الجهاز يطول جدا في بدايه التشغيل . والتقرير بالداخل

ا

البرنسيس

زيزوومي جديد
إنضم
29 أكتوبر 2009
المشاركات
35
مستوى التفاعل
0
النقاط
40
غير متصل
السلام عليكم اعزائي ... الجهاز بطيئ جدا جدا في بداية التشغيل وهذا التقرير للجهاز .

ComboFix 09-11-20.05 - ABDULMONEM 11/22/2009 2:34.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1256.966.1033.18.2046.1203 [GMT 3:00]
Running from: c:\users\ABDULMONEM\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2486947171-2778945708-2484122182-500
c:\program files\ShoppingReport
c:\program files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
c:\program files\ShoppingReport\Uninst.exe
c:\program files\zango
c:\program files\zango\bin\10.3.75.0\arrow.ico
c:\program files\zango\bin\10.3.75.0\CntntCntr.dll
c:\program files\zango\bin\10.3.75.0\copyright.txt
c:\program files\zango\bin\10.3.75.0\CoreSrv.dll
c:\program files\zango\bin\10.3.75.0\firefox\extensions\chrome.manifest
c:\program files\zango\bin\10.3.75.0\firefox\extensions\components\npclntax.xpt
c:\program files\zango\bin\10.3.75.0\firefox\extensions\install.rdf
c:\program files\zango\bin\10.3.75.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
c:\program files\zango\bin\10.3.75.0\HostIE.dll
c:\program files\zango\bin\10.3.75.0\HostOE.dll
c:\program files\zango\bin\10.3.75.0\HostOL.dll
c:\program files\zango\bin\10.3.75.0\link.ico
c:\program files\zango\bin\10.3.75.0\OEAddOn.exe
c:\program files\zango\bin\10.3.75.0\Srv.exe
c:\program files\zango\bin\10.3.75.0\Toolbar.dll
c:\program files\zango\bin\10.3.75.0\Wallpaper.dll
c:\program files\zango\bin\10.3.75.0\Weather.exe
c:\program files\zango\bin\10.3.75.0\WeSkin.dll
c:\program files\zango\bin\10.3.75.0\ZangoSA.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAAX.dll
c:\program files\zango\bin\10.3.75.0\ZangoSADF.exe
c:\program files\zango\bin\10.3.75.0\ZangoSAHook.dll
c:\program files\zango\bin\10.3.75.0\ZangoUninstaller.exe
c:\programdata\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Reset Cursor.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Customer Support Center.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Games!.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Library.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Screensavers!.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Uninstall Instructions.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Zango\Zango Videos!.lnk
c:\programdata\ZangoSA
c:\programdata\ZangoSA\ZangoSA.dat
c:\programdata\ZangoSA\ZangoSA_kyf.dat
c:\programdata\ZangoSA\ZangoSAAbout.mht
c:\programdata\ZangoSA\ZangoSAau.dat
c:\programdata\ZangoSA\ZangoSAEula.mht
c:\users\ABDULMONEM\AppData\Roaming\WeatherDPA
c:\users\ABDULMONEM\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Error
c:\users\ABDULMONEM\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\Weather_XML\Loading
c:\users\ABDULMONEM\AppData\Roaming\WeatherDPA\Weather\WeatherDPA\WeatherPreferences
c:\users\ABDULMONEM\AppData\Roaming\WeatherDPA\Weather\WeatherStartup.xml
c:\users\ABDULMONEM\AppData\Roaming\Zango
.
((((((((((((((((((((((((( Files Created from 2009-10-22 to 2009-11-22 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 23:43 . 2008-06-20 04:16 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-21 23:14 . 2009-11-15 12:06 8192 d-----w- c:\users\ABDULMONEM\AppData\Roaming\zyzcleaner
2009-11-21 16:05 . 2008-06-19 06:27 13260 ----a-w- c:\users\ABDULMONEM\AppData\Roaming\nvModes.dat
2009-11-21 10:49 . 2009-04-04 17:40 4096 d-----w- c:\users\ABDULMONEM\AppData\Roaming\???????sAppData
2009-10-01 05:05 . 2009-03-21 13:48 4096 d-----w- c:\program files\Microsoft Silverlight
2009-10-01 05:01 . 2009-10-01 05:01 4096 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-01 05:00 . 2008-06-20 10:55 4096 d-----w- c:\program files\Windows Live
2009-09-26 08:06 . 2008-07-17 10:16 4096 d-----w- c:\program files\Common Files\Real
2009-09-26 07:51 . 2009-09-26 07:51 452104 ----a-w- c:\users\ABDULMONEM\AppData\Roaming\Real\RealPlayer\setup\AU_setup9.exe
2009-08-25 22:34 . 2009-09-12 13:42 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\IDSxpx86.dll
2009-08-25 22:34 . 2009-09-12 13:42 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\IDSviA64.sys
2009-08-25 22:34 . 2009-09-12 13:42 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\IDSvix86.sys
2009-08-25 22:34 . 2009-09-12 13:42 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\SymIDSCo.sys
2009-08-25 22:34 . 2009-09-12 13:42 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\SymIDSI.dll
2009-08-25 22:34 . 2009-09-12 13:42 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\20090826.001\IDS9xx86.dll
2009-08-25 22:34 . 2008-06-19 20:14 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSviA64.sys
2009-08-25 22:34 . 2007-01-19 03:24 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\idsxpx86.dll
2009-08-25 22:34 . 2007-01-19 03:24 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\IDSvix86.sys
2009-08-25 22:34 . 2007-01-19 03:24 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\symidsco.sys
2009-08-25 22:34 . 2007-01-19 03:24 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\SymIDSI.dll
2009-08-25 22:34 . 2007-01-19 03:24 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\idsdefs\BinHub\ids9xx86.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2008-10-24 57344]
[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-25 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2006-11-02 2159104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-02 1004136]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-15 815104]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-22 149280]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-03 167936]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2006-10-27 22696]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2006-12-07 90191]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-12-07 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-12-07 7766016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2006-12-04 46704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-10-25 107112]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-09-26 198160]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\System32\ICO.EXE [2006-11-03 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20090826.001\IDSvix86.sys [12/09/09 04:42 م 272432]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [19/10/06 03:09 ص 73344]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [19/10/06 03:09 ص 43904]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [25/10/06 05:40 ص 37008]
S2 gupdate1c9f7d466130d0;خدمة تحديث Google (gupdate1c9f7d466130d0);c:\program files\Google\Update\GoogleUpdate.exe [28/06/09 12:37 م 133104]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [22/09/08 04:38 ص 99376]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [01/10/09 08:00 ص 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/09 10:48 م 704864]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder
2009-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:37]
2009-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-28 09:37]
2009-10-02 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - ABDULMONEM.job
- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-11-08 07:48]
2009-11-21 c:\windows\Tasks\User_Feed_Synchronization-{0212544F-D8BC-4E8C-8D5D-F2FC862FC4DA}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/webhp?sourceid=navclient&ie=UTF-8&safe=active
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=laptop
IE: ?&???? ??? Microsoft Excel
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-11-22 03:04
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

c:\windows\TEMP\TMP00000030DE1AFDC17771644E 524288 bytes executable
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*!*ET%]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*!*ET%\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*g*5P%]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*g*5P%\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*(Œ%[%]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*(Œ%[%\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%„%€%]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%„%€%\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%%*Q%]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%%*Q%\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%* %]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%* %\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*i%d%*]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*i%d%*\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˆ%0*5]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ˆ%0*5\OpenWithList]
@Class="Shell"
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):4d,20,da,02,c9,7e,49,83,d8,a2,ad,5e,6d,0a,cf,4a,34,4b,bb,24,e0,
2e,64,ab,98,ce,6e,dc,a3,4a,c5,1e,93,6e,fd,3b,4f,c1,68,3d,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-60242818-3194389707-2026362708-1000_Classes\CLSID\{f5326ca3-3b14-468e-9c61-e4239c446550}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000c8
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,e0,d6,68,10,55,90,a6,9f,96,94,16,7a,19,d5,dc,a7,3f,cb,c4,3f,5b,b9,\
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3596)
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\CLSched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Completion time: 2009-11-22 03:08 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-22 00:08
Pre-Run: 2,896,281,600 bytes free
Post-Run: 2,835,357,696 bytes free
- - End Of File - - C0C7A8003A190287F416D925F2B2F2A4
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وينك يا اخي ماكس ليكون نسيتني بس ...
 

تأييد 0
اخي جرب حذف برامج النورتن
 
تأييد 0
اذا محمل النورتن احذفه فهو يتسبب ببطئ فتح النظام بشكل كبير خصوصا اذا مواصفات جهازك ضعيفة
 
توقيع : لا داعي
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى