جهازي بطيئ في بداية تشغيله وهذا تقريره

[المعلمي]

السلام عليكم ورحمة الله وبركاته
احبائي في معي جهاز حق صديق لي ولكن بداية تشغيل الوندوز يجلس لفترة طويلة تستغرق الدقيقتين حتى يظهر الوندوز وايضا في بداية عمل الوندوز مع العلم انه يستخدم كاسبر سيكورتي 2009
وهذا التقرير
Runscanner logfile

* = signed file
- = file not found

General info
------------
Computer name : ABU_MADA_XPSP3_
Creation time : 18/06/2009 09:56:53 ص
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 7.0.5730.13
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 3
RunScanner Version : 1.8.0.0
User Language : العربية (السعودية)
User rights : Administrator
Windows folder : C:\WINDOWS

Running processes
-----------------
* C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
* C:\WINDOWS\System32\alg.exe (Microsoft Corporation)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\WINDOWS\system32\csrss.exe (Microsoft Corporation)
* C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\system32\svchost.exe (Microsoft Corporation)
* C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
* C:\WINDOWS\system32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
C:\Program Files\Ela-Salaty\Salaty.exe (

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

)
* C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
* C:\Documents and Settings\ansar\My Documents\Downloads\Programs\RunScanner.exe (Runscanner.net)
* C:\WINDOWS\system32\services.exe (Microsoft Corporation)
* C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
* C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
* C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
* C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\System32\smss.exe (Microsoft Corporation)
* C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe (Yahoo! Inc.)

Unrated items
-------------
002 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
003 * C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
003 * C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE (Yahoo! Inc.)
004 C:\Program Files\Ela-Salaty\Salaty.exe (

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

)
010 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Internet Security)
010 C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Burning Helper)
011 C:\WINDOWS\System32\Drivers\usbaapl.sys (Apple Mobile USB Driver)
011 * C:\WINDOWS\gdrv.sys (gdrv)
011 * C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys (GEAR ASPI Filter Driver)
011 * C:\WINDOWS\system32\DRIVERS\klim5.sys (Kaspersky Anti-Virus NDIS Filter)
011 * C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab Boot Guard Driver)
011 * C:\WINDOWS\system32\DRIVERS\klif.sys (Kaspersky Lab Driver)
011 * C:\WINDOWS\system32\DRIVERS\klfltdev.sys (Kaspersky Lab KLFltDev)
011 * C:\WINDOWS\system32\drivers\kl1.sys (Kl1)
011 C:\WINDOWS\system32\drivers\ulsata2.sys (ulsata2)
011 C:\WINDOWS\system32\DRIVERS\A0380Vid.sys (USB2.0 PC Camera)
031 C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}
040 * C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.) {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD}
052 * C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) {0055C089-8582-441B-A0BF-17B458C2A3A8}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab) {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
061 C:\Program Files\Common Files\Ulead Systems\DVD\USIShex.dll (Ulead Systems, Inc.) {DBD8E168-244D-448C-9922-25508950D1DC}
061 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab) {85E0B171-04FA-11D1-B7DA-00A0C90348D6}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
067 * C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
069 C:\WINDOWS\system32\mdimon.dll (Microsoft Corporation)
104 * C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Yahoo! Inc.) {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
105 &تصدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
105 إضافة إلى حاجب إعلان الشعار : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل محتوى FLV بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetVL.htm
170 {0a838354-397c-11de-8b88-00241d017282} : Q:\uctg.exe
170 {257b03e0-3dfe-11de-a3f2-00241d017282} : DAT.exe
170 {31229240-3c90-11de-a3e5-00241d017282} : D:\dwwslq.exe
170 {4bb027d5-54f5-11de-806e-00241d017282} : pltkj.pif
170 {4e0fcc76-4902-11de-a017-00241d017282} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
170 {728809d8-3866-11de-98e7-00241d017282} : DAT.exe
170 {8fc53523-4f32-11de-8052-00241d017282} : G:\start.exe
170 {9a54bdd2-4442-11de-9fef-00241d017282} : Q:\LaunchU3.exe -a
170 {9a54bdd3-4442-11de-9fef-00241d017282} : C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Notepad.exe
170 {ae2dc2f1-3def-11de-a3f1-00241d017282} : Q:\start.exe
170 {dfc2a02b-448e-11de-9ff1-00241d017282} : 1utbfd.bat
170 R : R:\LaunchU3.exe -a
173 GUID / CLSID not found
173 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll (Kaspersky Lab) {dd230880-495a-11d1-b064-008048ec2fc5}
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found
221 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll (Kaspersky Lab) {dd230880-495a-11d1-b064-008048ec2fc5}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll (Kaspersky Lab) {dd230880-495a-11d1-b064-008048ec2fc5}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ShellEx.dll (Kaspersky Lab) {dd230880-495a-11d1-b064-008048ec2fc5}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
254 C:\Program Files\FileZilla FTP Client\fzshellext.dll {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}

Missing files
-------------
011 C:\WINDOWS\system32\drivers\Abiosdsk.sys
011 C:\WINDOWS\system32\drivers\abp480n5.sys
011 C:\WINDOWS\system32\drivers\adpu160m.sys
011 C:\WINDOWS\system32\drivers\Aha154x.sys
011 C:\WINDOWS\system32\drivers\aic78u2.sys
011 C:\WINDOWS\system32\drivers\aic78xx.sys
011 C:\WINDOWS\system32\drivers\AliIde.sys
011 C:\WINDOWS\system32\drivers\amsint.sys
011 C:\WINDOWS\system32\drivers\asc.sys
011 C:\WINDOWS\system32\drivers\asc3350p.sys
011 C:\WINDOWS\system32\drivers\asc3550.sys
011 C:\WINDOWS\system32\drivers\Atdisk.sys
011 C:\WINDOWS\system32\drivers\cd20xrnt.sys
011 C:\WINDOWS\system32\drivers\Changer.sys
011 C:\WINDOWS\system32\drivers\CmdIde.sys
011 C:\WINDOWS\system32\drivers\Cpqarray.sys
011 C:\WINDOWS\system32\drivers\dac2w2k.sys
011 C:\WINDOWS\system32\drivers\dac960nt.sys
011 C:\WINDOWS\system32\drivers\dpti2o.sys
011 C:\WINDOWS\system32\drivers\hpn.sys
011 C:\WINDOWS\system32\drivers\i2omgmt.sys
011 C:\WINDOWS\system32\drivers\i2omp.sys
011 C:\WINDOWS\system32\drivers\ini910u.sys
011 C:\WINDOWS\system32\drivers\IntelIde.sys
011 C:\WINDOWS\system32\drivers\lbrtfdc.sys
011 C:\WINDOWS\system32\drivers\mraid35x.sys
011 C:\WINDOWS\system32\drivers\PCIDump.sys
011 C:\WINDOWS\system32\drivers\PDCOMP.sys
011 C:\WINDOWS\system32\drivers\PDFRAME.sys
011 C:\WINDOWS\system32\drivers\PDRELI.sys
011 C:\WINDOWS\system32\drivers\PDRFRAME.sys
011 C:\WINDOWS\system32\drivers\perc2.sys
011 C:\WINDOWS\system32\drivers\perc2hib.sys
011 C:\WINDOWS\system32\drivers\ql1080.sys
011 C:\WINDOWS\system32\drivers\Ql10wnt.sys
011 C:\WINDOWS\system32\drivers\ql12160.sys
011 C:\WINDOWS\system32\drivers\ql1240.sys
011 C:\WINDOWS\system32\drivers\ql1280.sys
011 C:\WINDOWS\system32\drivers\Simbad.sys
011 C:\WINDOWS\system32\drivers\Sparrow.sys
011 C:\WINDOWS\system32\drivers\sym_hi.sys
011 C:\WINDOWS\system32\drivers\sym_u3.sys
011 C:\WINDOWS\system32\drivers\symc810.sys
011 C:\WINDOWS\system32\drivers\symc8xx.sys
011 C:\WINDOWS\system32\drivers\TosIde.sys
011 C:\WINDOWS\system32\drivers\ultra.sys
011 C:\WINDOWS\system32\drivers\ViaIde.sys
011 C:\WINDOWS\system32\drivers\WDICA.sys
061 deskpan.dll
وجزاكم الله خير الجزاء طبعا عمل التقرير ببرنامج
runscanner

 

[rd-19]

وعليكم السلام ورحمة الله

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​

 

[المعلمي]

حياك الله اخي الحبيب معروف الهايجك بس اكثر من شخص ينصح عمل الفحص والتقرير بهذا البرنامج السابق لكن مافي مشكله هذا التقرير ببرنامج الهايجك
Logfile of HijackThis v1.99.1
Scan saved at 10:18:43 ص, on 18/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\ansar\My Documents\Downloads\Programs\RunScanner.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
K:\HijackThis.exe
K:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

[rd-19]

تسلم :q:


عطل برامج الحماية لديك

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بردك الاول

 

[المعلمي]

حبيبي فتح الله عليك اداة الكمبوا جربتها انا على جهازه اكثر من مره ونفس التقرير ماطلع اخطاء لكن ما مشكله نجيبها لك اخي وش عملت في التقرير السابق

 

[rd-19]

بنتظارك اخوي

مع تقرير هاي جاك جديد

 

[المعلمي]

وهذا تقرير الكمبوا اخي

ComboFix 09-06-17.02 - ansar 06/18/2009 10:38.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2037.1591 [GMT 3:00]
Running from: c:\documents and settings\ansar\My Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\winitn.dll
L:\desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-05-18 to 2009-06-18 )))))))))))))))))))))))))))))))
.

2009-06-14 03:41 . 2009-06-14 03:42 -------- d-----w- C:\z0120
2009-06-14 02:52 . 2009-06-14 02:52 -------- d-----w- c:\documents and settings\ansar\Local Settings\Application Data\Runscanner.net
2009-06-11 16:17 . 2009-06-11 16:19 -------- d-----w- c:\program files\Ela-Salaty
2009-06-11 16:17 . 2009-06-11 16:17 -------- d-----w- c:\windows\Ela-Salaty
2009-06-11 13:44 . 2009-06-11 13:44 53760 ----a-w- c:\windows\system\ppacklib.dll
2009-06-11 13:44 . 2009-06-11 13:44 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-06-11 13:44 . 2009-06-11 13:44 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-06-11 13:44 . 2009-06-11 13:44 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-06-11 13:44 . 2009-06-11 13:44 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-06-11 13:44 . 2005-02-15 11:28 339968 ----a-w- c:\windows\system32\NCTAudioArrayProcessing3.dll
2009-06-11 13:44 . 2002-01-05 02:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-06-11 13:44 . 2009-06-11 13:44 237568 ----a-w- c:\windows\system32\lame_enc.dll
2009-06-11 13:44 . 2002-01-05 03:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-06-10 17:49 . 2009-06-10 17:55 -------- d-----w- c:\program files\GameSpy Arcade
2009-06-10 17:43 . 2009-06-10 17:43 -------- d-----w- C:\Games
2009-06-09 07:28 . 2009-06-09 16:54 -------- d-----w- c:\documents and settings\ansar\Application Data\FileZilla
2009-06-09 07:28 . 2009-06-09 07:28 -------- d-----w- c:\program files\FileZilla FTP Client
2009-06-08 05:14 . 2009-06-08 05:15 375048 ----a-w- c:\documents and settings\ansar\Application Data\IDM\DwnlData\ansar\sp32555_224\sp32555.exe
2009-06-04 12:52 . 2009-06-14 12:48 227264 ---ha-w- c:\windows\system32\mlfcache.dat
2009-06-02 05:02 . 2009-06-02 05:02 198064 ----a-w- c:\documents and settings\ansar\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-02 05:00 . 2009-06-02 05:02 2926768 ----a-w- c:\documents and settings\ansar\Application Data\IDM\idmupdt.exe
2009-06-01 16:37 . 2009-06-01 16:37 -------- d-----w- c:\program files\iPod
2009-06-01 16:36 . 2009-06-01 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-01 16:36 . 2009-06-01 16:37 -------- d-----w- c:\program files\iTunes
2009-06-01 16:01 . 2009-06-01 16:01 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-06-01 15:33 . 2009-06-01 15:34 -------- d-----w- c:\program files\Safari
2009-06-01 15:15 . 2009-06-01 15:15 -------- d-----w- c:\program files\Bonjour
2009-05-31 16:36 . 2009-05-31 16:36 -------- d-----w- c:\windows\speech
2009-05-31 16:35 . 2009-05-31 16:36 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-05-31 16:34 . 2009-05-31 16:34 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-05-27 18:50 . 2009-05-27 18:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-05-27 10:22 . 2009-03-26 15:35 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-05-27 07:43 . 2009-05-27 07:43 -------- d-----w- c:\program files\CCleaner
2009-05-26 14:17 . 2009-05-26 14:28 3412196 ----a-w- c:\documents and settings\ansar\Application Data\IDM\DwnlData\ansar\iTunes8Setup_153\iTunes8Setup.exe
2009-05-25 18:32 . 2009-05-25 18:32 -------- d-----w- c:\program files\Apple Software Update
2009-05-21 20:10 . 2009-05-21 20:17 2101057 ----a-w- c:\documents and settings\ansar\Application Data\IDM\DwnlData\ansar\QuickTimeInstaller_135\QuickTimeInstaller.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-18 07:48 . 2009-05-04 13:16 -------- d-----w- c:\documents and settings\ansar\Application Data\DMCache
2009-06-18 07:47 . 2009-05-16 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-06-18 07:47 . 2009-05-16 18:10 393248 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-18 07:47 . 2009-05-16 18:10 4520 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-18 07:44 . 2009-05-16 18:10 22420 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-18 07:44 . 2009-05-16 18:10 2060832 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-18 05:16 . 2001-09-19 18:00 41076 ----a-w- c:\windows\system32\perfc001.dat
2009-06-18 05:16 . 2001-09-19 18:00 254326 ----a-w- c:\windows\system32\perfh001.dat
2009-06-13 15:26 . 2009-05-18 10:08 -------- d-----w- c:\program files\Total Video Converter
2009-06-11 08:01 . 2009-05-04 13:16 -------- d-----w- c:\documents and settings\ansar\Application Data\IDM
2009-06-11 07:23 . 2009-05-11 06:26 -------- d-----w- c:\documents and settings\ansar\Application Data\Ulead Systems
2009-06-09 17:54 . 2009-05-03 13:37 384496 ----a-w- c:\documents and settings\ansar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-02 11:06 . 2009-05-04 13:16 -------- d-----w- c:\program files\Internet Download Manager
2009-06-02 09:42 . 2009-05-05 09:50 -------- d-----w- c:\documents and settings\ansar\Application Data\Apple Computer
2009-06-02 07:12 . 2009-05-10 13:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-01 16:37 . 2009-05-05 09:46 -------- d-----w- c:\program files\Common Files\Apple
2009-05-27 07:43 . 2009-05-03 10:49 -------- d-----w- c:\program files\Yahoo!
2009-05-20 13:27 . 2009-05-16 18:11 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-20 13:27 . 2009-05-16 18:11 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-18 05:50 . 2009-05-13 07:32 -------- d-----w- c:\documents and settings\ansar\Application Data\cleaner
2009-05-17 06:21 . 2009-05-17 06:21 -------- d-----w- c:\documents and settings\ansar\Application Data\ooVoo Details
2009-05-17 06:05 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-17 06:04 . 2009-05-17 06:04 44808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-05-17 06:04 . 2009-05-17 06:04 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-05-17 06:04 . 2009-05-17 06:04 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-05-17 06:04 . 2009-05-17 06:04 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\XP\klif.sys
2009-05-16 18:10 . 2009-05-16 18:10 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-16 15:25 . 2009-05-07 07:54 -------- d-----w- c:\program files\AMT
2009-05-16 13:51 . 2009-05-16 13:51 -------- d-----w- c:\documents and settings\ansar\Application Data\ESET
2009-05-16 13:48 . 2009-05-16 13:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-05-16 08:35 . 2009-05-16 08:35 2232 ----a-w- c:\windows\java\Packages\Data\BF7F7P3R.DAT
2009-05-16 08:35 . 2009-05-16 08:35 155995 ----a-w- c:\windows\java\Packages\SLJ1NPZT.ZIP
2009-05-16 08:35 . 2009-05-16 08:35 2678 ----a-w- c:\windows\java\Packages\Data\BHVXFHFT.DAT
2009-05-16 08:35 . 2009-05-16 08:35 2678 ----a-w- c:\windows\java\Packages\Data\RRDNLNL7.DAT
2009-05-16 08:35 . 2009-05-16 08:35 2678 ----a-w- c:\windows\java\Packages\Data\OHFPZHBB.DAT
2009-05-16 08:35 . 2009-05-16 08:35 2678 ----a-w- c:\windows\java\Packages\Data\FT33VH3B.DAT
2009-05-16 08:35 . 2009-05-16 08:35 2678 ----a-w- c:\windows\java\Packages\Data\NPRBFVPR.DAT
2009-05-16 06:01 . 2009-05-03 10:32 -------- d-----w- c:\program files\Ahead
2009-05-14 14:49 . 2009-05-10 18:46 -------- d-----w- c:\program files\KeySolutionsPersonal
2009-05-13 13:27 . 2009-05-03 08:54 319488 ----a-w- c:\windows\HideWin.exe
2009-05-13 07:49 . 2009-05-13 07:49 -------- d-----w- c:\program files\microsoft frontpage
2009-05-13 07:32 . 2009-05-13 07:32 -------- d-----w- c:\documents and settings\ansar\Application Data\CyberScrub
2009-05-12 18:23 . 2009-05-03 13:28 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-12 15:23 . 2009-05-03 08:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-11 06:26 . 2009-05-11 05:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-05-11 05:53 . 2009-05-11 05:53 -------- d-----w- c:\documents and settings\All Users\Application Data\SmartSound Software Inc
2009-05-11 05:53 . 2009-05-11 05:53 -------- d-----w- c:\program files\SmartSound Software
2009-05-11 05:52 . 2009-05-03 08:54 -------- d-----w- c:\program files\Common Files\InstallShield
2009-05-11 05:50 . 2009-05-11 05:50 -------- d-----w- c:\program files\Windows Media Components
2009-05-11 05:48 . 2009-05-11 05:48 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-05-11 05:48 . 2009-05-11 05:48 -------- d-----w- c:\program files\Ulead Systems
2009-05-10 14:56 . 2009-05-10 14:57 720896 ----a-w- c:\windows\iun6002ev.exe
2009-05-10 13:17 . 2009-05-10 13:17 -------- d-----w- c:\program files\Active Data Recovery Services
2009-05-09 07:33 . 2009-05-09 07:33 -------- d-----w- c:\documents and settings\ansar\Application Data\A0380
2009-05-09 07:28 . 2009-05-09 07:28 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-05-05 09:49 . 2009-05-03 10:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-05-05 09:46 . 2009-05-05 09:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-05-04 13:16 . 2009-05-04 13:16 165296 ----a-w- c:\documents and settings\ansar\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-05-03 14:48 . 2009-05-03 14:48 -------- d-----w- c:\documents and settings\ansar\Application Data\Media Player Classic
2009-05-03 14:01 . 2009-05-03 14:01 -------- d-----w- c:\documents and settings\ansar\Application Data\Ahead
2009-05-03 13:38 . 2009-05-03 13:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-05-03 13:30 . 2009-05-03 13:30 -------- d-----w- c:\program files\Windows Media Connect 2
2009-05-03 13:23 . 2009-05-03 13:23 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-03 11:07 . 2009-05-03 11:07 0 ----a-w- c:\windows\nsreg.dat
2009-05-03 10:58 . 2009-05-03 10:27 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-03 10:57 . 2009-05-03 10:57 -------- d-----w- c:\program files\Windows Live
2009-05-03 10:54 . 2009-05-03 10:54 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-03 10:50 . 2009-05-03 10:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-05-03 10:48 . 2009-05-03 10:48 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH
2009-05-03 10:47 . 2009-05-03 10:47 -------- d-----w- c:\documents and settings\ansar\Application Data\GRETECH
2009-05-03 10:47 . 2009-05-03 10:47 -------- d-----w- c:\program files\GRETECH
2009-05-03 10:46 . 2009-05-03 10:46 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-03 10:45 . 2009-05-03 10:45 -------- d-----w- c:\program files\Common Files\Real
2009-05-03 10:45 . 2009-05-03 10:45 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-03 10:45 . 2009-05-03 10:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-03 10:45 . 2009-05-03 10:45 -------- d-----w- c:\program files\Real
2009-05-03 10:33 . 2009-05-03 10:33 -------- d-----w- c:\program files\Microsoft.NET
2009-05-03 10:32 . 2009-05-03 10:32 -------- d-----w- c:\program files\Common Files\Ahead
2009-05-03 10:31 . 2009-05-03 10:31 -------- d-----w- c:\program files\Microsoft Works
2009-05-03 08:57 . 2009-05-03 08:54 -------- d-----w- c:\program files\Realtek
2009-05-03 08:57 . 2009-05-03 08:57 -------- d-----w- c:\documents and settings\ansar\Application Data\InstallShield
2009-05-03 08:57 . 2009-05-03 08:48 16608 ----a-w- c:\windows\gdrv.sys
2009-05-03 08:50 . 2009-05-03 08:50 -------- d-----w- c:\program files\Intel
2009-05-03 08:49 . 2009-05-03 08:49 -------- d-----w- c:\program files\Browser Configuration Utility
2008-03-09 04:25 . 2009-05-03 10:26 236 ---ha-w- c:\program files\Common Files\dx.reg
2005-08-27 12:26 . 2009-05-13 05:58 1581056 ----a-w- c:\program files\SAFlashPlayer.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-05-13_07.51.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 1998-03-22 08:50 . 1998-03-22 08:50 10240 c:\windows\system32\Vidx16.dll
+ 1996-12-13 21:00 . 1996-12-13 21:00 78848 c:\windows\system32\VBA332ME.DLL
+ 1997-01-15 23:00 . 1997-01-15 23:00 29696 c:\windows\system32\VB5StKit.dll
+ 2009-05-13 13:28 . 2006-07-21 08:14 86016 c:\windows\system32\ReinstallBackups\0010\DriverFiles\SOUNDMAN.EXE
+ 2009-05-13 13:28 . 2008-04-14 18:30 23552 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\wdmaud.drv
+ 2009-05-13 13:28 . 2008-04-13 21:15 49408 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\stream.sys
+ 2009-05-13 13:28 . 2008-04-13 21:15 60160 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\drmk.sys
+ 2009-05-13 13:28 . 2005-05-03 10:43 69632 c:\windows\system32\ReinstallBackups\0010\DriverFiles\ALCMTR.EXE
- 2001-09-19 18:00 . 2009-05-13 07:43 40972 c:\windows\system32\perfc009.dat
+ 2001-09-19 18:00 . 2009-06-18 05:16 40972 c:\windows\system32\perfc009.dat
+ 2009-05-16 08:34 . 2002-02-18 07:23 21264 c:\windows\system32\msjdbc10.dll
+ 2009-05-03 10:30 . 2009-05-26 09:59 70264 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2009-05-03 10:30 . 2009-05-13 05:59 70264 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-05-16 08:34 . 2002-02-18 07:23 15120 c:\windows\system32\jdbgmgr.exe
+ 2009-05-16 08:34 . 2002-02-18 07:22 63248 c:\windows\system32\javaprxy.dll
+ 2009-06-01 16:31 . 2009-03-26 12:23 36864 c:\windows\system32\DRVSTORE\usbaapl_AF109929C2381E41FEF454F3FEDAA257A9E85F92\usbaapl.sys
+ 2009-06-01 16:37 . 2009-03-19 13:32 23400 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys
+ 2008-01-29 09:01 . 2009-03-19 13:32 23400 c:\windows\system32\drivers\GEARAspiWDM.sys
+ 2008-12-12 08:11 . 2008-12-12 08:11 61440 c:\windows\system32\dnssd.dll
- 2007-07-24 12:17 . 2007-07-24 12:17 61440 c:\windows\system32\dnssd.dll
+ 2008-12-12 08:18 . 2008-12-12 08:18 87336 c:\windows\system32\dns-sd.exe
+ 2008-04-14 00:15 . 2008-04-13 21:15 49408 c:\windows\system32\dllcache\stream.sys
+ 2009-05-03 08:54 . 2008-04-13 21:15 60160 c:\windows\system32\dllcache\drmk.sys
+ 2009-05-16 08:34 . 2002-02-18 07:23 49424 c:\windows\system32\clspack.exe
+ 1997-01-16 01:00 . 1997-01-15 23:00 71680 c:\windows\ST5UNST.EXE
- 1997-01-16 01:00 . 1997-01-16 01:00 71680 c:\windows\ST5UNST.EXE
+ 1999-01-12 08:35 . 1999-01-12 08:35 53760 c:\windows\speech\WrapSAPI.dll
+ 2009-05-03 08:54 . 2008-08-19 10:26 77824 c:\windows\SOUNDMAN.EXE
+ 2009-05-16 08:35 . 2002-02-18 07:23 46352 c:\windows\setdebug.exe
+ 2009-05-26 09:58 . 2009-05-26 09:58 81920 c:\windows\Installer\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}\ARPPRODUCTICON.exe
- 2009-05-03 10:37 . 2009-05-03 10:37 81920 c:\windows\Installer\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}\ARPPRODUCTICON.exe
+ 2009-05-25 18:32 . 2009-05-25 18:32 27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe
+ 2009-06-01 15:15 . 2009-06-01 15:15 86016 c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe
+ 2002-01-15 11:56 . 2002-01-15 11:56 49152 c:\windows\ATA Live Update.exe
+ 2009-05-03 08:54 . 2008-06-19 13:20 57344 c:\windows\ALCMTR.EXE
+ 2009-05-13 13:28 . 2008-04-14 18:29 4096 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\ksuser.dll
+ 2009-05-03 08:54 . 2008-04-14 18:29 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2009-05-16 08:35 . 2002-02-18 04:35 6550 c:\windows\jautoexp.dat
+ 1999-01-12 08:39 . 1999-01-12 08:39 6656 c:\windows\delttsul.exe
+ 2009-05-16 08:34 . 2002-02-18 07:23 171792 c:\windows\system32\wjview.exe
+ 1999-01-12 12:19 . 1999-01-12 12:19 173056 c:\windows\system32\VTEXT.DLL
+ 2009-05-16 08:34 . 2002-02-18 07:23 286992 c:\windows\system32\vmhelper.dll
+ 1998-06-17 21:00 . 1998-06-17 21:00 102912 c:\windows\system32\VB6STKIT.DLL
+ 2009-05-03 08:54 . 2008-03-26 15:50 131072 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2009-05-03 08:54 . 2008-06-10 11:39 266240 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2009-05-13 13:28 . 2007-12-21 10:01 139264 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RTLCPAPI.dll
+ 2009-05-13 13:28 . 2007-11-19 09:12 262144 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RTCOMDLL.dll
+ 2009-05-13 13:28 . 2008-04-13 21:49 146048 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\portcls.sys
+ 2009-05-13 13:28 . 2008-04-13 21:46 141056 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\ks.sys
+ 1999-12-25 12:35 . 1999-12-25 12:35 160256 c:\windows\system32\region.dll
- 2001-09-19 18:00 . 2009-05-13 07:43 314644 c:\windows\system32\perfh009.dat
+ 2001-09-19 18:00 . 2009-06-18 05:16 314644 c:\windows\system32\perfh009.dat
+ 1998-06-16 21:00 . 1998-06-16 21:00 385100 c:\windows\system32\MSVCRTD.DLL
+ 2009-05-16 08:34 . 2002-02-18 07:23 945936 c:\windows\system32\msjava.dll
+ 2009-05-16 08:34 . 2002-02-18 07:23 154384 c:\windows\system32\msawt.dll
- 2001-04-09 08:37 . 2001-04-09 08:37 416304 c:\windows\system32\Mpg4c32.dll
+ 2001-04-09 06:37 . 2001-04-09 06:37 416304 c:\windows\system32\Mpg4c32.dll
+ 1999-10-26 21:00 . 1999-10-26 21:00 929844 c:\windows\system32\MFC42D.DLL
+ 1999-10-26 20:00 . 1999-10-26 20:00 995383 c:\windows\system32\mfc42.dll
+ 2009-05-16 08:34 . 2002-02-18 07:23 172304 c:\windows\system32\jview.exe
+ 2009-05-16 08:35 . 2002-02-18 07:22 171280 c:\windows\system32\jit.dll
+ 2009-05-16 08:34 . 2002-02-18 07:22 404752 c:\windows\system32\javart.dll
+ 2009-05-16 08:35 . 2002-02-18 07:22 139536 c:\windows\system32\javaee.dll
+ 2009-05-16 08:34 . 2002-02-18 07:22 187152 c:\windows\system32\javacypt.dll
+ 2008-01-29 09:02 . 2008-04-17 09:12 107368 c:\windows\system32\GEARAspi.dll
- 2008-01-29 09:02 . 2008-01-29 09:02 107368 c:\windows\system32\GEARAspi.dll
+ 2009-05-16 08:35 . 2002-02-18 04:34 313856 c:\windows\system32\dx3j.dll
+ 2009-06-01 16:37 . 2008-04-17 09:12 107368 c:\windows\system32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspi.dll
- 2009-05-03 13:39 . 2009-05-03 09:37 213520 c:\windows\system32\drivers\klif.sys
+ 2009-05-16 18:10 . 2009-05-17 06:05 213520 c:\windows\system32\drivers\klif.sys
+ 2009-05-03 08:54 . 2008-04-13 21:49 146048 c:\windows\system32\dllcache\portcls.sys
+ 2008-04-14 00:46 . 2008-04-13 21:46 141056 c:\windows\system32\dllcache\ks.sys
+ 2001-02-15 16:43 . 2001-02-15 16:43 143447 c:\windows\system32\DispLine.dll
+ 1999-11-16 07:57 . 1999-11-16 07:57 147456 c:\windows\system32\Comdll32.DLL
+ 1999-01-12 12:19 . 1999-01-12 12:19 195584 c:\windows\speech\Xvoice.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 203776 c:\windows\speech\XTel.Dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 208896 c:\windows\speech\Xlisten.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 128000 c:\windows\speech\Xcommand.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 173056 c:\windows\speech\VText.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 179712 c:\windows\speech\Vdict.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 156160 c:\windows\speech\vcmshl.dll
+ 1999-01-12 12:09 . 1999-01-12 12:09 380928 c:\windows\speech\vcmd.exe
+ 1999-01-12 12:19 . 1999-01-12 12:19 562176 c:\windows\speech\speech.dll
+ 1999-01-12 12:19 . 1999-01-12 12:19 248832 c:\windows\speech\spchtel.dll
+ 2009-05-03 08:54 . 2008-07-29 12:42 528384 c:\windows\RtlExUpd.dll
+ 2009-05-14 18:24 . 2005-01-29 09:00 372736 c:\windows\Resources\Themes\Shell\NormalColor\ShellStyle.dll
+ 2009-06-01 15:34 . 2009-06-01 15:34 307200 c:\windows\Installer\{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}\SafariIco.exe
+ 2009-06-01 16:38 . 2009-06-01 16:38 102400 c:\windows\Installer\{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}\iTunesIco.exe
+ 2009-06-11 16:17 . 2009-06-11 16:17 471552 c:\windows\Ela-Salaty\uninstall.exe
+ 2002-01-15 11:10 . 2002-01-15 11:10 147456 c:\windows\ataLiveUpdate.dll
+ 2009-05-13 13:28 . 2007-11-20 10:15 1826816 c:\windows\system32\ReinstallBackups\0010\DriverFiles\SkyTel.exe
+ 2009-05-13 13:28 . 2007-11-07 09:31 1191936 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RtlUpd.exe
+ 2009-05-13 13:28 . 2007-03-23 11:19 9715200 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RTLCPL.EXE
+ 2009-05-13 13:28 . 2008-02-14 09:04 4676096 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RtkHDAud.sys
+ 2009-05-13 13:28 . 2007-06-28 08:44 2165760 c:\windows\system32\ReinstallBackups\0010\DriverFiles\MicCal.exe
+ 2009-05-13 13:28 . 2006-05-04 08:26 2808832 c:\windows\system32\ReinstallBackups\0010\DriverFiles\ALCWZRD.EXE
+ 2008-04-14 21:29 . 2004-02-23 17:42 1386496 c:\windows\system32\MSVBVM60.DLL
+ 2009-05-03 16:11 . 2009-06-09 19:04 1031960 c:\windows\system32\FNTCACHE.DAT
+ 2009-06-01 16:31 . 2009-03-26 12:23 1900544 c:\windows\system32\DRVSTORE\usbaapl_AF109929C2381E41FEF454F3FEDAA257A9E85F92\usbaaplrc.dll
+ 2009-05-03 08:54 . 2008-09-09 15:07 4813824 c:\windows\system32\drivers\RtkHDAud.sys
+ 2009-05-13 13:27 . 2006-01-04 12:41 1389056 c:\windows\system32\drivers\Monfilt.sys
+ 2009-05-13 13:27 . 2008-08-05 17:10 1684736 c:\windows\system32\drivers\Ambfilt.sys
- 2009-05-03 08:54 . 2007-11-20 10:15 1826816 c:\windows\SkyTel.exe
+ 2009-05-03 08:54 . 2007-11-20 15:15 1826816 c:\windows\SkyTel.exe
+ 2009-05-03 08:54 . 2008-08-06 12:51 1200128 c:\windows\RtlUpd.exe
- 2009-05-03 08:54 . 2007-03-23 11:19 9715200 c:\windows\RTLCPL.exe
+ 2009-05-03 08:54 . 2008-06-19 13:27 9715200 c:\windows\RTLCPL.EXE
+ 2009-05-03 08:54 . 2007-06-28 13:44 2165760 c:\windows\MicCal.exe
- 2009-05-03 08:54 . 2007-06-28 08:44 2165760 c:\windows\MicCal.exe
- 2009-05-03 08:54 . 2006-05-04 08:26 2808832 c:\windows\alcwzrd.exe
+ 2009-05-03 08:54 . 2008-06-19 13:42 2808832 c:\windows\ALCWZRD.EXE
+ 2009-05-13 13:28 . 2008-02-13 06:31 16857600 c:\windows\system32\ReinstallBackups\0010\DriverFiles\RTHDCPL.EXE
+ 2009-05-03 08:54 . 2008-09-09 15:39 16851968 c:\windows\RTHDCPL.EXE
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-03-26 5724184]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-27 2815408]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-17 206088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-03 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\ansar\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Ela-Salaty.lnk - c:\program files\Ela-Salaty\Salaty.exe [2006-7-22 4739584]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 06:29 م 33808]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [07/05/2008 08:09 ص 124928]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 07:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 06:06 م 24592]
S3 A0380VID;USB2.0 PC Camera;c:\windows\system32\drivers\A0380Vid.sys [09/05/2009 10:27 ص 3940608]
.
Contents of the 'Scheduled Tasks' folder

2009-06-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SystemInit - (no file)
HKLM-Run-Karen - (no file)
HKLM-Run-raVe - (no file)
HKLM-Run-Win32BaseServiceMOD - (no file)
HKLM-Run-startIE - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath -
.
.
------- File Associations -------
.
txtfile=NOTEPAD %1
vbefile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1
vbsfile\shell\edit\command=c:\windows\Notepad.exe %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-06-18 10:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b9,10,8c,0a,f5,3f,fc,6c,a9,6d,6f,22,a6,ae,98,50,dd,52,28,43,a9,
c1,9f,16,0c,1d,8f,11,e0,7b,a3,71,c4,66,50,82,86,e6,2d,9c,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{9fc82362-f5af-4307-83e7-2f5686c09ddb}]
@Denied: (Full) (Everyone)
"Model"=dword:000000a8
"Therad"=dword:00000011
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2009-06-18 10:54 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-18 07:54
ComboFix2.txt 2009-05-13 07:54

Pre-Run: 3,546,750,976 bytes free
Post-Run: 4,044,959,744 bytes free

371

 

[rd-19]

بارك الله فيك

لو سمحت تقرير هاي جاك

 

[المعلمي]

وهذا تقرير الهايجك والمعذره
Logfile of HijackThis v1.99.1
Scan saved at 04:47:24 م, on 18/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Media Player\wmplayer.exe
K:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

 

[سعودي دووم]

طول بالك يالمعلمي


تقرير الهايجاك يكون قبل الكمبو

وبعد عمل ادارة الكمبو يتم عمل تقرير هايجاك ثاني للتاكد من بعض القيم هل تم حذفها ام لا


انت هنا جاي تطرح مشكلتك يعني لازم تسمع اللي يقولونه لك الخبراء هنا

تحياتي لك

 

[المعلمي]

معذره منكم جميعا لأني اول مره بمشكله ارفع اربعه تقارير

 

[rd-19]

هلا والله اخوي المعلمي


امسح اقيمه التايه

R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll


طريقة الحذف

ثم حمل الاداه التاليه

التوافق : ويندوز اكسبي فقط

شرح الاستخدام ,,,,,,

عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

اكتب الاوامر التالية واحداً تلو الاخر

في قائمة تشغيل RUN عن طريق قائمة ابدأ

وسيفتح معك مجلد يحتوي على ملفات

تقوم بحذفه بالضغط على Shift + Delete



الأوامر

الأوامر

temp

%temp%

Prefetch

Recent