[تم حل المشكلة]لدي مشكلة صغيرة أصبح جهازي ثقيل والتصفح بطيئ الاتقرير

الحالة
مغلق و غير مفتوح للمزيد من الردود.
M

mehrez01

زيزوومي نشيط
إنضم
8 أغسطس 2008
المشاركات
125
مستوى التفاعل
6
النقاط
170
غير متصل
السلام عليكم و رحمة الله و بركاته
لدي مشكلة صغيرة أصبح جهازي ثقيل
والتصفح بطيئ
الاتقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:25:53, on 12/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Kwinzy\kwinzy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Documents and Settings\user\Bureau\srsssc.exe" /hideme
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SetPoint.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Kwinzy Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\Kwinzy\kwinzy119.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Fichiers communs\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 4930 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
ComboFix 09-06-11.06 - user 12/06/2009 15:39.9 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.216.1036.18.478.49 [GMT 2:00]
Running from: F:\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-05-12 to 2009-06-12 )))))))))))))))))))))))))))))))
.

2009-06-11 18:42 . 2009-06-11 18:42 -------- d-----w- c:\documents and settings\majid\Application Data\Logitech
2009-06-11 17:20 . 2009-06-11 17:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-06-10 20:35 . 2009-05-13 05:04 915456 ------w- c:\windows\system32\dllcache\wininet.dll
2009-06-10 20:35 . 2009-04-30 21:16 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2009-06-10 20:35 . 2009-04-30 21:16 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2009-06-10 20:35 . 2009-04-30 21:16 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2009-06-10 20:35 . 2009-04-30 11:21 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-10 20:35 . 2009-04-30 21:16 1985024 ------w- c:\windows\system32\dllcache\iertutil.dll
2009-06-10 20:35 . 2009-05-13 05:04 5936128 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-06-10 20:35 . 2009-04-30 21:16 385536 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2009-06-10 20:35 . 2009-04-30 21:16 1207808 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-06-10 20:35 . 2009-04-30 21:16 11064832 ------w- c:\windows\system32\dllcache\ieframe.dll
2009-06-10 18:10 . 2009-06-10 18:10 -------- d-----w- c:\documents and settings\user\Application Data\Logitech
2009-06-10 18:10 . 2009-06-10 18:10 10134 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON.exe
2009-06-10 18:10 . 2007-12-03 07:58 69632 ----a-w- c:\windows\system32\KemXML.dll
2009-06-10 18:10 . 2007-12-03 07:58 163840 ----a-w- c:\windows\system32\kemutb.dll
2009-06-10 18:10 . 2007-12-03 07:58 110592 ----a-w- c:\windows\system32\KemWnd.dll
2009-06-10 18:09 . 2007-12-03 07:58 131072 ----a-w- c:\windows\system32\KemUtil.dll
2009-06-10 18:09 . 2009-06-10 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
2009-06-10 18:09 . 2009-06-10 18:10 -------- d-----w- c:\program files\SetPoint
2009-06-10 18:09 . 2009-06-10 18:09 10134 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{9060B698-2B29-4A1F-B876-BEAC4C0A25D5}\ARPPRODUCTICON.exe
2009-06-10 18:09 . 2009-06-10 18:10 -------- d-----w- c:\program files\Fichiers communs\Logitech
2009-06-10 16:57 . 2009-06-10 18:10 -------- dc----w- c:\windows\system32\DRVSTORE
2009-06-10 16:57 . 2009-06-10 16:57 -------- d-----w- c:\program files\Sony Ericsson
2009-06-10 11:38 . 2009-06-10 11:38 -------- d-----w- c:\program files\Alfa Autorun Killer 2
2009-06-10 09:45 . 2009-06-10 09:45 -------- d-----w- c:\program files\Mobile Action
2009-06-09 19:40 . 2009-06-09 19:40 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\SRS Labs
2009-06-09 19:40 . 2009-06-09 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\SRS Labs
2009-06-09 19:39 . 2009-06-09 19:39 -------- d-----w- c:\program files\Fichiers communs\SRS Labs Shared
2009-06-09 19:39 . 2009-06-09 19:39 86016 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{C67570B3-2545-4E87-BD2C-5CDC71CDA13E}\NewShortcut111_3D3A44E5F4C5493583628729BDFD46E8.exe
2009-06-09 19:39 . 2009-06-09 19:39 86016 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{C67570B3-2545-4E87-BD2C-5CDC71CDA13E}\NewShortcut11_3D3A44E5F4C5493583628729BDFD46E8.exe
2009-06-09 19:39 . 2009-06-09 19:39 86016 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{C67570B3-2545-4E87-BD2C-5CDC71CDA13E}\NewShortcut1_169D2098AAE54AAAB9FD06A9EF288CAB.exe
2009-06-09 19:39 . 2009-06-09 19:39 10134 ----a-r- c:\documents and settings\user\Application Data\Microsoft\Installer\{C67570B3-2545-4E87-BD2C-5CDC71CDA13E}\ARPPRODUCTICON.exe
2009-06-09 19:39 . 2009-06-09 19:39 -------- d-----w- c:\program files\SRS Labs
2009-06-09 18:08 . 2009-06-09 18:08 -------- d-----w- c:\program files\Freeze.com
2009-06-09 18:08 . 2009-06-12 13:28 -------- d-----w- c:\program files\Kwinzy
2009-06-09 10:18 . 2009-06-09 10:18 -------- d-----w- c:\program files\Free Offers from Freeze.com
2009-06-08 18:41 . 2009-06-08 18:41 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Runscanner.net
2009-06-07 12:14 . 2000-07-14 22:00 101888 ----a-w- c:\windows\system32\VB6STKIT.DLL
2009-06-07 12:14 . 2009-06-07 12:14 -------- d-----w- c:\program files\Plustech Inc
2009-06-07 12:14 . 1998-07-30 10:51 305152 ----a-w- c:\windows\IsUninst.exe
2009-06-06 23:24 . 2009-06-04 22:50 51200 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\eqnigg3n.default\extensions\{f19d3609-56b9-4436-950e-d283dc93247c}\components\FFExternalAlert.dll
2009-06-06 23:24 . 2009-06-04 22:50 114688 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\eqnigg3n.default\extensions\{f19d3609-56b9-4436-950e-d283dc93247c}\components\npmozax.dll
2009-06-06 21:35 . 2009-06-06 21:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Help
2009-06-06 14:14 . 2009-06-06 14:14 -------- d-----w- c:\program files\MSXML 4.0
2009-06-06 13:53 . 2001-08-17 19:57 16128 ----a-w- c:\windows\system32\drivers\MODEMCSA.sys
2009-06-06 13:53 . 2001-08-17 19:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys
2009-06-06 13:52 . 2009-06-06 13:52 -------- d-----w- c:\program files\CONEXANT
2009-06-05 19:21 . 2009-06-05 19:21 -------- d-----w- c:\documents and settings\user\Application Data\Samsung
2009-06-05 19:11 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2009-06-05 19:10 . 2009-06-05 19:19 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-06-05 19:09 . 2007-05-02 09:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys
2009-06-05 19:09 . 2007-05-02 09:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys
2009-06-05 19:09 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys
2009-06-05 19:09 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys
2009-06-05 19:09 . 2009-06-05 19:09 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-06-05 19:09 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_whnt.sys
2009-06-05 19:09 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys
2009-06-05 19:09 . 2007-05-02 09:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys
2009-06-05 19:09 . 2009-06-05 19:09 -------- d-----w- c:\program files\Samsung
2009-06-05 18:56 . 2009-06-05 18:56 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-05 18:56 . 2008-12-11 11:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-05 18:56 . 2009-06-05 18:56 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-05 18:56 . 2009-06-05 18:56 -------- d-----w- c:\documents and settings\user\Application Data\TuneUp Software
2009-06-05 18:55 . 2009-06-05 18:55 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-06-05 18:55 . 2009-06-05 18:56 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-05 14:51 . 2009-06-05 20:27 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Conduit
2009-06-04 19:32 . 2008-07-08 12:54 148496 ----a-w- c:\windows\system32\drivers\01667639.sys
2009-06-02 20:03 . 2009-06-02 20:03 -------- d-sh--w- c:\documents and settings\Administrateur\IECompatCache
2009-06-02 20:03 . 2009-06-02 20:03 -------- d-sh--w- c:\documents and settings\Administrateur\PrivacIE
2009-06-02 20:00 . 2009-06-10 20:57 -------- d-----w- c:\windows\system32\dllcache
2009-06-02 18:24 . 2009-06-02 18:24 -------- d-sh--w- c:\documents and settings\majid\IETldCache
2009-06-02 17:03 . 2009-06-12 13:42 163377184 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-01 18:33 . 2009-06-04 18:56 165232 ---ha-w- c:\documents and settings\user\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll
2009-06-01 16:05 . 2009-06-01 16:05 -------- d-sh--w- c:\documents and settings\Administrateur\IETldCache
2009-06-01 15:18 . 2009-06-01 15:18 -------- d-sh--w- c:\documents and settings\user\IECompatCache
2009-06-01 15:18 . 2009-06-01 15:18 -------- d-sh--w- c:\documents and settings\user\PrivacIE
2009-06-01 14:24 . 2008-04-14 02:33 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-06-01 14:21 . 2009-06-01 14:21 -------- d-sh--w- c:\documents and settings\user\IETldCache
2009-06-01 14:18 . 2009-06-01 14:18 -------- d-----w- c:\windows\ie8updates
2009-06-01 14:17 . 2009-06-01 14:17 -------- dc-h--w- c:\windows\ie8
2009-06-01 13:55 . 2009-06-01 13:55 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-01 13:52 . 2009-06-01 13:53 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-06-01 13:52 . 2009-06-01 13:52 -------- d-----w- c:\windows\system32\LogFiles
2009-06-01 09:32 . 2009-06-01 14:20 -------- d-----w- c:\windows\system32\fr-fr
2009-06-01 09:32 . 2009-06-01 09:32 -------- d-----w- c:\windows\l2schemas
2009-06-01 09:32 . 2009-06-01 09:32 -------- d-----w- c:\windows\system32\fr
2009-06-01 09:32 . 2009-06-01 09:32 -------- d-----w- c:\windows\system32\bits
2009-06-01 09:30 . 2009-06-01 09:32 -------- d-----w- c:\windows\ServicePackFiles
2009-05-31 19:29 . 2007-10-23 07:27 110592 ----a-w- c:\documents and settings\user\Application Data\U3\temp\cleanup.exe
2009-05-31 19:27 . 2008-05-02 08:41 3493888 ---ha-w- c:\documents and settings\user\Application Data\U3\temp\Launchpad Removal.exe
2009-05-31 18:42 . 2009-05-31 18:42 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Adobe
2009-05-31 18:41 . 2009-05-31 18:41 -------- d-----w- c:\program files\Fichiers communs\Adobe
2009-05-31 18:33 . 2009-05-31 18:33 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-05-31 18:33 . 2009-03-03 12:53 17464 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\eqnigg3n.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg.exe
2009-05-31 18:33 . 2009-03-03 12:53 12792 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\eqnigg3n.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\chrome\content\getPlus_Adobe_reg_bootstrap.exe
2009-05-31 18:33 . 2009-03-03 12:53 109420 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\eqnigg3n.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll
2009-05-31 18:31 . 2009-05-31 18:31 73216 ----a-w- c:\windows\cadkasdeinst01f.exe
2009-05-29 19:01 . 2009-05-29 19:01 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-29 18:32 . 2009-05-29 18:32 -------- d-----w- c:\documents and settings\user\Application Data\Big Fish Games
2009-05-29 17:37 . 2009-05-29 17:37 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla
2009-05-29 13:07 . 2009-05-29 14:59 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-29 13:02 . 2004-08-03 20:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2009-05-28 20:31 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\drivers\bthport.sys
2009-05-28 18:00 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
2009-05-28 18:00 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\ndisip.sys
2009-05-28 18:00 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\streamip.sys
2009-05-28 18:00 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\slip.sys
2009-05-28 18:00 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\wstcodec.sys
2009-05-28 18:00 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys
2009-05-28 18:00 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys
2009-05-28 18:00 . 2008-04-14 02:33 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-05-28 17:59 . 2007-11-02 09:07 6656 ----a-w- c:\windows\system32\CoInst_071102.dll
2009-05-28 17:59 . 2007-10-25 16:31 616064 ----a-w- c:\windows\system32\drivers\PFC027.SYS
2009-05-28 17:59 . 2007-10-04 15:42 48128 ----a-w- c:\windows\system32\Remove.exe
2009-05-28 17:59 . 2009-05-28 17:59 -------- d-----w- c:\program files\Fichiers communs\PAC207
2009-05-28 17:59 . 2006-10-12 09:57 14336 ----a-w- c:\windows\system32\P207USD.dll
2009-05-28 12:38 . 2009-05-28 12:38 -------- d--h--w- c:\windows\PIF
2009-05-27 18:42 . 2009-05-27 18:42 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-05-27 10:01 . 2009-05-27 10:01 -------- d-----w- c:\documents and settings\majid\Application Data\ESET
2009-05-26 18:55 . 2009-05-26 18:55 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer
2009-05-26 18:52 . 2009-05-26 18:53 -------- d-----w- c:\program files\QuickTime
2009-05-26 18:52 . 2009-05-26 18:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-05-26 18:52 . 2009-05-26 18:52 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Apple
2009-05-26 18:52 . 2009-05-26 18:52 -------- d-----w- c:\program files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-12 10:50 . 2009-06-02 17:03 1872968 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-10 18:09 . 2009-05-24 13:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-09 18:08 . 2009-06-09 18:08 118784 ----a-w- c:\windows\Web\Wallpaper\Waterfalls Animated Wallpaper dir\uninstall.exe
2009-06-06 13:53 . 2001-09-28 12:00 50136 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-06 13:53 . 2001-09-28 12:00 371018 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-01 16:03 . 2009-05-30 22:14 -------- d-----w- c:\documents and settings\user\Application Data\cleaner
2009-06-01 09:35 . 2009-05-24 13:38 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-31 19:56 . 2009-05-24 13:49 -------- d-----w- c:\program files\Dell
2009-05-30 22:14 . 2009-05-30 22:14 -------- d-----w- c:\documents and settings\user\Application Data\CyberScrub
2009-05-28 20:12 . 2009-05-24 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-24 14:06 . 2009-05-24 14:06 -------- d-----w- c:\program files\Microsoft Works
2009-05-24 14:06 . 2009-05-24 14:06 -------- d-----w- c:\program files\MSBuild
2009-05-24 13:55 . 2009-05-24 13:55 1915520 ----a-w- c:\documents and settings\user\Application Data\Macromedia\Flash Player\

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


2009-05-24 13:51 . 2009-05-24 13:51 -------- d-----w- c:\program files\Analog Devices
2009-05-24 13:39 . 2009-05-24 13:39 -------- d-----w- c:\program files\microsoft frontpage
2009-05-24 13:38 . 2009-05-24 13:38 -------- d-----w- c:\program files\Services en ligne
2009-05-24 13:36 . 2009-05-24 13:36 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-24 13:23 . 2009-05-24 13:23 -------- d-----w- c:\documents and settings\user\Application Data\ESET
2009-05-24 13:21 . 2009-05-24 13:21 -------- d-----w- c:\program files\ESET
2009-05-24 13:21 . 2009-05-24 13:21 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-05-24 13:09 . 2009-05-24 13:09 -------- d-----w- c:\program files\Lexmark 1200 Series
2009-05-24 13:01 . 2009-05-24 12:56 -------- d-----w- c:\program files\ATI Technologies
2009-05-24 12:55 . 2009-05-24 13:49 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-05-24 12:53 . 2009-05-24 12:53 -------- d-----w- c:\program files\Broadcom
2009-05-14 13:49 . 2009-05-14 13:49 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-05-14 13:49 . 2009-05-14 13:49 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-05-14 13:49 . 2009-05-14 13:49 133000 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-05-14 13:47 . 2009-05-14 13:47 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-05-14 13:41 . 2009-05-14 13:41 114472 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-05-13 05:04 . 2004-08-19 14:09 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:33 . 2004-08-19 14:09 348672 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 19:50 . 2004-08-19 14:00 1847296 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:53 . 2004-08-19 14:09 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-05-01 843776]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 798720]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-05-25 198160]
"Logitech Hardware Abstraction Layer"="c:\program files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE" [2007-10-09 100888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2009-6-10 679936]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [24/05/2009 14:54 3456]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14/05/2009 15:47 107256]
R1 is-9RDQBdrv;is-9RDQBdrv;c:\windows\system32\drivers\01667639.sys [04/06/2009 21:32 148496]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14/05/2009 15:47 731840]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [05/06/2009 20:56 603904]
S3 PAC207;Eye 110;c:\windows\system32\drivers\PFC027.SYS [28/05/2009 19:59 616064]
S3 scrcap;scrcap;c:\windows\system32\DRIVERS\scrcap.sys --> c:\windows\system32\DRIVERS\scrcap.sys [?]
S4 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe --> c:\program files\NOS\bin\getPlus_HelperSvc.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-12 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2009-05-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-06-12 c:\windows\Tasks\User_Feed_Synchronization-{BF3D3DBA-70FB-4B2F-80EB-BA1AFD81337D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

2009-06-12 c:\windows\Tasks\User_Feed_Synchronization-{F16FB740-72B4-4D2A-99E7-B55881EFBB2D}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-SRS Audio Sandbox - c:\documents and settings\user\Bureau\srsssc.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.microsoft.com
mStart Page = hxxp://www.microsoft.com
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath -
.
.
------- File Associations -------
.
vbefile\shell\edit\command=c:\windows\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-06-12 15:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1460)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\eappprxy.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
Completion time: 2009-06-12 15:43
ComboFix-quarantined-files.txt 2009-06-12 13:43

Pre-Run: 81 824 894 976 octets libres
Post-Run: 81 831 108 608 octets libres

275 --- E O F --- 2009-06-10 20:57
 
تأييد 0
التقرير سليم
اعمل التالي

حمل هذا الملف وقوم بتشغيله

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



واتبع التالي كما موجود بالصور

i15024_000.png


i15025_001.png



ثانيا / ولتنظيف الجهاز بالكامل من مخلفات الملفات المؤقته وتصفح الانترنت
حمل الملف هذا واتبع الارشادات

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



موفق
 
تأييد 0
شكرا لك احسن من قبل
 
تأييد 0
العفوو اخي
موفق
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى