Data\Adobe
2009-06-01 07:09 . 2009-06-01 07:09 -------- d-----w- c:\program files\Microsoft Silverlight
2009-06-01 06:22 . 2009-06-01 06:22 -------- d-----w- c:\program files\Common Files\Scanner
2009-06-01 06:22 . 2009-06-01 06:25 -------- d-----w- c:\program files\CA Yahoo! Anti-Spy
2009-06-01 06:19 . 2008-10-16 18:06 268648 ----a-w- c:\windows\system32\mucltui.dll
2009-06-01 06:19 . 2008-10-16 18:06 208744 ----a-w- c:\windows\system32\muweb.dll
2009-06-01 06:15 . 2009-06-01 16:41 -------- d-----w- c:\documents and settings\SunShine\Tracing
2009-06-01 06:14 . 2009-06-01 06:14 -------- d-----w- c:\program files\Microsoft
2009-06-01 06:14 . 2009-06-01 06:14 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-01 06:14 . 2009-06-01 06:14 -------- d-----w- c:\program files\Windows Live
2009-06-01 06:13 . 2009-06-01 06:13 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-01 06:07 . 2009-06-01 06:07 -------- d--h--w- c:\windows\msdownld.tmp
2009-06-01 06:07 . 2009-06-01 06:07 -------- d-----w- c:\windows\Logs
2009-06-01 06:03 . 2009-06-01 06:03 -------- d-----w- c:\documents and settings\SunShine\Local Settings\Application Data\Yahoo
2009-06-01 06:02 . 2009-06-01 06:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-06-01 06:02 . 2009-06-01 06:02 -------- d-----w- c:\documents and settings\SunShine\Application Data\Yahoo!
2009-06-01 06:01 . 2009-06-01 06:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-06-01 06:01 . 2009-05-26 23:50 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-06-01 06:01 . 2009-06-01 06:02 -------- d-----w- c:\program files\Yahoo!
2009-06-01 05:53 . 2009-06-01 05:53 -------- d-----w- c:\program files\Windows Defender
2009-06-01 05:51 . 2009-06-01 05:51 -------- d-----w- c:\documents and settings\SunShine\Local Settings\Application Data\ATI
2009-06-01 05:51 . 2009-06-01 05:51 -------- d-----w- c:\documents and settings\SunShine\Application Data\ATI
2009-06-01 05:51 . 2009-06-01 05:51 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-06-01 05:48 . 2006-10-26 23:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-06-01 05:46 . 2009-06-01 05:46 -------- d-----w- c:\program files\Microsoft Works
2009-06-01 05:45 . 2009-06-01 05:45 -------- d-----w- c:\program files\Microsoft.NET
2009-06-01 05:44 . 2009-06-01 05:44 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-06-01 05:43 . 2009-06-01 05:45 -------- d-----w- c:\windows\SHELLNEW
2009-06-01 05:43 . 2009-06-01 05:43 -------- d-----w- c:\documents and settings\SunShine\Local Settings\Application Data\Microsoft Help
2009-06-01 05:43 . 2009-06-01 05:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-06-01 05:39 . 2009-06-01 05:39 -------- d--h--r- C:\MSOCache
2009-06-01 05:34 . 2009-06-01 05:34 -------- d-----w- c:\windows\system32\XPSViewer
2009-06-01 05:34 . 2009-06-01 05:34 -------- d-----w- c:\program files\MSBuild
2009-06-01 05:34 . 2009-06-01 05:34 -------- d-----w- c:\program files\Reference Assemblies
2009-06-01 05:34 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-06-01 05:34 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-06-01 05:34 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-06-01 05:34 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-06-01 05:34 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-06-01 05:34 . 2009-06-01 05:34 -------- d-----w- C:\ab4dd26fc03d178397d273dd
2009-06-01 05:34 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-06-01 05:34 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-06-01 05:31 . 2009-06-01 05:31 -------- d-----w- c:\program files\MSXML 4.0
2009-06-01 05:28 . 2009-06-01 05:28 -------- d-----w- c:\program files\Windows Desktop Search
2009-06-01 05:28 . 2009-06-01 05:28 -------- d-----w- c:\windows\system32\GroupPolicy
2009-06-01 05:27 . 2009-06-01 05:27 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-01 05:27 . 2009-06-01 05:27 -------- d-----w- c:\windows\system32\LogFiles
2009-06-01 05:26 . 2009-06-01 05:27 -------- d-----w- C:\86fccd1da1ec610a807f1038cab662
2009-06-01 05:21 . 2009-06-01 05:21 -------- d-sh--w- c:\documents and settings\SunShine\IECompatCache
2009-06-01 05:21 . 2009-06-01 05:21 -------- d-sh--w- c:\documents and settings\SunShine\PrivacIE
2009-06-01 05:21 . 2009-06-01 05:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-06-01 05:21 . 2009-06-01 05:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-06-01 05:21 . 2009-06-01 05:38 -------- d-----w- c:\documents and settings\SunShine\Local Settings\Application Data\ApplicationHistory
2009-06-01 05:20 . 2009-06-01 05:20 -------- d-sh--w- c:\documents and settings\SunShine\IETldCache
2009-06-01 05:17 . 2008-04-14 04:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-06-01 05:17 . 2008-04-14 04:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-06-01 05:17 . 2008-04-14 04:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-06-01 05:17 . 2008-04-14 04:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-06-01 05:17 . 2008-04-14 04:16 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-06-01 05:17 . 2008-04-14 04:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-06-01 05:16 . 2008-04-14 04:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-06-01 05:16 . 2008-04-14 04:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-06-01 05:16 . 2008-04-14 04:16 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-06-01 05:16 . 2008-04-14 04:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-06-01 05:16 . 2008-04-14 04:16 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-06-01 05:16 . 2008-04-14 04:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-06-01 05:16 . 2008-04-14 04:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-06-01 05:16 . 2008-04-14 04:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-06-01 05:16 . 2008-04-14 04:15 60032 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys
2009-06-01 05:16 . 2008-04-14 04:15 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-06-01 05:16 . 2008-04-14 09:42 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-06-01 05:16 . 2008-04-14 09:42 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-06-01 05:15 . 2006-12-05 23:39 1964064 ----a-w- c:\windows\system32\drivers\VX3000.sys
2009-06-01 05:15 . 2006-12-05 23:38 707360 ----a-w- c:\windows\vVX3000.exe
2009-06-01 05:15 . 2006-12-05 23:38 473888 ----a-w- c:\windows\vVX3000.dll
2009-06-01 05:15 . 2006-12-05 23:38 199456 ----a-w- c:\windows\system32\LCCoin13.dll
2009-06-01 05:15 . 2006-12-05 23:37 183072 ----a-w- c:\windows\system32\cVX3000.dll
2009-06-01 05:15 . 2006-12-05 23:37 109344 ----a-w- c:\windows\VX3000.dll
2009-06-01 05:12 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-06-01 05:10 . 2009-06-01 05:10 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-06-01 05:10 . 2009-06-01 05:10 -------- d-----w- c:\program files\HP
2009-06-01 05:10 . 2008-04-28 10:14 284160 ----a-w- c:\windows\system32\HP1006LM.DLL
2009-06-01 05:10 . 2008-02-21 03:44 65536 ----a-w- c:\windows\system32\HPPLVS.dll
2009-06-01 05:10 . 2008-04-14 04:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-06-01 05:10 . 2008-04-14 04:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-06-01 05:08 . 2009-06-01 05:08 -------- d-----w- c:\windows\system32\URTTemp
2009-06-01 05:07 . 2009-06-01 05:51 83392 ----a-w- c:\documents and settings\SunShine\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-01 05:07 . 2009-06-01 05:10 -------- d--h--w- c:\program files\Avago-HP
2009-06-01 05:06 . 2009-06-01 05:06 -------- d-sh--w- c:\windows\ftpcache
2009-06-01 05:03 . 2009-06-01 05:03 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-06-01 05:03 . 2009-06-01 05:03 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-06-01 05:03 . 2009-06-01 05:03 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-06-01 05:03 . 2009-06-01 05:03 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-06-01 05:02 . 2009-06-01 05:02 -------- d-----w- c:\windows\ie8updates
2009-06-01 05:01 . 2009-06-01 05:01 -------- dc-h--w- c:\windows\ie8
2009-06-01 05:00 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-06-01 04:55 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-06-01 04:55 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-06-01 04:54 . 2009-02-06 11:08 2189056 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-06-01 04:54 . 2009-02-06 11:06 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-06-01 04:54 . 2009-02-06 10:32 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-06-01 04:54 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-01 04:53 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-06-01 04:52 . 2009-06-01 04:52 -------- d-sh--w- c:\documents and settings\SunShine\UserData
2009-06-01 04:50 . 2009-01-07 22:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-06-01 04:49 . 2009-06-01 07:09 -------- d--h--w- c:\windows\$hf_mig$
2009-06-01 04:49 . 2009-06-01 04:49 -------- d-----w- c:\windows\system32\Adobe
2009-06-01 04:48 . 2009-06-01 04:48 1915520 ----a-w- c:\documents and settings\SunShine\Application Data\Macromedia\Flash Player\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

2009-06-01 04:47 . 2009-06-01 04:47 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-01 04:46 . 2009-06-01 04:46 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-01 04:46 . 2009-06-01 04:46 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-01 04:46 . 2009-06-01 04:46 -------- d-----w- c:\program files\Common Files\Real
2009-06-01 04:46 . 2009-06-01 04:46 -------- d-----w- c:\program files\Real
2009-06-01 04:43 . 2009-06-01 05:03 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-06-01 04:43 . 2009-06-01 05:03 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-06-01 04:43 . 2009-06-01 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-01 04:43 . 2009-06-01 16:40 335904 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-01 04:43 . 2009-06-01 16:40 1204256 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-01 04:43 . 2009-06-01 04:43 -------- d-----w- c:\program files\Kaspersky Lab
2009-06-01 04:42 . 2009-06-01 04:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-01 04:36 . 2009-06-01 04:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-06-01 04:36 . 2009-06-01 04:36 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-01 04:27 . 2009-06-01 04:27 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-06-01 04:27 . 2008-03-04 21:23 2944 ----a-r- c:\windows\system32\LgExport.dll
2009-06-01 04:27 . 2008-03-04 21:23 25344 ----a-r- c:\windows\system32\LGDispDrv.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 16:40 . 2009-06-01 04:43 2228 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-01 16:40 . 2009-06-01 04:43 13632 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-01 05:29 . 2009-06-01 05:29 -------- d-----w- c:\documents and settings\SunShine\Application Data\Windows Desktop Search
2009-06-01 05:15 . 2009-06-01 05:13 -------- d-----w- c:\program files\Microsoft LifeCam
2009-06-01 05:03 . 2008-01-29 22:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-06-01 04:27 . 2009-06-01 03:59 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-01 04:27 . 2009-06-01 03:57 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-01 03:59 . 2009-06-01 03:59 -------- d-----w- c:\program files\Realtek
2009-06-01 03:59 . 2009-06-01 03:59 315392 ----a-w- c:\windows\HideWin.exe
2009-06-01 03:57 . 2009-06-01 03:57 -------- d-----w- c:\program files\AMD
2009-06-01 03:57 . 2009-06-01 03:57 -------- d-----w- c:\documents and settings\SunShine\Application Data\InstallShield
2009-06-01 03:57 . 2009-06-01 03:56 -------- d-----w- c:\program files\UltraISO
2009-06-01 03:56 . 2009-06-01 03:56 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-06-01 03:56 . 2009-06-01 03:56 -------- d-----w- c:\documents and settings\SunShine\Application Data\Apple Computer
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\iTunes
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\iPod
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\Common Files\Apple
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\Bonjour
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\QuickTime
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\program files\Apple Software Update
2009-06-01 03:55 . 2009-06-01 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-06-01 03:53 . 2009-06-01 03:53 -------- d-----w- c:\program files\قاموس صخر الجديد
2009-06-01 03:51 . 2009-06-01 03:40 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-01 03:41 . 2009-06-01 03:41 -------- d-----w- c:\program files\microsoft frontpage
2009-06-01 03:39 . 2009-06-01 03:39 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-29 03:30 . 2009-04-29 03:30 3643904 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-04-29 02:18 . 2009-04-29 02:18 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-04-29 02:17 . 2009-04-29 02:17 335872 ----a-w- c:\windows\system32\ati2dvag.dll
2009-04-29 02:07 . 2009-04-29 02:07 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-04-29 02:06 . 2009-04-29 02:06 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-04-29 02:06 . 2009-04-29 02:06 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-04-29 02:06 . 2009-04-29 02:06 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-04-29 02:06 . 2009-04-29 02:06 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-04-29 02:04 . 2009-04-29 02:04 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-04-29 02:03 . 2009-04-29 02:03 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-04-29 02:00 . 2009-04-29 02:00 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-04-29 01:56 . 2009-04-29 01:56 2997536 ----a-w- c:\windows\system32\ati3duag.dll
2009-04-29 01:45 . 2009-04-29 01:45 11603968 ----a-w- c:\windows\system32\atioglxx.dll
2009-04-29 01:42 . 2009-04-29 01:42 2687872 ----a-w- c:\windows\system32\ativvaxx.dll
2009-04-29 01:42 . 2009-04-29 01:42 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-04-29 01:42 . 2009-04-29 01:42 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-04-29 01:26 . 2009-04-29 01:26 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-04-29 01:26 . 2009-04-29 01:26 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-04-29 01:22 . 2009-04-29 01:22 479232 ----a-w- c:\windows\system32\atikvmag.dll
2009-04-29 01:20 . 2009-04-29 01:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-04-29 01:20 . 2009-04-29 01:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-04-29 01:20 . 2009-04-29 01:20 135168 ----a-w- c:\windows\system32\atiadlxx.dll
2009-04-29 01:19 . 2009-04-29 01:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-04-29 01:19 . 2009-04-29 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-04-29 01:18 . 2009-04-29 01:18 3280896 ----a-w- c:\windows\system32\aticaldd.dll
2009-04-29 01:17 . 2009-04-29 01:17 303104 ----a-w- c:\windows\system32\atiok3x2.dll
2009-04-29 01:13 . 2009-04-29 01:13 630784 ----a-w- c:\windows\system32\ati2cqag.dll
2009-04-02 20:29 . 2009-04-02 20:29 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-01 19:59 . 2009-04-01 19:59 188348 ----a-w- c:\windows\system32\atiicdxx.dat
2009-03-19 20:32 . 2009-06-01 03:55 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-16 18:18 . 2009-06-01 06:08 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-03-16 18:18 . 2009-06-01 06:08 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-03-16 18:18 . 2009-06-01 06:08 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-03-16 18:18 . 2009-06-01 06:08 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-03-09 19:27 . 2009-06-01 06:08 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-03-09 19:27 . 2009-06-01 06:08 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-03-09 19:27 . 2009-06-01 06:08 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-03-08 08:34 . 2008-04-14 01:42 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 08:34 . 2008-04-14 01:41 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 08:33 . 2008-04-14 01:41 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 08:33 . 2008-04-14 01:42 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 08:32 . 2008-04-14 01:41 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 08:32 . 2008-04-14 01:41 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 08:31 . 2008-04-14 01:41 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 08:31 . 2008-04-13 17:56 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 08:31 . 2008-04-14 01:42 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 08:22 . 2004-05-23 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2008-04-14 01:42 284160 ----a-w- c:\windows\system32\pdh.dll
2009-03-03 19:56 . 2009-03-03 19:56 118784 ----a-w- c:\windows\system32\atibtmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-29 61440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-02-27 570664]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2008-02-18 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2008-02-18 1057064]
"NBKeyScan"="c:\program files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe" [2007-09-17 1377576]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-06-01 206088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-01 185872]
"HPUsageTracking"="c:\program files\HP\HP UT\bin\hppusg.exe" [2007-05-04 36864]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-01-13 275800]
"VX3000"="c:\windows\vVX3000.exe" [2006-12-05 707360]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-10 16861184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
forteManager.lnk - c:\program files\LG Soft India\forteManager\bin\Monitor.exe [2009-6-1 1126400]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R2 WUSB300NSvc;WUSB300NSvc;c:\program files\Linksys\WUSB300N\WLService.exe [6/1/2009 12:23 AM 53307]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [7/20/2007 6:40 PM 84992]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 6:06 PM 24592]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe --> c:\program files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [?]
S3 LGDDCDevice;LGDDCDevice;c:\program files\LG Soft India\forteManager\bin\I2CDriver.sys [6/1/2009 12:27 AM 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\LG Soft India\forteManager\bin\PII2CDriver.sys [6/1/2009 12:27 AM 13312]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-06-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-06-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
2009-06-01 c:\windows\Tasks\User_Feed_Synchronization-{9E8C525F-C38D-4AEC-89DC-CDB180793FE0}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

uInternet Connection Wizard,ShellNext = hxxp://www.macromedia.com/software/flash/about/installerRedirect.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-01 12:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2560)
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\spool\drivers\w32x86\3\HP1006MC.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\searchindexer.exe
c:\program files\Linksys\WUSB300N\WUSB300N.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-06-01 12:43 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-01 16:43
Pre-Run: 95,235,010,560 bytes free
Post-Run: 95,745,437,696 bytes free
353 --- E O F --- 2009-06-01 04:50
 
تأييد 0
عطني تقرير هايجاك جديد
HijackThis
 
توقيع : AbOdy
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:55:50 PM, on 6/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Linksys\WUSB300N\WLService.exe
C:\Program Files\Linksys\WUSB300N\WUSB300N.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\SunShine\Desktop\New Folder\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: WUSB300NSvc - Unknown owner - C:\Program Files\Linksys\WUSB300N\WLService.exe
--
End of file - 9638 bytes
 
تأييد 0
السلام عليكم اخواني ارجو الحل عملت الهايجاك ولا احد كمل الحل شو نسيتوني :?::?::no::no:
 
تأييد 0
قم بحدف التالي


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local


O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingle Instance.dll


O4 - HKLM\..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe 1


O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : format
تأييد 0
ياريت تقريرتحطه في نص مش في اخر دنيا على اليسار

طريقة الحذف للاكس بي





mg%20%283%29.png






mg%20%284%29.png




بعدين استخدم ها الادوات



التحميل من هنا




يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي





التوافق : ويندوز اكسبي فقط





شرح الاستخدام ,,,,,,




عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )





000.png






001.png






وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))





002.png


بعدين

هايجك جديد

 
التعديل الأخير بواسطة المشرف:
توقيع : format
تأييد 0
السلام عليكم اخي العزيز قمت بعمل الازم وهذا هو تقرير الهيجاك الجديد ولكن لحد الان ما تغير عندي شي نفس المشكلة الجهاز يجمد الا اعمل ريستارت ولك جزيل الشكر​

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:29:48 AM, on 6/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys\WUSB300N\WLService.exe
C:\Program Files\Linksys\WUSB300N\WUSB300N.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\SunShine\Desktop\New Folder\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\RunOnce: [Privacy Suite] "C:\Documents and Settings\SunShine\Application Data\cleaner\CSPSeraser.exe" "/R:C:\Documents and Settings\SunShine\Application Data\CyberScrub\Privacy Suite"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: WUSB300NSvc - Unknown owner - C:\Program Files\Linksys\WUSB300N\WLService.exe
--
End of file - 10141 bytes​
 
تأييد 0
اجيبوني رحم الله والديكم
 
تأييد 0
اخى عند تعليق الجهاز يظهر لك شاشه زرقاء

ام انه يعلق بس ؟
 
توقيع : king_man
تأييد 0
السلام عليكم اخي
يعلق وبس
 
تأييد 0

اولا افتح جهاز الكمبيوتر
اختار محرك قرص c
بزر الايمن اختار خصائص
من نافذة خصائص القرص c
اختار تبويبت ادوات ثم اختار التدقيق الان
ثم يظهر الي مربع حوار
أضع صح إمام اصلاح اخطاء النظام الملفات تلقائيا
و أضع صح إمام تفحص استردادا لمقاطع التالفة
ثم اضغط على ابداء او اعيد تشغيل الجهاز
 
توقيع : king_man
تأييد 0
اولا افتح جهاز الكمبيوتر
اختار محرك قرص c
بزر الايمن اختار خصائص
من نافذة خصائص القرص c
اختار تبويبت ادوات ثم اختار التدقيق الان
ثم يظهر الي مربع حوار
أضع صح إمام اصلاح اخطاء النظام الملفات تلقائيا
و أضع صح إمام تفحص استردادا لمقاطع التالفة
ثم اضغط على ابداء او اعيد تشغيل الجهاز
أنقر للتوسيع...

بعد ماتساوي كلام الاخ الملك (كينغ)

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وهات التقرير
 
توقيع : format
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى