رسالة خطأ عند تشغيل فاحص الأخطاء tuneup2009

[أمكروس أمبارش]

السلام عليكم
بعد تنصيبي لبرنامج tuneup2009 أردت اكتشاف الأخطاء التي هي في الجهاز بالبرنامج المرافق معه TuneUp 1-Click Maintenance لكن للأسف تخرج لي رسالة خطا فما فحواها جزاكم الله خيرا

 

[السّاجد لله]

عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم


اعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​

 

[أمكروس أمبارش]

بارك الله فيك أخي الكريم
هذا ماطلبته من أخي
1 تقرير combofix
ComboFix 08-11-27.07 - Administrateur 2008-11-28 13:52:40.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1256.213.1036.18.1435 [GMT 1:00]
Running from: c:\documents and settings\Administrateur\Bureau\2.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrateur\Application Data\addon.dat
c:\windows\IE4 Error Log.txt
c:\windows\system32\Cfx32.lic
c:\windows\system32\cfx32.ocx
c:\windows\system32\igfxres.dll
c:\windows\system32\x64
H:\autorun.inf
.
((((((((((((((((((((((((( Files Created from 2008-10-28 to 2008-11-28 )))))))))))))))))))))))))))))))
.
2008-11-28 13:57 . 2008-11-28 13:57 <REP> d-------- c:\windows\system32\xircom
2008-11-28 13:57 . 2008-11-28 13:57 <REP> d-------- c:\windows\system32\oobe
2008-11-28 13:57 . 2008-11-28 13:57 <REP> d-------- c:\program files\microsoft frontpage
2008-11-28 13:26 . 2008-11-28 13:26 <REP> d-------- c:\documents and settings\Administrateur\Application Data\CyberScrub
2008-11-28 13:26 . 2008-11-28 13:26 <REP> d-------- c:\documents and settings\Administrateur\Application Data\cleaner
2008-11-28 13:07 . 2008-11-28 13:07 <REP> d-------- c:\program files\Folder Marker
2008-11-28 13:07 . 2008-11-28 13:07 <REP> d-------- c:\documents and settings\Administrateur\Application Data\ArcticLine
2008-11-28 11:49 . 2008-11-28 13:32 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Uniblue
2008-11-28 11:48 . 2008-11-28 11:48 <REP> d-------- c:\program files\Uniblue
2008-11-28 11:29 . 2003-04-16 01:10 110,592 --a------ c:\windows\system32\tsccvid.dll
2008-11-28 10:40 . 2008-11-28 10:40 <REP> d-------- c:\program files\GNU
2008-11-28 10:36 . 2008-11-28 10:36 <REP> d-------- c:\program files\GRETECH
2008-11-28 10:35 . 2008-11-28 10:35 <REP> d-------- c:\documents and settings\Administrateur\Application Data\GRETECH
2008-11-28 10:02 . 2008-11-28 10:02 <REP> d-------- c:\program files\Desktop Icon Toy
2008-11-28 09:46 . 2008-11-28 09:46 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-28 09:46 . 2008-11-28 09:46 1,409 --a------ c:\windows\QTFont.for
2008-11-27 20:28 . 2008-11-27 20:28 904 --ah----- C:\Desktop.ini
2008-11-27 20:26 . 2008-11-27 20:26 87,286 ---h----- C:\.jpg
2008-11-27 18:22 . 2008-11-27 18:22 <REP> d-------- c:\documents and settings\Administrateur\Application Data\SodaBush
2008-11-25 20:43 . 2008-11-25 22:07 <REP> d-------- c:\windows\BDOSCAN8
2008-11-25 18:26 . 2008-11-25 18:26 <REP> d-------- c:\documents and settings\NetworkService\Bureau
2008-11-25 17:12 . 2008-11-25 17:12 <REP> d-------- c:\program files\TuneUp Utilities 2009
2008-11-25 17:12 . 2008-11-25 17:12 <REP> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2008-11-25 17:12 . 2008-11-25 17:12 <REP> d-------- c:\documents and settings\Administrateur\Application Data\TuneUp Software
2008-11-25 17:12 . 2008-11-25 17:12 603,904 --a------ c:\windows\system32\TUProgSt.exe
2008-11-25 17:12 . 2008-11-25 17:12 362,240 --a------ c:\windows\system32\TuneUpDefragService.exe
2008-11-25 17:12 . 2008-11-12 16:44 27,904 --a------ c:\windows\system32\uxtuneup.dll
2008-11-25 17:11 . 2008-11-25 17:11 <REP> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2008-11-25 16:47 . 2008-11-25 16:47 <REP> d--h----- C:\BJPrinter
2008-11-25 16:47 . 2004-04-23 17:00 116,736 --a------ c:\windows\system32\CNMLM6e.DLL
2008-11-25 16:47 . 2004-04-23 17:00 7,680 --a------ c:\windows\system32\CNMVS6e.DLL
2008-11-25 16:46 . 2004-08-03 23:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-24 19:35 . 2008-11-24 19:35 <REP> d--h----- c:\windows\system32\GroupPolicy
2008-11-24 19:05 . 2008-11-24 19:05 <REP> d-------- c:\program files\Banana Security
2008-11-21 19:35 . 2008-11-21 19:35 315,392 --a------ c:\windows\HideWin.exe
2008-11-21 19:19 . 2008-11-21 19:19 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-20 20:03 . 2008-11-20 20:12 <REP> d-------- c:\program files\Chat Anywhere
2008-11-20 20:03 . 1998-06-24 00:00 108,336 --a------ c:\windows\system32\Mswinsck.ocx
2008-11-20 20:03 . 2000-10-26 17:01 45,056 --a------ c:\windows\system32\NTSVC.OCX
2008-11-20 20:00 . 2008-11-20 20:00 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-20 19:56 . 2008-11-20 19:56 <REP> d-------- c:\program files\Yahoo!
2008-11-20 18:26 . 2008-11-20 18:26 <REP> d-------- c:\program files\Antares
2008-11-17 22:51 . 2008-11-17 22:51 <REP> d-------- c:\windows\Downloaded Installations
2008-11-17 22:26 . 2008-11-17 22:26 <REP> d-------- c:\program files\InstallShield
2008-11-17 22:26 . 2008-11-17 22:26 <REP> d-------- c:\program files\Fichiers communs\Microsoft
2008-11-17 17:30 . 2008-11-17 17:30 <REP> d-------- c:\program files\Waves
2008-11-17 17:30 . 2008-11-17 17:30 <REP> d-------- c:\program files\Fichiers communs\digidesign
2008-11-17 14:58 . 2008-11-17 14:58 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Voxengo
2008-11-17 13:49 . 2008-11-17 13:49 <REP> d-------- c:\program files\Voxengo
2008-11-17 13:49 . 2008-11-17 13:49 <REP> d-------- c:\program files\Steinberg
2008-11-17 12:19 . 2004-08-03 22:58 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys
2008-11-17 12:16 . 1998-04-30 14:56 129,024 --a------ c:\windows\UNWISE.EXE
2008-11-17 12:15 . 2008-11-17 12:15 <REP> d-------- C:\audio
2008-11-17 12:15 . 1998-09-07 10:46 61,952 --a------ c:\windows\system32\stu.dll
2008-11-16 23:35 . 2008-11-16 23:35 <REP> d-------- c:\program files\IEPro
2008-11-16 23:35 . 2008-11-16 23:35 <REP> d-------- c:\documents and settings\Administrateur\Application Data\IEPro
2008-11-16 15:06 . 2008-11-16 15:06 <REP> d-------- c:\documents and settings\All Users\Application Data\Adobe Systems
2008-11-16 15:01 . 2008-11-16 15:01 <REP> d-------- c:\program files\Fichiers communs\Adobe Systems Shared
2008-11-15 19:21 . 2008-11-17 15:58 <REP> d-------- c:\program files\Internet Download Manager
2008-11-15 19:21 . 2008-11-17 12:59 <REP> d-------- c:\documents and settings\Administrateur\Application Data\IDM
2008-11-15 17:22 . 2008-11-15 17:22 <REP> d-------- c:\program files\SuperCopier2
2008-11-15 11:42 . 2008-11-15 11:42 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-11-15 11:16 . 2007-02-20 16:04 2,463,976 --a------ c:\windows\system32\NPSWF32.dll
2008-11-15 11:16 . 2007-02-20 16:04 190,696 --a------ c:\windows\system32\NPSWF32_FlashUtil.exe
2008-11-15 11:07 . 2008-11-15 11:07 <REP> d-------- c:\program files\Bonjour
2008-11-15 11:03 . 2008-11-15 11:03 <REP> d-------- c:\program files\Fichiers communs\Macrovision Shared
2008-11-14 22:07 . 2008-11-14 22:07 <REP> d-------- c:\documents and settings\Administrateur\Contacts
2008-11-14 20:03 . 2008-11-14 22:01 3,482 --ahs---- c:\windows\system\klog.dat
2008-11-14 19:55 . 2008-11-14 19:55 244 --ah----- C:\sqmnoopt00.sqm
2008-11-14 19:55 . 2008-11-14 19:55 232 --ah----- C:\sqmdata00.sqm
2008-11-14 19:47 . 2008-11-14 19:47 <REP> d-------- c:\program files\No-IP
2008-11-14 16:58 . 2008-11-14 16:58 <REP> d-------- c:\program files\NoCUT
2008-11-14 16:47 . 2003-06-19 01:31 17,920 --a------ c:\windows\system32\mdimon.dll
2008-11-14 16:47 . 2008-11-16 23:31 497 --a------ c:\windows\ODBC.INI
2008-11-14 16:46 . 2008-11-14 16:46 <REP> d-------- c:\windows\SHELLNEW
2008-11-14 16:45 . 2008-11-14 16:45 <REP> d-------- c:\program files\Microsoft.NET
2008-11-14 16:32 . 2008-11-15 15:08 <REP> d-------- c:\windows\system32\CatRoot_bak
2008-11-14 15:29 . 2008-11-28 13:58 <REP> d-------- c:\documents and settings\Administrateur\Application Data\DMCache
2008-11-14 15:29 . 2008-11-14 23:24 67 --a------ c:\windows\IDMan.INI
2008-11-14 15:27 . 2008-11-28 09:34 99 --a------ c:\windows\cdplayer.ini
2008-11-14 15:26 . 2008-11-14 15:26 <REP> d-------- c:\program files\Real
2008-11-14 15:26 . 2008-11-14 15:26 <REP> d-------- c:\program files\Fichiers communs\xing shared
2008-11-14 15:26 . 2008-11-14 15:26 <REP> d-------- c:\program files\Fichiers communs\Real
2008-11-14 15:02 . 2008-11-28 09:43 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-11-14 15:01 . 2008-11-17 22:26 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2008-11-14 14:56 . 2008-11-14 14:56 <REP> d-------- c:\program files\Total Video Converter
2008-11-14 14:56 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2008-11-14 14:43 . 2008-11-14 14:43 <REP> d-------- c:\documents and settings\Administrateur\Application Data\ACD Systems
2008-11-14 14:06 . 2006-09-24 16:11 389,120 --a------ c:\windows\system32\lameACM.acm
2008-11-14 14:06 . 2007-09-21 01:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2008-11-14 14:06 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2008-11-14 14:06 . 2007-10-03 16:03 414 --a------ c:\windows\system32\lame_acm.xml
2008-11-14 14:05 . 2008-11-14 14:06 <REP> d-------- c:\program files\K-Lite Codec Pack
2008-11-14 00:36 . 2008-06-24 17:30 74,240 --------- c:\windows\system32\dllcache\mscms.dll
2008-11-14 00:31 . 2008-07-07 21:31 253,952 --------- c:\windows\system32\dllcache\es.dll
2008-11-14 00:30 . 2008-05-07 05:55 1,294,336 --------- c:\windows\system32\dllcache\quartz.dll
2008-11-14 00:23 . 2008-06-14 18:59 272,768 --------- c:\windows\system32\drivers\bthport.sys
2008-11-14 00:23 . 2008-06-14 18:59 272,768 --------- c:\windows\system32\dllcache\bthport.sys
2008-11-14 00:22 . 2007-04-02 06:59 546,304 --------- c:\windows\system32\dllcache\hhctrl.ocx
2008-11-14 00:22 . 2008-08-14 10:51 138,368 --------- c:\windows\system32\dllcache\afd.sys
2008-11-14 00:20 . 2008-08-28 11:35 333,056 --------- c:\windows\system32\dllcache\srv.sys
2008-11-14 00:19 . 2008-09-15 16:39 1,846,144 --------- c:\windows\system32\dllcache\win32k.sys
2008-11-14 00:12 . 2008-08-14 14:44 2,182,400 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-14 00:12 . 2008-08-14 14:44 2,138,112 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-14 00:12 . 2008-08-14 14:44 2,059,776 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-14 00:12 . 2008-08-14 14:44 2,017,792 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-14 00:08 . 2008-05-08 13:14 203,008 --------- c:\windows\system32\dllcache\rmcast.sys
2008-11-14 00:07 . 2008-10-24 12:10 453,632 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-14 00:06 . 2008-05-01 15:31 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-11-14 00:05 . 2008-04-11 19:40 683,520 --------- c:\windows\system32\dllcache\inetcomm.dll
2008-11-14 00:03 . 2008-09-04 17:45 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 23:56 . 2008-10-15 17:55 339,456 --------- c:\windows\system32\dllcache\netapi32.dll
2008-11-13 20:47 . 2008-11-27 20:14 13,030 --a------ C:\PDOXUSRS.NET
2008-11-13 19:39 . 2001-08-17 21:56 7,552 --a------ c:\windows\system32\drivers\SONYPVU1.SYS
2008-11-13 19:23 . 2008-11-13 19:23 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Media Player Classic
2008-11-13 18:10 . 2008-11-13 18:10 <REP> d-------- c:\program files\RocketDock
2008-11-13 18:03 . 2008-11-13 18:03 <REP> d-------- c:\program files\SWiSHmax
2008-11-13 18:03 . 2004-03-29 15:23 90,112 --a------ c:\windows\unvise32.exe
2008-11-13 18:01 . 2008-11-16 15:02 <REP> d-------- c:\program files\Fichiers communs\Adobe
2008-11-13 16:33 . 2004-08-04 00:45 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys
2008-11-13 16:15 . 2008-11-13 16:15 0 --a------ c:\windows\nsreg.dat
2008-11-13 13:56 . 2008-11-28 13:42 <REP> d-------- c:\documents and settings\Administrateur\Application Data\Skype
2008-11-13 13:54 . 2008-11-13 13:54 <REP> d-------- c:\program files\Google
2008-11-13 13:53 . 2008-11-13 13:53 <REP> d-------- c:\program files\Skype
2008-11-13 13:53 . 2008-11-13 13:53 <REP> d-------- c:\program files\Fichiers communs\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-21 18:21 --------- d-----w c:\program files\TweakRAM
2008-11-14 14:11 --------- d-----r c:\program files\Windows Sidebar
2008-11-13 09:57 --------- d-----w c:\program files\Styler
2008-11-13 09:57 --------- d-----w c:\documents and settings\Administrateur\Application Data\Styler
2008-11-13 09:55 --------- d-----w c:\program files\Reference Assemblies
2008-11-13 09:55 --------- d-----w c:\program files\MSBuild
2008-11-13 09:47 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-13 09:47 --------- d-----w c:\documents and settings\All Users\Application Data\WindowsLiveInstaller
2008-11-13 09:46 --------- d-----w c:\program files\Real Alternative
2008-11-13 09:46 --------- d-----w c:\program files\QT Lite
2008-11-13 09:46 --------- d-----w c:\program files\Fichiers communs\ACD Systems
2008-11-13 09:46 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-13 09:45 --------- d-----w c:\program files\ACD Systems
2008-11-13 09:45 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-11-13 09:44 --------- d-----w c:\program files\Nero
2008-11-13 09:44 --------- d-----w c:\program files\Fichiers communs\Nero
2008-11-13 09:44 --------- d-----w c:\documents and settings\All Users\Application Data\Nero
2008-11-13 09:43 --------- d-----w c:\program files\MSXML 6.0
2008-11-13 09:43 --------- d-----w c:\program files\MSXML 4.0
2008-11-13 09:27 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-12-18 25088]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-11-13 171448]
"NoCUT Control"="c:\program files\NoCUT\NCTCtl.exe" [2006-03-29 78848]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2005-03-14 1057280]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2008-02-21 2594224]
"Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2006-09-13 4621816]
"DesktopIconToy"="c:\program files\Desktop Icon Toy\DesktopIconToy.exe" [2008-03-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="c:\program files\UberIcon\UberIcon Manager.exe" [2006-07-17 122880]
"VisualTaskTips"="c:\windows\System32\VisualTaskTips.exe" [2007-12-18 36864]
"Vistadrv"="c:\windows\system32\Vistadrive\vsdrv.exe" [2006-07-30 121089]
"Styler"="c:\program files\styler\Styler.exe" [2006-05-03 307200]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2007-08-28 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2007-08-28 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-08-28 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-08-28 455168]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-22 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-22 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-22 138008]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]
"LogonStudio"="c:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-11-14 180269]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-01-10 1235456]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-22 c:\windows\RTHDCPL.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-12-18 12451]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2007-12-18 44544]
"nltide_3"="advpack.dll" [2008-08-26 c:\windows\system32\advpack.dll]
c:\documents and settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-14 113664]
RocketDock.exe.lnk - c:\program files\RocketDock\RocketDock.exe [2008-11-13 495616]
TrueTransparency.lnk - c:\program files\TrueTransparency\TrueTransparency.exe [2008-11-13 321536]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-11-14 113664]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\\WINDOWS\\system32\\logonuiX.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R0 Si3124;Si3124;c:\windows\system32\drivers\Si3124.sys [2007-12-18 76208]
R0 Si3132r5;Si3132r5;c:\windows\system32\drivers\Si3132r5.sys [2007-12-18 208688]
R0 Si3531;Si3531;c:\windows\system32\drivers\Si3531.sys [2007-12-18 210224]
R2 NoCUT;NoCUT;"c:\windows\system32\NoCUT.exe" [2006-03-29 18432]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2008-11-25 603904]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - HELPSVC
.
s of the 'Scheduled Tasks' folder
2008-11-28 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]
2008-11-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
2008-11-28 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
2008-11-28 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
- - - - ORPHANS REMOVED - - - -
Toolbar-SaveLinksOrder - (no file)
Toolbar-Locked - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBar7Layout - (no file)
Toolbar-ITBar7Position - (no file)
HKU-Default-RunOnce-nltide3 - rundll32 advpack.dll

.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\t0wa8cnn.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-11-28 13:58:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

c:\docume~1\ADMINI~1\LOCALS~1\Temp\etilqs_PQOMuAsahTVxkxH 0 bytes
scan completed successfully
hidden files: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\mc22.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(2040)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\klogon.dll
- - - - - - - > 'lsass.exe'(268)
c:\windows\system32\setupapi.dll
- - - - - - - > 'explorer.exe'(2316)
c:\program files\SuperCopier2\SC2Hook.dll
c:\program files\RocketDock\RocketDock.dll
c:\program files\TrueTransparency\TrueTransparencyHook.dll
c:\windows\System32\VttHooks.dll
c:\program files\UberIcon\UberIcon.dll
c:\program files\styler\StylerHelper.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Windows Defender\MsMpEng.exe
c:\windows\system32\igfxsrvc.exe
c:\progra~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Borland\InterBase\bin\ibguard.exe
c:\program files\Borland\InterBase\bin\ibserver.exe
c:\program files\Internet Download Manager\IEMonitor.exe
.
**************************************************************************
.
Completion time: 2008-11-28 14:06:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-11-28 13:06:05
Pre-Run: 26 772 873 216 octets libres
Post-Run: 26,740,428,800 octets libres
321 --- E O F --- 2008-11-27 15:54:18






اما هذا تقرير الهايجكان
Logfile of HijackThis v1.99.1
Scan saved at 14:12:29, on 28/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20900)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\NoCUT\NCTCtl.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\TrueTransparency\TrueTransparency.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\WINDOWS\system32\NoCUT.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Biblietique\مشاكل الجهاز وحلولها\زيزوميات\برنامج الهايجكان يذهر التقرير حول الجهاز\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NoCUT Control] C:\Program Files\NoCUT\NCTCtl.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [DesktopIconToy] C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.exe.lnk = C:\Program Files\RocketDock\RocketDock.exe
O4 - Startup: TrueTransparency.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{F7334E79-F9DC-4654-99B9-AF3073AC0DAA}: NameServer = 208.67.222.222 193.55.10.102
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: NoCUT - CyberEDGE® Egypt - C:\WINDOWS\system32\NoCUT.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe



وشكرا مرة اخرى

 

[أمكروس أمبارش]

بارك الله فيك أخي الكريم
المشكلة زالت
ولكن هل جهازي نظيف ؟؟