مشكلة لاب توبي بطيئ ويعلق

  • بادئ الموضوع بادئ الموضوع بيبسي
  • تاريخ البدء تاريخ البدء
  • المشاهدات 1,506
ب

بيبسي

زيزوومى مميز
إنضم
28 يوليو 2008
المشاركات
708
مستوى التفاعل
0
النقاط
520
غير متصل
مشكلة لاب توبي بطيئ ويعلق كان عادي وسريع وكان عندي التورتن انترنت سيكيورتي 2009 نسخة اصلية
وبعد شهر تقريبا ابتداء من اليوم صار يعلق ولازم اطفيه من زر التشغيل
عندي قسمين c وe
c في الفيستا اصلية يوم شيريت اللاب توب
و e حطيت عليه مجلد فيه كل شي برامج العاب صور فيديو والحين كل ما ادخل المجلد يعلق يعني خلاص مايتحرك ولا شي :mad:ولا زم اطفيه من زر التشغيل
واليوم حذفت النورتن قلت يمكن المشكلة من النورتن وحتى الان يعلق حتى بدون النورتن
ومواصفات جهازي قوية
السرعة 2.16 core 2 duo
الرام 3 gb
الهارديسك 250 gb
وش الحل تمللت :cr:
التقارير
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 

توقيع : بيبسي
ترتيب حسب التاريخ ترتيب حسب الأصوات
نزلي تقرير هايجاك اكيد عندك
 
توقيع : algnral
تأييد 0
نزلي التقرير بردك
 
توقيع : algnral
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:39:35 م, on 01/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: تحميل ملفات FLV الـ 10 الأخيرة بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL2.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
(file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Installer - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: خدمة تحديث Google (gupdate1c9f2c420fc4020) (gupdate1c9f2c420fc4020) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10459 bytes
 
توقيع : بيبسي
تأييد 0
جهازك ماشوف فيه حمايه ليه ؟؟
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : algnral
تأييد 0
ComboFix 09-07-01.01 - TOSHIBA 07/01/2009 23:02.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.974.1033.18.3069.2168 [GMT 1:00]
Running from: c:\users\TOSHIBA\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\drivers\MpFilter.sys
----- BITS: Possible infected sites -----
hxxp://www.symantec.com
.
((((((((((((((((((((((((( Files Created from 2009-06-01 to 2009-07-01 )))))))))))))))))))))))))))))))
.
2009-07-01 21:39 . 2009-07-01 21:39 -------- d-----w- c:\program files\Trend Micro
2009-07-01 21:24 . 2009-07-01 21:24 -------- d-----w- c:\users\TOSHIBA\AppData\Local\Runscanner.net
2009-07-01 21:11 . 2009-07-01 21:11 -------- d-----w- c:\users\Guest\AppData\Local\Google
2009-07-01 20:43 . 2008-12-22 08:30 2835727 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe
2009-07-01 20:43 . 2008-10-29 09:43 771360 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\23A3CF01\CACB8439\UBSysMan.dll
2009-07-01 20:43 . 2008-10-29 09:43 364320 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\F4DC5C6B\CACB8439\SUMPBackend.dll
2009-07-01 20:43 . 2008-10-29 09:43 191264 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\67304DB7\CACB8439\PowerSuiteBackendUtils.dll
2009-07-01 20:43 . 2008-10-29 09:43 614688 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\EA1A1734\CACB8439\Launcher.exe
2009-07-01 20:43 . 2008-10-29 09:43 54608 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\13A9C5E5\CACB8439\Interop.IWshRuntimeLibrary.dll
2009-07-01 20:43 . 2008-10-29 09:43 381216 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\1F13E51E\CACB8439\AvalonCommon.dll
2009-07-01 20:43 . 2008-10-29 09:43 1194784 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\744435A3\CACB8439\SUMP.exe
2009-07-01 20:43 . 2008-08-26 16:49 519168 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\7A8C224A\CACB8439\IsLicense40.dll
2009-07-01 20:43 . 2008-08-26 16:49 345008 -c--a-w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\Uniblue SpeedUpMyPc 4\D7904F02\CACB8439\IsLicense30.dll
2009-07-01 20:42 . 2009-07-01 20:43 -------- dc-h--w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-07-01 20:42 . 2009-07-01 20:42 -------- d-----w- c:\programdata\Uniblue
2009-07-01 20:41 . 2008-08-25 14:44 20232 ----a-w- c:\windows\system32\AntiSpyNative64.exe
2009-07-01 20:41 . 2008-08-25 14:44 16648 ----a-w- c:\windows\system32\AntiSpyNative32.exe
2009-07-01 16:19 . 2009-07-01 20:45 -------- d-sh--w- C:\found.000
2009-07-01 13:30 . 2009-07-01 13:30 303512 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\saSetup64_279\saSetup64.exe
2009-06-30 19:00 . 2009-06-30 19:00 -------- d-----w- c:\program files\Sega
2009-06-30 17:39 . 2009-06-30 17:39 275142 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\MSVista_TIS17_90Day_32Bit_268\MSVista_TIS17_90Day_32Bit.exe
2009-06-30 17:36 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-06-30 17:32 . 2009-06-30 17:32 39109 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\kis8.0.0.506ar_267\kis8.0.0.506ar.exe
2009-06-30 17:25 . 2009-06-30 17:25 220069 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\IS09MICRO_265\IS09MICRO.exe
2009-06-30 16:51 . 2008-12-22 08:19 2567631 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe
2009-06-30 16:51 . 2008-08-26 16:48 757760 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\2B86F085\6383BC9B\UBVarRB.dll
2009-06-30 16:51 . 2008-08-26 16:48 497496 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\AF01B0B\6383BC9B\XceedZip.dll
2009-06-30 16:51 . 2008-08-26 16:48 413696 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\52CD59C9\6383BC9B\update.dll
2009-06-30 16:51 . 2008-08-26 16:48 99624 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\7390E4F0\6383BC9B\StartRegistryBooster.exe
2009-06-30 16:51 . 2008-08-26 16:48 6676480 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\4E45A1A4\6383BC9B\RegistryBooster.dll
2009-06-30 16:51 . 2008-08-26 16:48 2019624 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\7CE1607E\6383BC9B\RegistryBooster.exe
2009-06-30 16:51 . 2008-08-26 16:48 111912 -c--a-w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}\registrybooster2\65B92A91\6383BC9B\KillRBProcess.exe
2009-06-30 16:51 . 2009-06-30 16:51 -------- dc-h--w- c:\programdata\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-06-30 08:33 . 2009-06-30 08:33 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-06-30 08:33 . 2009-06-30 08:33 -------- d-----w- c:\program files\UltraISO
2009-06-30 08:17 . 2009-06-30 16:47 -------- d-----w- c:\program files\DAEMON Tools
2009-06-30 08:07 . 2009-06-30 09:13 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\advantage
2009-06-30 08:07 . 2009-06-30 08:07 204208 ----a-w- c:\users\TOSHIBA\AppData\Roaming\advantage\AdVantage.exe
2009-06-30 08:07 . 2009-06-30 08:07 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\DAEMON Tools Pro
2009-06-30 08:06 . 2009-06-30 08:14 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-06-30 07:58 . 2009-06-30 07:58 3377 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\daemon406-x86_258\daemon406-x86.exe
2009-06-30 07:54 . 2009-07-01 21:58 28672 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\NP_IDM5.dll
2009-06-30 07:51 . 2009-06-30 08:00 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-30 07:31 . 2009-06-30 07:31 -------- d-----w- C:\Games
2009-06-30 07:28 . 2009-07-01 21:58 28672 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\NP_IDM2.dll
2009-06-30 07:28 . 2009-07-01 21:58 28672 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\NP_IDM1.dll
2009-06-30 06:10 . 2009-06-30 06:10 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\fltk.org
2009-06-29 17:08 . 2009-06-29 17:08 -------- d-----w- C:\My Music
2009-06-29 17:04 . 2009-06-29 17:04 203776 ----a-w- c:\windows\system32\clrviddc.dll
2009-06-29 17:03 . 2009-06-29 17:03 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-29 08:07 . 2009-06-29 08:23 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-29 08:04 . 2009-06-29 08:27 -------- d-----w- c:\windows\BDOSCAN8
2009-06-29 07:50 . 2009-06-29 07:50 -------- d-----w- c:\windows\Sun
2009-06-29 07:48 . 2008-06-19 16:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-06-29 07:48 . 2009-06-29 07:48 -------- d-----w- c:\program files\Panda Security
2009-06-28 18:45 . 2009-06-28 18:45 222142 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\setup_211\setup.exe
2009-06-26 18:06 . 2009-06-26 18:07 775344 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\idman517_195\idman517.exe
2009-06-25 23:30 . 2009-06-25 23:30 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\Download Manager
2009-06-25 21:12 . 2009-06-25 21:12 -------- d-----w- c:\program files\FDRLab
2009-06-24 20:38 . 2009-06-24 20:38 -------- d-----w- c:\program files\Doblon
2009-06-24 19:43 . 2009-06-24 19:43 24433136 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\NokiaSoftwareUpdaterSetup_1.6.13AR.exe
2009-06-24 19:43 . 2009-06-24 19:43 3351812 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\msxml6Exec.exe
2009-06-24 19:43 . 2009-06-24 19:43 36864 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\Sleep.exe
2009-06-24 19:43 . 2009-06-24 19:43 3181612 ----a-w- c:\programdata\Installations\{9F59C3AE-81B0-4EF6-9762-D674BB079705}\Installer\CommonCustomActions\vcredistExec.exe
2009-06-24 18:56 . 2009-06-24 18:56 -------- d-----w- c:\program files\Electronic Arts
2009-06-24 18:56 . 2007-06-20 19:46 266088 ----a-w- c:\windows\system32\xactengine2_8.dll
2009-06-24 18:56 . 2007-05-16 15:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2009-06-24 18:56 . 2007-05-16 15:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2009-06-24 18:56 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2009-06-24 18:56 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2009-06-24 18:56 . 2007-04-04 17:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2009-06-24 18:56 . 2007-03-15 15:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2009-06-24 18:56 . 2007-03-12 15:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2009-06-24 18:56 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2009-06-24 18:56 . 2007-03-05 11:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2009-06-24 18:56 . 2007-01-24 14:27 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2009-06-24 15:10 . 2009-07-01 21:58 28672 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\NP_IDM4.dll
2009-06-24 15:10 . 2009-07-01 21:58 28672 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\NP_IDM3.dll
2009-06-24 15:01 . 2009-06-24 15:17 -------- d-----w- c:\programdata\Kaspersky Lab
2009-06-24 14:29 . 2009-06-24 14:29 190280 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\kis9.0.0.459it_141\kis9.0.0.459it.exe
2009-06-24 14:29 . 2009-06-24 14:29 734408 ----a-w- c:\users\TOSHIBA\AppData\Roaming\IDM\DwnlData\TOSHIBA\kis9.0.0.459es_139\kis9.0.0.459es.exe
2009-06-24 12:27 . 2009-06-24 12:27 -------- d-----w- c:\program files\MSECache
2009-06-23 23:37 . 2009-06-23 23:37 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-23 23:37 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-06-23 23:36 . 2009-06-23 23:36 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-23 23:31 . 2009-06-23 23:30 33856936 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_ara_web.exe
2009-06-23 23:30 . 2009-06-23 23:30 95232 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\pcswpcsi.exe
2009-06-23 23:30 . 2009-06-23 23:30 8192 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-23 23:30 . 2009-06-23 23:30 61440 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-23 23:30 . 2009-06-23 23:30 10240 ----a-w- c:\programdata\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-23 23:30 . 2009-06-24 19:43 -------- d-----w- c:\programdata\Installations
2009-06-23 23:14 . 2009-06-24 19:18 -------- d-----w- c:\programdata\Nokia
2009-06-23 22:49 . 2009-06-23 22:49 -------- d-----w- c:\users\TOSHIBA\AppData\Local\IsolatedStorage
2009-06-23 22:43 . 2009-06-23 22:50 -------- d-----w- c:\programdata\OrbNetworks
2009-06-23 22:43 . 2009-06-23 22:43 -------- d-----w- c:\program files\Orb Networks
2009-06-23 22:39 . 2009-06-23 22:39 -------- d-----w- c:\programdata\NokiaMusic
2009-06-23 22:33 . 2009-06-23 22:33 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-06-23 22:22 . 2009-06-23 23:16 -------- d-----w- c:\users\TOSHIBA\AppData\Local\Nokia
2009-06-23 22:22 . 2009-06-23 23:21 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\PC Suite
2009-06-23 22:22 . 2009-06-23 23:02 -------- d-----w- c:\programdata\PC Suite
2009-06-23 22:21 . 2009-06-24 19:43 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-23 22:20 . 2009-06-23 22:32 -------- d-----w- c:\windows\Downloaded Installations
2009-06-23 19:52 . 2009-06-23 19:52 -------- d-----w- c:\program files\CCleaner
2009-06-23 19:49 . 2009-06-23 19:49 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\Avant Profiles
2009-06-23 19:48 . 2009-06-23 19:48 -------- d-----w- c:\program files\Avant Browser
2009-06-23 13:03 . 2009-06-23 13:03 -------- d-----w- c:\program files\Microsoft
2009-06-23 13:03 . 2009-06-23 13:03 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-23 13:02 . 2009-06-23 13:03 -------- d-----w- c:\program files\Windows Live
2009-06-23 13:02 . 2009-06-23 13:02 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-06-23 12:56 . 2009-06-23 12:56 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-22 17:56 . 2009-06-29 07:57 -------- d-----w- c:\program files\EsetOnlineScanner
2009-06-22 17:24 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\winaspi.dll
2009-06-22 17:24 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\wowpost.exe
2009-06-22 17:24 . 1999-09-10 11:06 45056 ----a-w- c:\windows\system32\wnaspi32.dll
2009-06-22 17:24 . 1999-09-10 11:06 25244 ----a-w- c:\windows\system32\drivers\aspi32.sys
2009-06-22 17:02 . 2009-06-30 05:23 10685 ----a-w- c:\programdata\DVD X Studios\DVD X Player 5.3 Professional\DVDXPlayer.dll
2009-06-22 17:00 . 2007-12-01 16:10 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2009-06-22 17:00 . 2009-06-22 17:00 -------- d-----w- c:\programdata\DVD X Studios
2009-06-22 17:00 . 2009-06-22 17:00 -------- d-----w- c:\program files\DVD X Studios
2009-06-22 14:28 . 2009-06-22 14:32 88 --sh--r- c:\programdata\B746FE21B5.sys
2009-06-22 14:28 . 2009-06-22 14:28 -------- d-----w- c:\users\TOSHIBA\AppData\Roaming\Corel
2009-06-22 14:28 . 2009-06-22 14:32 2828 --sha-w- c:\programdata\KGyGaAvL.sys
2009-06-22 14:09 . 2009-06-22 14:09 -------- d-----w- c:\programdata\NOS
2009-06-22 14:09 . 2009-06-22 14:09 -------- d-----w- c:\program files\NOS
2009-06-21 22:57 . 2009-06-21 22:57 -------- d-----w- c:\users\TOSHIBA\AppData\Local\Deployment
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-01 21:10 . 2009-07-01 21:10 87360 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-01 21:10 . 2009-07-01 21:10 -------- d-----w- c:\users\Guest\AppData\Roaming\ATI
2009-06-26 15:13 . 2006-07-11 17:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-24 19:25 . 2009-06-24 19:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-06-23 23:03 . 2009-06-23 23:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-06-23 23:02 . 2009-06-23 23:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-06-23 22:59 . 2009-06-23 22:59 35064 ----a-w- c:\windows\inf\Nokia Music\0009\tmpCADE.tmp
2009-06-23 22:59 . 2009-06-23 22:59 35064 ----a-w- c:\windows\inf\Nokia Music\0000\tmpCADE.tmp
2009-06-23 22:59 . 2009-06-23 22:59 1593 ----a-w- c:\windows\inf\Nokia Music\tmpCADF.tmp
2009-06-22 14:35 . 2008-04-22 16:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-21 23:02 . 2008-04-22 17:13 -------- d-----w- c:\program files\Google
2009-06-21 22:39 . 2008-04-23 06:35 -------- d-----w- c:\programdata\Microsoft Help
2009-06-19 21:45 . 2009-06-19 21:45 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-06-19 19:58 . 2009-06-19 19:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-19 18:49 . 2008-04-22 16:39 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-19 01:21 . 2008-04-22 16:30 -------- d-----w- c:\program files\Java
2009-06-19 01:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-19 01:18 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-19 00:53 . 2008-04-22 16:48 -------- d-----w- c:\program files\Toshiba
2009-06-19 00:53 . 2009-06-19 00:53 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_Satellite A300_06653-AR_PSAG4E-03801.MRK
2009-06-19 00:48 . 2008-04-22 16:31 -------- d-----w- c:\program files\Intel
2009-06-18 23:51 . 2008-04-22 17:09 -------- d-----w- c:\program files\Common Files\McAfee
2009-06-18 23:51 . 2008-04-22 17:08 -------- d-----w- c:\program files\McAfee
2009-06-18 23:51 . 2008-04-22 17:08 -------- d-----w- c:\programdata\McAfee
2009-05-26 10:07 . 2009-05-26 10:07 84952 ----a-w- c:\windows\system32\OnlineScannerUninstaller.exe
2009-05-26 10:07 . 2009-05-26 10:07 117912 ----a-w- c:\windows\system32\OnlineScannerLang.dll
2009-05-26 10:07 . 2009-05-26 10:07 262112 ----a-w- c:\windows\system32\OnlineScannerDLLA.dll
2009-05-26 10:07 . 2009-05-26 10:07 245632 ----a-w- c:\windows\system32\OnlineScannerDLLW.dll
2009-05-26 10:07 . 2009-05-26 10:07 146752 ----a-w- c:\windows\system32\lnod32umc.dll
2009-05-26 10:07 . 2009-05-26 10:07 113792 ----a-w- c:\windows\system32\lnod32upd.dll
2009-05-26 10:07 . 2009-05-26 10:07 233352 ----a-w- c:\windows\system32\lnod32apiW.dll
2009-05-26 10:07 . 2009-05-26 10:07 204512 ----a-w- c:\windows\system32\lnod32apiA.dll
2009-05-11 11:47 . 2009-05-11 11:47 1302600 ----a-w- c:\windows\system32\WUDFUpdate_01007.dll
2009-04-23 12:42 . 2009-06-18 23:36 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-18 23:36 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-04-09 11:32 . 2009-04-09 11:32 89088 ----a-w- c:\users\TOSHIBA\AppData\Roaming\Desktopicon\eBayShortcuts.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-06-30 2815408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-19 39408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-29 4911104]
"NDSTray.exe"="NDSTray.exe" [BU]
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]
c:\users\TOSHIBA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-1-25 2938184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"TOSCDSPD"=c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"Google Update"="c:\users\TOSHIBA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"Orb"="c:\program files\Orb Networks\Orb\bin\OrbTray.exe" /background
"Norton Download Manager{NISPB1-B33-4abb-B07C-C084B04B4F12}"=c:\users\TOSHIBA\Downloads\Norton\{NISPB1-B33-4abb-B07C-C084B04B4F12}\NISBetaDownloader.exe /m
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Toshiba Registration"=c:\program files\Toshiba\Registration\ToshibaRegistration.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Desktop SMS"=c:\program files\IDM\Desktop SMS\DesktopSMS.exe /auto
"toolbar_eula_launcher"=c:\tb_eula\EULALauncher.exe
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
"topi"=c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
"Picasa Media Detector"=c:\program files\Picasa2\PicasaMediaDetector.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"SynTPEnh"=c:\program files\Synaptics\SynTP\SynTPEnh.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1BEC5D9C-8EC5-454C-ACED-563F563300B9}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{764FFB0C-FBA9-4E83-8A33-4081E0BD537F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{00113BE3-D8F5-4C1B-924F-8C4D13AECAD4}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A301D7F7-0C88-4E22-9D15-8A5CE24F501C}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{22F6081A-980E-4116-99B6-B5A7E5A6D81A}"= UDP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{E2888286-C72D-4CFB-B67E-DEBB9205591A}"= TCP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{DB314FA0-37A9-45B6-AB5A-E49EFAF27700}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{302AB411-40A8-40A6-906D-B9A8B9CEE03C}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{6FCF384E-2E45-4E8F-9876-1B96025F754B}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{61C32B67-6A61-491D-9D85-8736811D9618}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{3C4C7A6C-29E7-48B3-8EE2-87DCBA222C80}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{1F546C69-DD8F-40E2-91DF-5D0830553F18}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{A4E06C07-3C44-4562-8708-9C505C923797}"= UDP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{B15A8A89-A6BA-40B7-81E2-D1DB927B3DAB}"= TCP:c:\program files\Orb Networks\Orb\bin\xmltv.exe:OrbTVGuide
"{137B91D9-4955-4043-8139-94EA02D53A75}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
"{CA2FDD8B-E876-49E9-A9DE-4A3700BA90DB}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbChannelScan.exe:OrbChannelScan
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [29/06/2009 08:48 ص 28544]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25/12/2007 01:07 م 40960]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [03/12/2007 05:03 م 126976]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [19/06/2009 02:12 ص 603904]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [22/04/2008 05:57 م 7168]
S2 gupdate1c9f2c420fc4020;خدمة تحديث Google (gupdate1c9f2c420fc4020);c:\program files\Google\Update\GoogleUpdate.exe [22/06/2009 12:00 ص 133104]
S3 getPlus(R) Installer;getPlus(R) Installer;c:\program files\NOS\bin\getPlus_HelperSvc.exe [22/06/2009 03:09 م 59552]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19/03/2009 02:48 م 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19/03/2009 02:48 م 8320]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-07-01 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 23:00]
2009-07-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-21 23:00]
2009-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3994334781-2126297434-1635438069-1000Core.job
- c:\users\TOSHIBA\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-21 22:57]
2009-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3994334781-2126297434-1635438069-1000UA.job
- c:\users\TOSHIBA\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-21 22:57]
2009-07-01 c:\windows\Tasks\User_Feed_Synchronization-{8E079EB5-6063-4786-9D24-02AC48119971}.job
- c:\windows\system32\msfeedssync.exe [2009-06-18 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
IE: تحميل ملفات FLV الـ 10 الأخيرة بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL2.htm
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - c:\users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\1h6zxi0m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - arab stars Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2197485&SearchSource=2&q=
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\TOSHIBA\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\1h6zxi0m.default\extensions\{449c8ac4-2ac7-4bfd-bd9e-ad5c5dddc044}\components\FFExternalAlert.dll
FF - component: c:\users\TOSHIBA\AppData\Roaming\Mozilla\Firefox\Profiles\1h6zxi0m.default\extensions\{f6bf92e0-b190-11dd-ad8b-0800200c9a67}\components\AdVComponent.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM1.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM2.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM3.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM4.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM5.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\TOSHIBA\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-07-01 23:06
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3994334781-2126297434-1635438069-1000_Classes\CLSID\{0bb28ff9-35c5-4523-b940-89b27846f1cd}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000b4
"Therad"=dword:0000000d
[HKEY_USERS\S-1-5-21-3994334781-2126297434-1635438069-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):3e,c5,bc,5c,6a,4a,b5,3e,9f,2c,4c,2f,5b,ca,b4,b9,90,cd,5a,7d,31,
1d,16,33,e1,2f,a3,36,f3,44,97,f2,95,52,ed,ee,c1,e4,e2,f7,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-07-01 23:08
ComboFix-quarantined-files.txt 2009-07-01 22:08
Pre-Run: 72,921,931,776 bytes free
Post-Run: 73,331,449,856 bytes free
355 --- E O F --- 2009-06-25 11:52
 
توقيع : بيبسي
تأييد 0
توقيع : algnral
تأييد 0
عندي النورتن بس حذفته
 
توقيع : بيبسي
تأييد 0
ركبت avg free
 
توقيع : بيبسي
تأييد 0
كيف الجهاز
 
توقيع : algnral
تأييد 0
يعني رجع نفس اول بس المجلد في قسم e كل ما افتحة يعلق الكمبيوتر وشوي صار الجهاز بطيئ اذا فتحته يتأخر شوي welcome
 
توقيع : بيبسي
تأييد 0
طيب سوي تحديث وفحص بال avg
 
توقيع : algnral
تأييد 0
سويت تحديث و من 37 دقيقة ومسحلي فيروسين وحتى الحين يمسح
 
توقيع : بيبسي
تأييد 0
لاب توبي علق فجأة ولا شي يتحرك انتضرته 5 دقائق و ما ستحرك شي حتى الكبيورد والماوس وطفيت اللاب توب من الزر وشغلته مرة ثانية
شكلها المشكلة ما تنحل إلا بالفورمات
 
توقيع : بيبسي
تأييد 0
ادخلي من وضع الامان
اول ماتشغلين الجهاز اضغطي f8
واختاري soft mod
وسوي فحص من وضع الامان
 
توقيع : algnral
تأييد 0
حتى في السيف مود يعلق والفحص بطيئ و System Restore الموجود في الوندوز معطل
المهم سويت فورمات وانحلت المشلكة
شكرا
 
توقيع : بيبسي
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى