مالويربايت
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
نسخة قاعدة البيانات : v2012.03.06.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
a :: A-F28AED2B731C4 [مدير]
الحماية: ممكنة
07/03/2012 06:31:35 م
mbam-log-2012-03-07 (18-31-35).txt
نوع الفحص : فحص كامل
خيارت الفحص الممكنة: الذاكرة | بدء التشغيل | الريجستري | نظام الملفات | أساليب
بحثية/غير ذلك | Shuriken/أساليب بحثية | PUP | PUM
خيارات الفحص المعطلة: P2P
الكائنات المفحوصة : 292153
الوقت المنقضي : 40 دقيقة, 10 ثانية
عمليات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)
وحدات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)
مفاتيح الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)
قيم الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)
مواد بيانات الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)
المجلدات المصابة : 0
(لم يتم إكتشاف مواد ضارة)
الملفات المصابة : 0
(لم يتم إكتشاف مواد ضارة)
(و)
--------------------------------
2- هايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:14:24 م, on 07/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Client
Utility\TWCU.exe
C:\Program Files\AntiLogger\AntiLogger.exe
C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
=
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page
=
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-
17B458C2A3A8} - C:\Program Files\Internet Download
Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet
Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} -
C:\Documents and Settings\All Users\Application
Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecord
plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22
-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft
Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-
00955acaa0a7} - C:\PROGRA~1\WI9130~1
\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-
69135F087DB0} - C:\PROGRA~1\WI9130~1
\Datamngr\BROWSE~1.DLL
O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580
-A5073261A381} - C:\Program
Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-
435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6
\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-
BC86-EABFE594F69C} - C:\Program Files\Java\jre6
\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {8E718888-423F-11D2-876E-
00A0C9082467} - (no file)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-
00955acaa0a7} - C:\PROGRA~1\WI9130~1
\Datamngr\ToolBar\searchqudtx.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program
Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart
Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TP-LINK
Wireless Client Utility\TWCU.exe" -nogui
O4 - HKLM\..\Run: [FortKnoxPersonalFirewall] "C:\Program
Files\NETGATE\FortKnox Personal Firewall 2009
\FortKnoxGUI.exe"
O4 - HKLM\..\Run: [AntiLogger] "C:\Program
Files\AntiLogger\AntiLogger.exe" /minimized
O4 - HKLM\..\Run: [HitmanPro35] "C:\Program Files\Hitman Pro
3.5\HitmanPro35.exe" /scan:boot
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI9130~1
\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download
Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting]
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download
Manager - C:\Program Files\Internet Download
Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download
Manager - C:\Program Files\Internet Download
Manager\IEExt.htm
O9 - Extra button: ??? ?? OneNote - {2670000A-7350-4f3c-
8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12
\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: ?&?? ?? OneNote - {2670000A-
7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2
\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-
3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12
\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-
f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910
-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
x86/client/wuweb_site.cab?1294075866906
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-
A375-3CB6248B04CD} - C:\Program Files\Microsoft
Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\WI9130~1
\Datamngr\datamngr.dll C:\PROGRA~1\WI9130~1
\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-
A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32
\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache
daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros -
C:\WINDOWS\system32\acs.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program
Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FortKnox Personal Firewall (fortknox) -
NETGATE Technologies s.r.o. - C:\Program
Files\NETGATE\FortKnox Personal Firewall 2009\FortKnox.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) -
Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation -
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC
Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) -
TuneUp Software GmbH - C:\WINDOWS\System32
\TuneUpDefragService.exe
--
End of file - 7448 bytes
-------------------------------------------
3- البرامج المثبتة
====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3
====== قائمة البرامج المثبتة ======
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
AntiLogger
AntiLogger
Athan Basic 3.3
CCleaner
Cryptext (Remove Only)
CursorFX
CursorFX
DDD Pool 1.2
ESET Smart Security
Farm Frenzy 2
Farm Frenzy 3
File Scavenger 3.2
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.2.0603
FortKnox Personal Firewall 2009
Free PDF Tablet 0.1
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media *********** Driver
Internet Download Manager
Internet Download Manager 6.04 build 2
Java Auto Updater
Java(TM) 6 Update 24
K-Lite Mega Codec Pack 8.3.0
Lemmings for Windows 95
Malwarebytes Anti-Malware النسخة 1.60.1.1000
Mario Forever 5.01
Media Player Classic - Home Cinema 1.6.0.4014
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Hebrew) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Hebrew) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Hebrew) 2007
Microsoft Office InfoPath MUI (Hebrew) 2007
Microsoft Office OneNote MUI (Hebrew) 2007
Microsoft Office Outlook MUI (Hebrew) 2007
Microsoft Office PowerPoint MUI (Hebrew) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Hebrew) 2007
Microsoft Office Proof (Russian) 2007
Microsoft Office Proofing (Hebrew) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Hebrew) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Hebrew) 2007
Microsoft Office Word MUI (Hebrew) 2007
Microsoft Software Update for Web Folders (Hebrew) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 10.0.2 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSXML 6.0 Parser (KB925673)
Nero 6 Enterprise Edition
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
NVIDIA PhysX
Opera 11.01
PC Connectivity Solution
PhotoFiltre Studio
Pool 'm Up
Power Mp3 Cutter(Mp3 Sound Cutter) 1.40
Power Web2Pic 2.0
Project IGI
Readon TV Movie Radio Player 7.5.0.0
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB2288953)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Sjboy Beta4
SuperCopier2
Swiff Player 1.1
TeamViewer 6
TP-LINK Client Installation Program
TP-LINK Wireless Client Utility
TuneUp Utilities 2008
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB976662)
VLC media player 1.1.0
WebFldrs XP
Windows Internet Explorer 8
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Searchqu Toolbar
WinRAR 4.00 beta 1 (32-bit)
XML Paper Specification Shared Components Pack 1.0
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 4.7)
حزمة برامج تشغيل Windows - Nokia Modem (02/25/2011 7.01.0.9)
حزمة برامج تشغيل Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
.......
