مشكلة فايروس في الجهاز

الزعيم(1) · 12 يونيو 2009

السلام عليكم ورحمة الله

أحبتي أهالي هذه الدار أريد أن تفيدوني بمشكلتي

جهازي أعتقد أنه مخترق أو أن هناك فايروس لأنني أذا دخلت الدي أو بدأت العمل في تحويل مقاطع للصوت يظهر لي علامة بجوار الساعة لايمكن ملاحظتها لأنها تخرج وتختفي بسرعة وتظل عل هذه الحال حتى أنتهي من العمل

وللمعلومية نزلت برامج الأستكشاف والبحث عن الفايروسات الزيزومية كاسبر والافيرا وغيرها التي وضعت في هذا المنتدى في موضوع واحد ولكن لم يظهر لي شيء

علماً أنني أملك كاسبر سيكورتي 2009 506 وأدخلت معه الأعدادات الزيزومية

أتمنى أفادتي بارك الله فيكم

تم تعديل العنوان الى المناسب
الادارة

ugugx · 12 يونيو 2009

بسم الله نبدا
تقرير:king:
انظر تحت البرنامج فى التوقيع :er:
لا تنزعج الواحد لسه صاحى من امبارح :hh:
قولنا فى التوقيع ليه بتبص هنا

الزعيم(1) · 12 يونيو 2009

خخخخخخ بارك الله فيك

على العموم هذا تقرير لــ ComboFix.exe

ComboFix 09-06-11.06 - abcd 06/12/2009 9:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2038.1556 [GMT 3:00]
Running from: c:\documents and settings\abcd\سطح المكتب\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\kakle.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
c:\windows\system32\winntue16.dll
.
((((((((((((((((((((((((( Files Created from 2009-05-12 to 2009-06-12 )))))))))))))))))))))))))))))))
.
2009-06-11 09:08 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2009-06-11 09:08 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-06-11 09:07 . 2008-03-21 10:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-06-07 17:05 . 2009-06-07 17:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-06-07 17:02 . 2009-02-09 04:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-06-07 17:02 . 2009-02-09 04:37 7808 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-06-07 17:02 . 2009-02-09 04:37 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-06-07 17:02 . 2009-02-09 04:37 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-06-07 17:02 . 2009-02-09 04:37 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-06-07 17:02 . 2009-02-09 04:32 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-06-07 17:00 . 2009-06-07 17:00 24376008 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_en[1].exe
2009-06-07 16:51 . 2009-06-07 16:51 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-06-07 16:51 . 2009-06-07 16:51 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-06-07 16:51 . 2009-06-07 16:51 3181612 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-06-04 11:00 . 2009-06-04 11:02 -------- d-----w- C:\video_output
2009-06-04 10:58 . 2009-06-04 11:00 -------- d-----w- c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2009-05-30 21:21 . 2009-05-30 21:21 -------- d-sh--w- c:\documents and settings\abcd\UserData
2009-05-30 20:58 . 2009-05-30 20:58 -------- d-----w- c:\program files\Safer Networking
2009-05-30 03:33 . 2009-05-30 03:33 -------- d-----w- c:\program files\Windows Defender
2009-05-30 03:33 . 2009-05-30 03:33 -------- d-----w- c:\program files\Photo Story 3 for Windows
2009-05-29 19:45 . 2009-05-29 19:45 -------- d-sh--w- c:\documents and settings\abcd\IECompatCache
2009-05-29 19:45 . 2009-05-29 19:45 -------- d-sh--w- c:\documents and settings\abcd\PrivacIE
2009-05-29 19:44 . 2009-05-29 19:44 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-05-29 19:43 . 2009-05-29 19:43 -------- d-sh--w- c:\documents and settings\abcd\IETldCache
2009-05-29 19:36 . 2009-05-29 19:36 127 ----a-w- c:\documents and settings\abcd\Local Settings\Application Data\fusioncache.dat
2009-05-29 19:36 . 2009-05-29 19:36 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\ApplicationHistory
2009-05-29 19:18 . 2009-05-29 19:18 -------- d-----w- c:\windows\ie8updates
2009-05-29 19:18 . 2009-05-12 05:11 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-05-29 19:17 . 2009-05-29 19:18 -------- dc-h--w- c:\windows\ie8
2009-05-29 19:02 . 2008-04-14 15:59 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-05-29 18:20 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-05-29 18:20 . 2009-03-06 14:20 283136 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-05-29 18:20 . 2009-02-09 11:21 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-05-29 18:20 . 2009-02-09 10:51 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-05-29 18:20 . 2009-02-09 10:51 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-05-29 18:20 . 2009-02-09 10:51 723456 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-05-29 18:20 . 2009-02-09 10:51 681472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-05-29 18:20 . 2009-02-09 10:51 693760 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-05-29 18:20 . 2009-02-09 10:51 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-05-29 18:19 . 2008-04-21 21:14 215040 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-05-28 21:29 . 2009-05-28 21:30 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\Pando
2009-05-28 21:28 . 2009-05-28 21:30 -------- d-----w- c:\program files\Pando Networks
2009-05-28 21:28 . 2009-05-28 21:28 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\{3F26CA59-9AB0-47A4-9AAE-A33D10F008C9}
2009-05-23 15:12 . 2009-05-23 15:12 -------- d-----w- c:\windows\system32\Adobe
2009-05-23 10:24 . 2009-05-23 10:24 7358 ----a-r- c:\documents and settings\abcd\Application Data\Microsoft\Installer\{998F2DE0-3128-43B7-9A1C-D85A339659A9}\_69525f90.exe
2009-05-23 10:24 . 2009-05-23 10:24 7358 ----a-r- c:\documents and settings\abcd\Application Data\Microsoft\Installer\{998F2DE0-3128-43B7-9A1C-D85A339659A9}\_2cd672ae.exe
2009-05-23 10:24 . 2009-05-23 10:24 7358 ----a-r- c:\documents and settings\abcd\Application Data\Microsoft\Installer\{998F2DE0-3128-43B7-9A1C-D85A339659A9}\_16496df1.exe
2009-05-23 08:59 . 2009-05-23 10:06 -------- d-----w- c:\program files\EjoyStudio
2009-05-22 18:04 . 2009-05-22 18:04 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-05-18 19:33 . 2009-05-18 19:43 -------- d-----w- c:\program files\WinSnap
2009-05-18 19:33 . 2009-05-18 19:33 -------- d-----w- c:\program files\Ask Search Assistant
2009-05-18 13:59 . 2009-05-18 13:59 -------- d-----w- c:\program files\AliveMedia
2009-05-18 13:45 . 2006-10-24 11:16 242176 ----a-w- c:\windows\system32\fixflash.exe
2009-05-18 13:45 . 2002-10-06 23:42 237568 ----a-w- c:\windows\system32\OggDS.dll
2009-05-18 13:45 . 2002-10-05 04:04 921600 ----a-w- c:\windows\system32\vorbisenc.dll
2009-05-18 13:45 . 2002-10-05 04:04 188416 ----a-w- c:\windows\system32\vorbis.dll
2009-05-18 13:45 . 2002-10-05 04:04 45056 ----a-w- c:\windows\system32\ogg.dll
2009-05-18 13:45 . 2007-04-12 11:19 129024 ----a-w- c:\windows\system32\AVERM.dll
2009-05-18 13:45 . 2006-09-26 10:57 28672 ----a-w- c:\windows\system32\AVEQT.dll
2009-05-18 13:45 . 2009-05-18 13:46 -------- d-----w- c:\program files\Ultra Flash Video FLV Converter
2009-05-18 13:38 . 2009-06-04 10:48 -------- d-----w- c:\program files\Total Video Converter
2009-05-17 21:24 . 2009-05-17 21:24 -------- d-----w- c:\program files\Common Files\SourceTec
2009-05-17 21:24 . 2007-12-24 10:47 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-17 21:24 . 2007-11-29 09:52 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2009-05-17 21:24 . 2009-05-17 21:24 -------- d-----w- c:\program files\ffdshow
2009-05-17 19:43 . 2009-05-17 19:43 -------- d-----w- c:\program files\Common Files\Xara
2009-05-17 19:21 . 2009-05-17 19:44 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\Xara
2009-05-17 19:20 . 2009-05-17 19:43 -------- d-----w- c:\program files\Xara
2009-05-17 18:39 . 2009-05-17 18:46 -------- d-----w- c:\program files\Breakaway
2009-05-17 12:01 . 2009-05-17 12:01 -------- d-----w- c:\windows\Sun
2009-05-17 12:00 . 2009-05-17 12:00 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-17 12:00 . 2009-05-17 12:00 -------- d-----w- c:\program files\Java
2009-05-17 11:59 . 2009-05-17 11:59 152576 ----a-w- c:\documents and settings\abcd\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-05-15 20:42 . 2009-05-15 20:42 94636 ---ha-w- c:\windows\system32\mlfcache.dat
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\Apple Computer
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\documents and settings\abcd\Application Data\Apple Computer
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\program files\Bonjour
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\documents and settings\abcd\Local Settings\Application Data\Apple
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\program files\Apple Software Update
2009-05-15 20:41 . 2009-05-15 20:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 05:38 . 2008-12-16 15:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-11 21:59 . 2008-12-16 15:23 663584 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-11 21:59 . 2008-12-16 15:23 5444 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-11 21:59 . 2008-12-16 15:23 2817056 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-11 21:59 . 2008-12-16 15:23 26232 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-11 09:08 . 2009-06-11 09:08 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-06-11 09:08 . 2009-06-11 09:08 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-10 04:29 . 2009-04-05 20:04 -------- d-----w- c:\program files\PhotoZoom Pro 2
2009-06-10 04:24 . 2009-01-15 12:47 -------- d-----w- c:\program files\FATTAK
2009-06-10 03:36 . 2001-09-19 12:00 72284 ----a-w- c:\windows\system32\perfc001.dat
2009-06-10 03:36 . 2001-09-19 12:00 377926 ----a-w- c:\windows\system32\perfh001.dat
2009-06-07 17:02 . 2008-12-05 12:30 -------- d-----w- c:\program files\Nokia
2009-06-07 17:00 . 2009-02-11 20:27 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-07 16:51 . 2009-02-11 20:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-05 09:06 . 2008-12-03 13:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-29 19:44 . 2008-12-01 18:25 145472 ----a-w- c:\documents and settings\abcd\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-29 19:39 . 2008-12-07 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-29 19:12 . 2008-12-07 10:58 -------- d-----w- c:\program files\Microsoft Works
2009-05-29 19:01 . 2008-11-29 19:46 -------- d-----w- c:\program files\Windows Live
2009-05-20 14:48 . 2008-12-16 15:24 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-20 14:48 . 2008-12-16 15:24 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-18 19:32 . 2008-12-01 18:27 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-17 19:20 . 2008-11-29 18:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-07 21:16 . 2009-05-07 21:16 -------- d-----w- c:\program files\All2Chat
2009-05-05 20:24 . 2008-12-15 18:36 -------- d-----w- c:\documents and settings\abcd\Application Data\Skype
2009-05-05 16:01 . 2008-12-15 18:39 -------- d-----w- c:\documents and settings\abcd\Application Data\skypePM
2009-04-30 09:16 . 2009-04-30 09:16 -------- d-----w- c:\documents and settings\abcd\Application Data\FastStone
2009-04-27 09:57 . 2009-04-27 09:57 -------- d-----w- c:\program files\LtUcx
2009-04-25 20:19 . 2008-12-26 17:08 -------- d-----w- c:\program files\Google
2009-04-25 13:18 . 2009-04-25 13:13 -------- d-----w- c:\program files\Imageshackert
2009-04-21 17:24 . 2009-04-21 17:24 203776 ----a-w- c:\windows\system32\clrviddc.dll
2009-04-21 17:23 . 2009-04-21 17:23 -------- d-----w- c:\program files\Common Files\xing shared
2009-04-21 17:23 . 2008-12-01 17:54 -------- d-----w- c:\program files\Common Files\Real
2009-04-21 17:23 . 2003-03-18 17:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-04-21 17:19 . 2009-04-21 17:19 390664 ----a-w- c:\documents and settings\abcd\Application Data\Real\RealPlayer\setup\AU_setup6.exe
2009-04-17 18:18 . 2009-04-17 18:11 -------- d-----w- c:\program files\Diction
2009-04-17 18:11 . 2009-04-17 18:08 11157 ----a-w- c:\program files\ST6UNST.LOG
2009-04-17 18:10 . 2009-04-17 18:10 -------- d-----w- c:\program files\Help
2009-04-17 18:10 . 2009-04-17 18:09 172032 ------w- c:\windows\Setup1.exe
2009-04-17 18:10 . 2009-04-17 18:08 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-04-17 17:57 . 2009-04-05 20:01 -------- d-----w- c:\documents and settings\abcd\Application Data\IDM
2009-04-17 17:23 . 2009-04-05 20:01 -------- d-----w- c:\documents and settings\abcd\Application Data\DMCache
2002-01-21 11:47 . 2002-01-21 11:47 688128 ----a-w- c:\program files\Golden Al-Wafi Translator.exe
2002-01-18 08:03 . 2002-01-18 08:03 57344 ----a-w- c:\program files\ataLookUp.dll
2002-01-18 07:37 . 2002-01-18 07:37 503808 ----a-w- c:\program files\WafiGolden.dll
2002-01-17 12:33 . 2002-01-17 12:33 11837 ----a-w- c:\program files\captions.ini
2002-01-16 08:46 . 2002-01-16 08:46 143360 ----a-w- c:\program files\ataRegister.dll
2002-01-15 10:34 . 2002-01-15 10:34 53248 ----a-w- c:\program files\ataInfo.dll
2006-10-11 08:04 . 2008-12-26 17:26 61036 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-10-11 08:04 . 2008-12-26 17:26 48742 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-10-11 08:05 . 2008-12-26 17:26 29313 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2006-10-11 08:05 . 2008-12-26 17:26 41082 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2006-10-11 08:04 . 2008-12-26 17:26 166510 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 695808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-04 206088]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-21 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-17 148888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-12-7 113664]
Norton GoBack.lnk - c:\program files\Norton GoBack\GBTray.exe [2004-8-13 803976]
«©م، ¢¬نïé Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 07:19 م 13592]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S2 HidCom;USB-HID -> COM Driver Service;c:\windows\system32\drivers\HidCom.sys [28/12/2008 06:23 م 69575]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-06-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
2009-06-12 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]
2009-06-09 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
2009-06-12 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Vista Rainbar - c:\program files\Vista Rainbar\Rainmeter.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java -