بعض التعليقات في نظامي وندوز7 يوجد تقارير

السلام عليكم ..!!

يالغالين اانا فحصت جهازي بكل ادوات الصيانه .. وهذا التقرير :

اقتباس:
******** 10-11-03.04 - momo 11/05/2010 0:18.3.2 - x86
microsoft windows 7 ultimate 6.1.7600.0.1256.966.1025.18.2038.1275 [gmt 3:00]
running from: C:\users\momo\desktop\********.exe
.
((((((((((((((((((((((((((((((((((((((( other deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\users\momo\appdata\local\temp\64ca.tmp
c:\windows\system32\404fix.exe
c:\windows\system32\agent.omz.fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\iedfix.c.exe
c:\windows\system32\iedfix.exe
c:\windows\system32\o4patch.exe
c:\windows\system32\process.exe
c:\windows\system32\srchsts.exe
c:\windows\system32\tmp.reg
c:\windows\system32\vacfix.exe
c:\windows\system32\vcclsid.exe
c:\windows\system32\ws2fix.exe
.
((((((((((((((((((((((((( files created from 2010-10-04 to 2010-11-04 )))))))))))))))))))))))))))))))
.
2010-11-04 21:23 . 2010-11-04 21:25 -------- d-----w- c:\users\momo\appdata\local\temp
2010-11-04 21:23 . 2010-11-04 21:23 -------- d-----w- c:\users\public\appdata\local\temp
2010-11-04 21:23 . 2010-11-04 21:23 -------- d-----w- c:\users\default\appdata\local\temp
2010-11-04 21:23 . 2010-11-04 21:23 -------- d-----w- c:\users\boooys\appdata\local\temp
2010-11-03 11:30 . 2010-11-03 11:30 -------- d-----w- c:\users\boooys\appdata\local\apps
2010-11-03 11:03 . 2010-11-03 11:03 -------- d-----w- c:\users\momo\appdata\roaming\flood light games
2010-11-03 11:03 . 2010-11-03 11:03 -------- d-----w- c:\programdata\flood light games
2010-11-03 11:03 . 2010-11-03 11:03 -------- d-----w- c:\program files\common files\oberon media
2010-11-03 11:02 . 2010-11-03 11:02 -------- d-----w- c:\program files\oberon media
2010-11-03 11:02 . 2010-11-03 11:02 -------- d-----w- c:\program files\game rival
2010-11-02 21:03 . 2010-11-02 21:03 -------- d-----w- c:\users\momo\appdata\roaming\roxio
2010-11-02 20:57 . 2010-11-02 20:57 -------- d-----w- c:\programdata\sonic
2010-11-02 20:56 . 2010-11-02 20:56 -------- d-----w- c:\program files\common files\px storage engine
2010-11-02 20:56 . 2010-11-02 20:57 -------- d-----w- c:\programdata\roxio
2010-11-02 20:56 . 2010-11-02 20:56 -------- d-----w- c:\program files\roxio
2010-11-02 20:56 . 2010-11-02 20:56 -------- d-----w- c:\program files\common files\sonic shared
2010-11-02 17:56 . 2010-11-03 12:39 -------- d-----w- c:\users\momo\tracing
2010-11-02 16:51 . 2010-11-02 17:38 -------- d-----w- c:\users\boooys\appdata\local\adobe
2010-11-02 08:57 . 2010-11-02 09:40 -------- d-----r- c:\users\momo-pc
2010-11-02 08:57 . 2010-11-02 08:57 528 ----a-r- c:\users\mediaid.bin
2010-11-02 08:56 . 2010-11-02 08:58 -------- d-----w- c:\program files\your uninstaller 2008
2010-11-02 08:45 . 2010-11-02 08:45 -------- d-----w- c:\windows\profiles
2010-11-02 08:19 . 2010-11-02 08:19 -------- d-----w- c:\users\momo\appdata\roaming\geovid
2010-11-02 08:18 . 2010-11-02 08:18 -------- d-----w- c:\programdata\geovid
2010-11-02 08:18 . 2010-11-02 08:18 -------- d-----w- c:\program files\common files\geovid
2010-11-02 08:18 . 2007-06-28 15:55 77824 ----a-w- c:\windows\system32\xvid.ax
2010-11-02 08:18 . 2005-06-07 12:11 60416 ----a-w- c:\windows\system32\dsetup.dll
2010-11-02 08:18 . 2003-03-19 05:19 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-11-02 08:18 . 2003-03-19 05:12 1047552 ----a-w- c:\windows\system32\mfc71u.dll
2010-11-02 08:18 . 2003-03-19 03:05 89088 ----a-w- c:\windows\system32\atl71.dll
2010-11-02 08:18 . 2010-11-02 08:18 -------- d-----w- c:\program files\geovid
2010-10-30 10:00 . 2010-10-30 10:00 35 ----a-w- c:\users\momo\appdata\roaming\setvalue.bat
2010-10-30 10:00 . 2010-10-30 10:00 691 ----a-w- c:\users\momo\appdata\roaming\getvalue.vbs
2010-10-28 19:57 . 2010-10-28 20:01 -------- d-----w- c:\program files\microsoft silverlight
2010-10-28 19:51 . 2010-10-28 19:51 -------- d-----w- c:\users\momo\appdata\local\windows live
2010-10-20 05:21 . 2010-10-20 05:21 -------- d-----w- c:\users\momo\appdata\local\mplayer
2010-10-20 05:21 . 2010-10-20 05:21 -------- d-----w- c:\users\momo\appdata\roaming\gnupg
2010-10-19 06:09 . 2010-10-19 06:09 98304 ----a-w- c:\windows\system32\cmdlineext.dll
2010-10-17 07:52 . 2010-10-17 07:52 -------- d-----w- c:\windows\downloaded installations
2010-10-16 11:49 . 2010-10-16 11:49 -------- d-----w- c:\programdata\mumbojumbo
2010-10-16 11:21 . 2010-10-16 11:21 -------- d-----w- c:\program files\brain challenge
2010-10-15 06:51 . 2010-10-20 21:15 -------- d-----w- c:\users\momo\appdata\roaming\bitcomet
2010-10-15 06:51 . 2010-10-15 06:51 -------- d-----w- c:\program files\bitcomet
2010-10-11 12:09 . 2010-10-28 20:16 -------- d-----w- c:\program files\gta san andreas
2010-10-09 11:23 . 2010-10-09 11:23 -------- d-----w- c:\users\momo\appdata\roaming\runscanner.net
2010-10-08 13:49 . 2010-10-08 13:49 -------- d-----w- c:\programdata\************
2010-10-08 13:49 . 2010-10-30 10:25 -------- d-----w- c:\zyzoom_tools
.
(((((((((((((((((((((((((((((((((((((((( find3m report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-09-15 01:50 . 2010-06-30 21:10 472808 ----a-w- c:\windows\system32\deployjava1.dll
.
------- sigcheck -------
[7] 2009-10-31 . C76153c7eca00fa852bb0c193378f917 . 2614272 . . [6.1.7600.16385] . . C:\windows\softwaredistribution\download\b23c9e491 77e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_5228 3b2af41f3691\explorer.exe
[7] 2009-10-31 . 2626fc9755be22f805d3cfa0ce3ee727 . 2614272 . . [6.1.7600.16385] . . C:\windows\softwaredistribution\download\b23c9e491 77e4877c3c32ef3b38f35ad\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a6 6d6ddafc2ed1\explorer.exe
[7] 2009-08-03 . 9ff6c4c91a3711c0a3b18f87b08b518d . 2613248 . . [6.1.7600.16385] . . C:\windows\softwaredistribution\download\c1f17c80c 3b916714e96cf873d95fd6d\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_5266 19d4f3f142e6\explorer.exe
[7] 2009-08-03 . B95eeb0f4e5efbf1038a35b3351cf047 . 2613248 . . [6.1.7600.16385] . . C:\windows\softwaredistribution\download\c1f17c80c 3b916714e96cf873d95fd6d\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e0 7e31dad00878\explorer.exe
[-] 2009-07-14 . 84a5166aac6dae431706f5a934e1cab3 . 2130432 . . [6.1.7600.16385] . . C:\windows\explorer.exe
[7] 2009-07-14 . 15bc38a7492befe831966adb477cf76f . 2613248 . . [6.1.7600.16385] . . C:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518a fd35db100430\explorer.exe
.
((((((((((((((((((((((((((((((((((((( reg loading points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*note* empty entries & legit default entries are not shown
regedit4
[hkey_current_user\software\microsoft\windows\curre ntversion\run]
"ccleaner"="c:\program files\ccleaner\ccleaner.exe" [2010-04-23 1668920]
"isuspm"="c:\program files\common files\installshield\updateservice\isuspm.exe" [2008-10-24 206112]
"swg"="c:\program files\google\googletoolbarnotifier\1.2.1128.5462\g oogletoolbarnotifier.exe" [2010-06-30 171448]
"google update"="c:\users\momo\appdata\local\google\update \googleupdate.exe" [2010-09-17 136176]
"idman"="c:\program files\internet download manager\idman.exe" [2010-06-30 3171760]
[hkey_local_machine\software\microsoft\windows\curr entversion\run]
"sigmatelsystrayapp"="c:\program files\sigmatel\c-major audio\wdm\sttray.exe" [2007-09-13 405504]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"hotkeyscmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"persistence"="c:\windows\system32\igfxpers.ex e" [2009-09-23 150552]
"tkbellexe"="c:\program files\common files\real\update_ob\realsched.exe" [2010-07-07 202256]
"logitech hardware abstraction layer"="c:\program files\common files\logitech\khalshared\khalmnpr.exe" [2007-10-09 100888]
"adobe reader speed launcher"="c:\program files\adobe\reader 9.0\reader\reader_sl.exe" [2010-09-23 35760]
"adobe arm"="c:\program files\common files\adobe\arm\1.0\adobearm.exe" [2010-09-20 932288]
"roxwatchtray"="c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe" [2009-07-08 236016]
c:\programdata\microsoft\windows\start menu\programs\startup\
adobe gamma loader.lnk - c:\program files\common files\adobe\calibration\adobe gamma loader.exe [2010-7-6 113664]
setpoint.lnk - c:\program files\setpoint\setpoint.exe [2010-7-11 679936]
[hkey_local_machine\software\microsoft\windows\curr entversion\policies\system]
"consentpromptbehavioradmin"= 5 (0x5)
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
r3 btnetbus;bluetooth pan bus service;c:\windows\system32\drivers\btnetbus.sys [2008-12-07 30088]
r3 ivtbtbus;ivt bluetooth bus service;c:\windows\system32\drivers\ivtbtbus.sys [2008-07-02 26248]
r3 maconfservice;ma-config service;c:\program files\ma-config.com\maconfservice.exe [2010-06-10 253808]
r3 massfilter;zte mass storage filter driver;c:\windows\system32\drivers\massfilter.sys [x]
r3 screamingbdriver;screaming bee audio;c:\windows\system32\drivers\screamingbaudio. sys [2008-11-22 23064]
s0 bthidbus;bluetooth hid bus service;c:\windows\system32\drivers\bthidbus.sys [2009-01-07 20744]
s1 nvtsp50;novatel wireless ndis 5 single-packet read protocol driver;c:\windows\system32\drivers\nvtsp50.sys [2008-06-10 22016]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [2009-07-13 48128]
s2 aestfilters;andrea st filters service;c:\windows\system32\aestsrv.exe [2007-09-20 73728]
s2 hsswd;hotspot shield monitoring service;c:\program files\hotspot shield\bin\hsswd.exe [2010-06-23 322608]
s3 srvhsfhda;srvhsfhda;c:\windows\system32\drivers\vs tazl3.sys [2009-07-13 207360]
s3 srvhsfv92;srvhsfv92;c:\windows\system32\drivers\vs tdpv3.sys [2009-07-13 980992]
s3 srvhsfwinac;srvhsfwinac;c:\windows\system32\driver s\vstcnxt3.sys [2009-07-13 661504]
.
Contents of the 'scheduled tasks' folder
2010-11-02 c:\windows\tasks\googleupdatetaskusers-1-5-21-3772074335-3823509552-82275469-1001core.job
- c:\users\momo\appdata\local\google\update\googleup date.exe [2010-09-17 04:27]
2010-11-04 c:\windows\tasks\googleupdatetaskusers-1-5-21-3772074335-3823509552-82275469-1001ua.job
- c:\users\momo\appdata\local\google\update\googleup date.exe [2010-09-17 04:27]
.
.
------- supplementary scan -------
.
Ustart page = hxxp://www.google.com/
mstart page = about:blank
uinternet settings,proxyoverride = local
ie: تحميل الكل بواسطة internet download manager - c:\program files\internet download manager\iegetall.htm
ie: تحميل الكل بواسطة بيتكومنت - c:\program files\bitcomet\bitcomet.exe/addalllink.htm
ie: تحميل بواسطة internet download manager - c:\program files\internet download manager\ieext.htm
ie: تحميل بواسطة بيتكومنت - c:\program files\bitcomet\bitcomet.exe/addlink.htm
ie: تحميل محتوى flv بواسطة internet download manager - c:\program files\internet download manager\iegetvl.htm
tcp: {33d0348f-05e1-41a0-90a0-b06c0666a213} = 10.13.24.1
ff - profilepath - c:\users\momo\appdata\roaming\mozilla\firefox\prof iles\z29q4tnb.default\
ff - prefs.js: Keyword.url - hxxp://www.google.com/search?sourceid=navclient&hl=ar&q=
ff - component: C:\programdata\real\realplayer\browserrecordplugin \firefox\ext\components\nprpffbrowserrecordext.dll
ff - component: C:\users\momo\appdata\roaming\idm\idmmzcc3\compone nts\idmmzcc.dll
ff - component: C:\users\momo\appdata\roaming\mozilla\firefox\prof iles\z29q4tnb.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
ff - component: C:\users\momo\appdata\roaming\mozilla\firefox\prof iles\z29q4tnb.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\ibitcometextension.dll
ff - plugin: C:\program files\common files\research in motion\bbwebsllauncher\npwebsllauncher.dll
ff - plugin: C:\program files\java\jre6\bin\new_plugin\npdeployjava1.dll
ff - plugin: C:\program files\ma-config.com\nphardwaredetection.dll
ff - plugin: C:\program files\mozilla firefox\plugins\npdeployjava1.dll
ff - plugin: C:\program files\windows live\photo gallery\npwlpg.dll
ff - plugin: C:\programdata\real\realplayer\browserrecordplugin \mozillaplugins\nprphtml5videoshim.dll
ff - plugin: C:\users\momo\appdata\local\google\update\1.2.183. 39\npgoogleoneclick8.dll
---- firefox policies ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.idn.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- file associations -------
.
Vbefile\shell\open2\command="%systemroot%\system32 \cscript.exe" "%1" %*
vbsfile\shell\open2\command="%systemroot%\system32 \cscript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\system32\cs cript.exe "%1" %*
.
- - - - orphans removed - - - -
webbrowser-{8ff5e180-abde-46eb-b09e-d2aab95cabe3} - (no file)

.
--------------------- locked registry keys ---------------------
[hkey_users\s-1-5-21-3772074335-3823509552-82275469-1001_classes\clsid\{7b8e9164-324d-4a2e-a46d-0165fb2000ec}]
@denied: (full) (everyone)
"scansk"=hex(0):e3,e2,87,1a,c4,cd,3e,f8,35,13, fe,2 8,58,de,cf,86,f3,8e,67,25,f7,
e2,17,aa,0c,d7,a6,ac,8a,d8,08,33,c3,9a,b7,76,cd,de ,55,40,00,00,00,00,00,00,\
[hkey_users\s-1-5-21-3772074335-3823509552-82275469-1001_classes\clsid\{de7cb2b4-5220-41ac-b78b-5e1923357374}]
@denied: (full) (everyone)
@allowed: (read) (restrictedcode)
"model"=dword:0000012e
"therad"=dword:0000001c
"mdata"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,3 5,6b ,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68 ,ee,21,46,8f,3c,f2,5c,68,\
[hkey_local_machine\system\controlset001\control\cl ass\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
[hkey_local_machine\system\controlset001\control\cl ass\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
[hkey_local_machine\system\controlset001\control\pc w\security]
@denied: (full) (everyone)
.
--------------------- dlls loaded under running processes ---------------------
- - - - - - - > 'explorer.exe'(3572)
c:\program files\setpoint\lgscroll.dll
.
------------------------ other running processes ------------------------
.
C:\program files\hotspot shield\bin\openvpnas.exe
c:\windows\system32\taskhost.exe
c:\program files\microsoft\search enhancement pack\seaport\seaport.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\stacsv.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\windows media player\wmpnetwk.exe
.
************************************************** ************************
.
Completion time: 2010-11-05 00:28:05 - machine was rebooted
********-quarantined-files.txt 2010-11-04 21:28
********2.txt 2010-10-05 11:21
pre-run: 48,286,371,840 bytes free
post-run: 48,251,641,856 bytes free
- - end of file - - 7e14b72096ae90f67386632ce0ae1b4c









أكثر...