تقرير جهازي

[F15]

الرجاء ممكن تحليل تقرير جهازي الله يبارك فيكم


ComboFix 08-12-18.03 - omar 12/20/2008 16:44:30.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1025.18.447.151 [GMT 1:00]
Running from: c:\documents and settings\omar\سطح المكتب\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\404Fix.exe
c:\windows\system32\agsaame.dll
c:\windows\system32\ALOAudioFile2.dll
c:\windows\system32\ALOAVIFile.dll
c:\windows\system32\ALOQuickTimeFile.dll
c:\windows\system32\ALOVideoCoreM.dll
c:\windows\system32\ALOWMAFile2.dll
c:\windows\system32\bcaffacfec_d.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kakle.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\winitn.dll
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Files Created from 2008-11-20 to 2008-12-20 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-20 15:07 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab
2008-12-20 15:06 269,588 --sha-w c:\windows\system32\drivers\fidbox.idx
2008-12-20 15:06 20,048,928 --sha-w c:\windows\system32\drivers\fidbox.dat
2008-12-20 15:06 104,636 --sha-w c:\windows\system32\drivers\fidbox2.idx
2008-12-20 15:06 1,104,672 --sha-w c:\windows\system32\drivers\fidbox2.dat
2008-12-19 12:42 --------- d-----w c:\program files\Paltalk Messenger
2008-12-18 19:41 --------- d-----w c:\documents and settings\omar\Application Data\Paltalk
2008-12-13 20:08 90,112 ----a-w c:\windows\system32\agsaami.dll
2008-12-13 20:08 753,664 ----a-w c:\windows\system32\agsaamg.dll
2008-12-13 20:08 626,688 ----a-w c:\windows\system32\agsaamh.dll
2008-12-13 20:08 544,256 ----a-w c:\windows\system32\agsaamd.dll
2008-12-13 20:08 538,624 ----a-w c:\windows\system32\agsaamb.dll
2008-12-13 20:08 372,736 ----a-w c:\windows\system32\agsaamc.dll
2008-12-13 20:08 331,776 ----a-w c:\windows\system32\agsaama.dll
2008-12-13 20:08 2,846,720 ----a-w c:\windows\system32\agsaamj.dll
2008-12-13 20:07 90,112 ----a-w c:\windows\system32\ALOAudioFormatSettings3.dll
2008-12-13 20:07 780,288 ----a-w c:\windows\system32\ALOVideoCompress.dll
2008-12-13 20:07 778,240 ----a-w c:\windows\system32\ALOAudioCompress2.dll
2008-12-13 20:07 215,552 ----a-w c:\windows\system32\ALOWMVFile.dll
2008-12-13 20:07 2,846,720 ----a-w c:\windows\system32\ALOAudioCompress3.dll
2008-12-13 20:07 188,416 ----a-w c:\windows\system32\ALOVideoFile.dll
2008-12-13 20:07 1,245,184 ----a-w c:\windows\system32\bkll.dll
2008-12-12 09:59 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-11 02:54 --------- d-----w c:\program files\RegSupreme Pro
2008-12-11 02:45 --------- d-----w c:\program files\SuperCleaner
2008-12-08 22:18 --------- d-----w c:\program files\Java
2008-11-24 12:41 --------- d-----w c:\program files\iTunes
2008-11-24 12:41 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-24 12:38 --------- d-----w c:\program files\iPod
2008-11-24 12:38 --------- d-----w c:\program files\Common Files\Apple
2008-11-24 12:28 --------- d-----w c:\program files\QuickTime
2008-11-24 12:08 --------- d-----w c:\program files\Safari
2008-11-20 01:29 --------- d-----w c:\documents and settings\All Users\Application Data\PopCap
2008-11-19 23:59 --------- d-----w c:\documents and settings\omar\Application Data\Nokia
2008-11-19 23:50 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-11-19 23:50 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-11-19 23:50 --------- d-----w c:\documents and settings\omar\Application Data\PC Suite
2008-11-19 23:50 --------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2008-11-19 23:46 --------- d-----w c:\documents and settings\All Users\Application Data\Installations
2008-11-19 23:45 --------- d-----w c:\program files\PC Connectivity Solution
2008-11-19 23:45 --------- d-----w c:\program files\Nokia
2008-11-19 23:45 --------- d-----w c:\program files\DIFX
2008-11-19 23:45 --------- d-----w c:\program files\Common Files\PCSuite
2008-11-19 23:45 --------- d-----w c:\program files\Common Files\Nokia
2008-11-10 19:36 --------- d-----w c:\program files\Common Files\Adobe
2008-11-01 18:56 --------- d-----w c:\program files\AMUST
2008-10-31 23:47 369,665 ----a-w c:\windows\system32\360x180° Mekan.scr
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 09:30 --------- d-----w c:\program files\Google
2008-10-23 16:20 --------- d-----w c:\documents and settings\omar\Application Data\Skype
2008-10-23 15:58 --------- d-----w c:\documents and settings\omar\Application Data\skypePM
2008-10-23 15:57 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:04 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-13 21:02 344,064 ----a-w c:\windows\system32\dkll.dll
2008-10-13 21:02 196,608 ----a-w c:\windows\system32\maag.dll
2008-10-13 21:02 1,986,560 ----a-w c:\windows\system32\akll.dll
2008-10-13 21:02 1,212,416 ----a-w c:\windows\system32\ckll.dll
2008-10-03 10:03 247,326 ----a-w c:\windows\system32\strmdll.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-03-24 17:07 774,144 ----a-w c:\program files\RngInterstitial.dll
2008-02-04 07:21 32 -c--a-r c:\documents and settings\All Users\hash.dat
2008-02-02 10:12 67,696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-02-02 10:12 54,376 -c--a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-02-02 10:12 34,952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-02-02 10:12 46,720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-02-02 10:12 172,144 -c--a-w c:\program files\mozilla firefox\components\xpinstal.dll
2008-06-02 18:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008060220080603\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [04/14/2008 04:59 PM 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [04/25/2008 05:21 PM 201992]
"MSConfig"="c:\windows\pchealth\helpctr\Binaries\MSCONFIG.EXE" [04/14/2008 04:59 PM 169984]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 04:59 PM 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact]
04/16/2008 02:24 PM 165368 c:\windows\system32\RegCompact.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^PalTalk.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 10/15/2008 01:04 AM 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 12/16/2005 11:57 AM 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 04/14/2008 04:59 PM 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 11/20/2008 01:20 PM 290088 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 04/14/2008 04:59 PM 1695232 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 10/18/2007 11:34 AM 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 09:50 AM 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
--a------ 06/17/2008 04:00 PM 1249280 c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
--a------ 10/02/2008 07:00 AM 1124352 c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 11/04/2008 10:30 AM 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 11/24/2006 12:06 AM 487424 c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 12/12/2008 10:59 AM 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 02/06/2008 10:15 PM 185896 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 02/06/2008 07:51 PM 16264192 c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S3Trayp]
-ra------ 02/06/2008 07:51 PM 159744 c:\windows\system32\S3Trayp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 02/06/2008 07:51 PM 2879488 c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]
-ra------ 02/06/2008 07:51 PM 53248 c:\windows\system32\VTTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-03-25 24592]
R3 S3G700;S3G700;c:\windows\system32\DRIVERS\S3G700m.sys [2008-02-06 792576]
.
s of the 'Scheduled Tasks' folder
2008-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 11:34 AM]
2008-12-20 c:\windows\Tasks\omar backup.job
- C:\ [12/20/2008 04:44 PM]
2008-12-20 c:\windows\Tasks\omar scan and fix.job
- C:\ [12/20/2008 04:44 PM]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://news.bbc.co.uk/hi/arabic/news/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

c:\windows\Downloaded Program Files\menu.dll - O16 -: {3D2CB570-D425-11D5-ABD0-00008369C46F}
hxxps://netbank.danskebank.dk/html/activex/DB/Menu.cab
c:\windows\Downloaded Program Files\Menu.inf
c:\windows\Downloaded Program Files\e-Safekey.dll - O16 -: {D8575CE3-3432-4540-88A9-85A1325D3375}
hxxps://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
c:\windows\Downloaded Program Files\e-Safekey.inf
FF - ProfilePath -
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-12-20 16:48:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1036)
c:\windows\system32\klogon.dll
c:\windows\system32\RegCompact.dll
.
Completion time: 12/20/2008 16:50:17
ComboFix-quarantined-files.txt 2008-12-20 15:49:24
Pre-Run: 5,500,858,368 bytes free
Post-Run: 5,817,040,896 bytes free
229 --- E O F --- 2008-12-18 21:52:16



هل جهازي مصاب

 

[MAAX]

الله يحييك اخوي
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم​

 

[F15]

الله يحيك اخوي
هذا تقرير الهايجك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:57, on 21/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\omar\Local Settings\Temporary Internet Files\.IE5\8Z272J2F\Zyzoom_HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan ) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} -
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 6560 bytes

 

[MAAX]

التقارير سليمة عزيزي

موفق

 

[F15]

مشكور اخي الغالي ماكس

بس ممكن سؤال؟؟
لقد قمت من يومين بتعطيل بعض البرامج اثناء تشغيل الويندوز عن طريق هذة الكلمة Msconfig
لان جهازي كان يعلق عندي بشكل فضيع فقمت بتعطيل بعض البرامج واليوم حاولت الدخول الى Msconfig

تظهر عندي الرسالة


Windows cannot find ‘msconfig’. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click Search


ما العمل!!!!! الملف لم يتعرف عليه الويندوز؟؟

 

[MAAX]

طبق الحلول من هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبلغني النتائج​

 

[F15]

شكرا لك اخي الغالي ماكس
تصلحت المشكلة جزاكم الله خير على ماتقدموه
ويجعله في ميزان حسناتكم الف شكر

 

[MAAX]

الشكر لله اخي
والحمدلله على انتهاء المشكلة

يغلق الموضوع لانتهائه