بطء في جهازي وهذا التقرير

A

amer79su

زيزوومي نشيط
إنضم
23 فبراير 2008
المشاركات
172
مستوى التفاعل
1
النقاط
200
الإقامة
سوريا
غير متصل
اعاني من بطء في جهازي وبطء في التصفح واعادة التشغيل بشكل كبير
وهذا هو التقارير

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:05 م, on 09/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\منوع\برامج\Zyzoom_HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8152 bytes




 

توقيع : amer79su
ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
مشكور اخي ماكس هذا هو التقرير

%D9%86%D8%B3%D8%B1%D9%8A%D9%86.jpg

ComboFix 09-12-09.04 - Amer 12/10/2009 16:19:27.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1256.963.1033.18.2037.1113 [GMT 2:00]
Running from: c:\users\Amer\Desktop\ComboFix.exe
SP: Spyware Doctor *disabled* (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-11-10 to 2009-12-10 )))))))))))))))))))))))))))))))
.

2009-12-10 14:25 . 2009-12-10 14:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-10 14:25 . 2009-12-10 14:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-09 22:00 . 2009-12-09 22:00 -------- d-----w- c:\users\Amer\AppData\Local\Runscanner.net
2009-12-05 21:00 . 2009-12-03 13:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 21:00 . 2009-12-05 21:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-05 21:00 . 2009-12-03 13:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-30 22:17 . 2009-11-30 22:17 -------- d-----w- c:\users\Amer\AppData\Local\Adobe
2009-11-30 21:59 . 2009-11-30 21:59 -------- d-----w- C:\files
2009-11-27 07:58 . 2009-11-27 09:37 -------- d-----w- c:\program files\Error Repair Professional
2009-11-26 21:05 . 2009-11-26 21:05 -------- d-----w- C:\منوع
2009-11-20 13:21 . 2009-11-20 13:21 -------- d-----w- c:\windows\system32\Profiles
2009-11-16 18:25 . 2009-11-16 18:25 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2009-11-11 16:23 . 2009-08-14 13:27 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-11 16:23 . 2009-08-10 12:35 355328 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-10 22:42 . 2009-11-10 22:42 -------- d-----w- c:\program files\Microsoft
2009-11-10 22:42 . 2009-11-10 22:42 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-11-10 22:19 . 2009-11-10 22:19 -------- d-----w- c:\program files\Common Files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-10 14:18 . 2009-09-05 11:14 4676 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-12-10 14:06 . 2009-09-05 11:14 -------- d-----w- c:\progra~2\Kaspersky Lab
2009-12-10 14:04 . 2009-09-05 11:14 745504 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-12-10 14:04 . 2009-09-05 11:14 3885088 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-12-10 14:04 . 2009-09-05 11:14 32480 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-12-10 14:04 . 2008-06-28 16:23 1076 ----a-w- c:\windows\bthservsdp.dat
2009-12-09 21:13 . 2009-09-06 21:30 -------- d-----w- c:\users\Amer\AppData\Roaming\Skype
2009-12-09 15:04 . 2009-09-06 21:40 -------- d-----w- c:\users\Amer\AppData\Roaming\skypePM
2009-12-06 04:09 . 2009-10-09 14:03 -------- d-----w- c:\users\Amer\AppData\Roaming\DMCache
2009-11-26 21:36 . 2008-06-28 16:36 -------- d-----w- c:\program files\Dell
2009-11-20 13:40 . 2009-09-05 01:02 103320 ----a-w- c:\users\Amer\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-20 10:34 . 2009-09-05 22:58 -------- d-----w- c:\progra~2\Microsoft Help
2009-11-11 16:36 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-11-11 16:28 . 2008-06-28 16:53 -------- d-----w- c:\program files\Microsoft Works
2009-11-10 22:42 . 2009-09-05 12:26 -------- d-----w- c:\program files\Windows Live
2009-11-08 18:19 . 2009-11-08 18:19 -------- d-----w- c:\progra~2\Pure Networks
2009-11-06 20:49 . 2008-06-28 16:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-06 14:19 . 2009-10-23 11:26 -------- d-----w- c:\users\Amer\AppData\Roaming\Move Networks
2009-11-05 23:15 . 2009-11-05 23:15 -------- d-----w- c:\users\Amer\AppData\Roaming\AltrixSoft
2009-11-05 17:09 . 2009-11-05 17:07 -------- d-----w- c:\progra~2\Yahoo!
2009-11-05 17:07 . 2009-11-05 17:07 -------- d-----w- c:\program files\Yahoo!
2009-11-02 17:42 . 2009-10-17 20:39 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-30 08:28 . 2009-10-30 08:28 -------- d-----w- c:\progra~2\WindowsSearch
2009-10-29 19:11 . 2009-10-29 19:11 -------- d-----w- c:\program files\Windows Portable Devices
2009-10-29 19:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-29 19:11 . 2009-10-29 19:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-10-25 23:17 . 2009-10-25 23:17 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-25 23:16 . 2009-10-25 23:16 -------- d-----w- c:\program files\MSECache
2009-10-23 18:53 . 2009-10-23 18:53 7680 ----a-w- c:\users\Amer\AppData\Roaming\Thinstall\القرآن الكريم\1000000800002i\svchost.exe
2009-10-23 18:52 . 2009-10-23 18:52 -------- d-----w- c:\users\Amer\AppData\Roaming\Thinstall
2009-10-23 11:26 . 2009-10-23 11:26 143973 ----a-w- c:\users\Amer\AppData\Roaming\Move Networks\uninstall.exe
2009-10-23 11:26 . 2009-09-24 21:45 5644224 ----a-w- c:\users\Amer\AppData\Roaming\Move Networks\plugins\npqmp071700000016.dll
2009-10-22 19:27 . 2009-10-22 19:27 -------- d-----w- c:\users\Amer\AppData\Roaming\Malwarebytes
2009-10-22 19:27 . 2009-10-22 19:27 -------- d-----w- c:\progra~2\Malwarebytes
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-10-20 13:04 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-10-20 13:01 . 2009-10-20 13:01 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-10-19 11:27 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-10-19 11:27 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-10-18 21:22 . 2009-10-18 21:13 -------- d-----w- c:\users\Amer\AppData\Roaming\Orbit
2009-10-18 21:13 . 2009-10-18 21:13 -------- d-----w- c:\users\Amer\AppData\Roaming\GrabPro
2009-10-18 15:11 . 2009-10-18 15:11 3104768 ----a-w- c:\windows\system32\NlsData004c.dll
2009-10-18 12:21 . 2009-10-18 12:21 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-10-18 12:21 . 2009-10-18 12:21 270848 ----a-w- c:\windows\system32\schannel.dll
2009-10-18 09:02 . 2009-10-18 09:02 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-10-17 21:42 . 2009-10-17 21:42 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-17 21:41 . 2009-10-17 21:41 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-10-17 21:41 . 2009-10-17 21:41 272896 ----a-w- c:\windows\system32\polstore.dll
2009-10-17 21:40 . 2009-10-17 21:40 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-10-17 21:40 . 2009-10-17 21:40 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-10-17 21:40 . 2009-10-17 21:40 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-10-17 21:40 . 2009-10-17 21:40 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-10-17 21:40 . 2009-10-17 21:40 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-10-17 21:40 . 2009-10-17 21:40 17920 ----a-w- c:\windows\system32\netevent.dll
2009-10-17 21:40 . 2009-10-17 21:40 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-10-17 21:40 . 2009-10-17 21:40 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-10-17 21:40 . 2009-10-17 21:40 10240 ----a-w- c:\windows\system32\finger.exe
2009-10-17 21:40 . 2009-10-17 21:40 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-10-17 21:40 . 2009-10-17 21:40 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-10-17 21:39 . 2009-10-17 21:39 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-10-17 21:39 . 2009-10-17 21:39 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-10-17 21:39 . 2009-10-17 21:39 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-10-17 21:39 . 2009-10-17 21:39 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-10-17 21:39 . 2009-10-17 21:39 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-10-17 21:39 . 2009-10-17 21:39 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-10-17 21:39 . 2009-10-17 21:39 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-10-17 21:38 . 2009-10-17 21:38 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-10-17 21:38 . 2009-10-17 21:38 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-10-17 21:38 . 2009-10-17 21:38 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-10-17 21:38 . 2009-10-17 21:38 23552 ----a-w- c:\windows\system32\lpk.dll
2009-10-17 21:38 . 2009-10-17 21:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-10-17 21:38 . 2009-10-17 21:38 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-10-17 21:37 . 2009-10-17 21:37 9728 ----a-w- c:\windows\system32\lsass.exe
2009-10-17 21:37 . 2009-10-17 21:37 72704 ----a-w- c:\windows\system32\secur32.dll
2009-10-17 21:37 . 2009-10-17 21:37 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-10-17 21:37 . 2009-10-17 21:37 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-17 21:37 . 2009-10-17 21:37 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-10-17 21:37 . 2009-10-17 21:37 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-10-17 21:36 . 2009-10-17 21:36 98816 ----a-w- c:\windows\system32\mfps.dll
2009-10-17 21:36 . 2009-10-17 21:36 2868224 ----a-w- c:\windows\system32\mf.dll
2009-10-17 21:36 . 2009-10-17 21:36 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-10-17 21:36 . 2009-10-17 21:36 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-10-17 21:36 . 2009-10-17 21:36 2048 ----a-w- c:\windows\system32\mferror.dll
2009-10-17 21:33 . 2009-10-17 21:33 71680 ----a-w- c:\windows\system32\atl.dll
2009-10-17 21:31 . 2009-10-17 21:31 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-17 21:31 . 2009-10-17 21:31 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-17 21:30 . 2009-10-17 21:30 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-10-17 21:29 . 2009-10-17 21:29 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-10-17 21:29 . 2009-10-17 21:29 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-10-17 21:29 . 2009-10-17 21:29 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-10-17 21:28 . 2009-10-17 21:28 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-10-17 21:25 . 2009-10-17 21:25 623616 ----a-w- c:\windows\system32\localspl.dll
2009-10-17 21:25 . 2009-10-17 21:25 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-10-17 21:25 . 2009-10-17 21:25 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-10-17 21:25 . 2009-10-17 21:25 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-10-17 21:25 . 2009-10-17 21:25 31232 ----a-w- c:\windows\system32\msvidc32.dll
2008-06-28 16:37 . 2008-06-28 16:37 76 --sha-r- c:\windows\CT4CET.bin
2008-06-29 00:14 . 2008-06-28 23:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe -osboot" [X]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-06-28 29744]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2008-06-28 77824]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-09-07 208616]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-12-03 429392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-6-28 50688]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-06-28 16:56 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):4a,0e,b1,8e,86,51,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3062592372-4062360750-1346158547-1000]
"EnableNotificationsRef"=dword:00000001

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 04:29 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/2008 04:28 م 20496]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [28/06/2008 06:22 م 73728]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [05/12/2009 11:00 م 276816]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [29/06/2008 02:15 ص 111616]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 05:02 م 26640]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [05/12/2009 11:00 م 19160]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [19/10/2009 01:01 م 21504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = local
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
FF - ProfilePath - c:\users\Amer\AppData\Roaming\Mozilla\Firefox\Profiles\fs666aie.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.ftp - 212.93.193.89
FF - prefs.js: network.proxy.ftp_port - 443
FF - prefs.js: network.proxy.gopher - 212.93.193.89
FF - prefs.js: network.proxy.gopher_port - 443
FF - prefs.js: network.proxy.http - 212.93.193.89
FF - prefs.js: network.proxy.http_port - 443
FF - prefs.js: network.proxy.socks - 212.93.193.89
FF - prefs.js: network.proxy.socks_port - 443
FF - prefs.js: network.proxy.ssl - 212.93.193.89
FF - prefs.js: network.proxy.ssl_port - 443
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll
FF - plugin: c:\users\Amer\AppData\Roaming\Move Networks\plugins\npqmp071700000016.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-12-10 16:26
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-10 16:28:38
ComboFix-quarantined-files.txt 2009-12-10 14:28
ComboFix2.txt 2009-09-26 09:23

Pre-Run: 106,512,265,216 bytes free
Post-Run: 106,460,839,936 bytes free

- - End Of File - - 2F117254458BB83A9D3DE04D7D43C82C

 
توقيع : amer79su
تأييد 0
مشكور اخي ماكس على تفاعلك السريع لكن مشكلة ايضاً ببطء الجهاز والتعليق
 
توقيع : amer79su
تأييد 0
توقيع : Technology G!rl
تأييد 0
لقد قمت باستخدام هذه الاداة ولكن مايزال جهازي بطيء :er:
 
توقيع : amer79su
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى