برنامج RealPlayer صادف مشكلة ويجب اغلاقة

ا

العصفور

زيزوومى متألق
إنضم
24 يوليو 2008
المشاركات
293
مستوى التفاعل
0
النقاط
360
الإقامة
DUBAI - U . A . E
غير متصل
السلام عليكم اعضاء المنتدي الكرام
عندي مشكلة برنامج RealPlayer يرفض ان يعمل مسحتة ورديت وثبته ولكن
تظهر لي نفس المشكلة وهذي الرسالة الي تظهر لي عند محاولتي تشغيل البرنامج

i2778_.JPG


وارجوا منكم ان تتكرمون بمساعدتي لحل هذه المشكلة لان عندي ملفات مهمة لا تعمل الي
بواسطة هذا البرنامج وتقبلوا مني خالص الشكر وانا في انتظار ردكم
عندي وندوز xp بروفشنال sp2
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
الله يحييك اخوي
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
تأييد 0
مشكور اخوي ماكس علي المساعدة واسف بتاخري في الرد وهذا تقرير الهايجك الي طلبتة

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:41 PM, on 4/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Ict\AcceleNet\AcceleNetClient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Ict\AcceleNet\ClientSideProxy.exe
C:\Program Files\Nawras Internet-E220\Nawras Internet-E220\Mobile Connect.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Pando Networks\Pando\pando.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Al Asfoor\Desktop\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\ONSPEED\components\NOWImaging.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B930BA63-9E5A-11D3-A288-0000E80E2EDE} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [CyberLat Ram Cleaner] C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [AcceleNet Client Application] C:\Program Files\Ict\AcceleNet\AcceleNetClient.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BeamFile] "C:\PROGRA~1\BEAMFILE\BeamFile.exe" "C:\Documents and Settings\Al Asfoor\Desktop\download\link(2).bfl"/background/background/background/background/background/background/background/background/background/background/background/background/background/background/background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &إنزال الكل باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_All.htm
O8 - Extra context menu item: &إنزال باستعمال ماس دونلوودر - C:\Program Files\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Show all images in original quality - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Show image in original quality - C:\Program Files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Update Page Content - C:\Program Files\Ict\AcceleNet\refreshpage.htm
O8 - Extra context menu item: View All Originals On Page - C:\Program Files\Ict\AcceleNet\getoriginal.htm
O8 - Extra context menu item: View Original Image - C:\Program Files\Ict\AcceleNet\getoriginal.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{2F6CAA56-0C5A-4461-8820-1AED8A0F3127}: NameServer = 213.42.20.20,195.229.241.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{8610C9AB-5AEF-43A7-8E69-8300C0B16EAD}: NameServer = 212.72.1.186 212.72.23.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{2F6CAA56-0C5A-4461-8820-1AED8A0F3127}: NameServer = 213.42.20.20,195.229.241.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{2F6CAA56-0C5A-4461-8820-1AED8A0F3127}: NameServer = 213.42.20.20,195.229.241.222
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee SpamKiller Server (MskService) - Unknown owner - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: CHIPDRIVE SCARD Service (TWKSCARDSRV) - Unknown owner - C:\WINDOWS\SCARDS32.EXE (file missing)
--
End of file - 8902 bytes
 
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
وهذا تقرير اداة ComboFix الي طلبتة

ComboFix 09-04-04.01 - Al Asfoor 2009-04-06 22:32:01.3 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.971.1033.18.255.47 [GMT 4:00]
Running from: c:\documents and settings\Al Asfoor\Desktop\ComboFix.exe
AV: Eset NOD32 antivirus system 2.51 *On-access scanning enabled* (Updated)
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_OREANS32
-------\Service_oreans32

((((((((((((((((((((((((( Files Created from 2009-03-06 to 2009-04-06 )))))))))))))))))))))))))))))))
.
2012-02-17 19:22 . 2006-09-07 23:42 3,120 --a------ c:\windows\MF_C421.lfa
2012-02-17 19:22 . 2006-09-07 23:42 3,120 --a------ c:\windows\MF_C420.lfa
2009-04-06 22:28 . 2006-03-02 23:42 73,728 --a------ C:\pv.exe
2009-04-04 21:54 . 2009-04-04 21:54 <DIR> d-------- c:\program files\The KMPlayer
2009-04-04 01:51 . 2009-04-04 01:51 <DIR> d-------- c:\program files\Common Files\xing shared
2009-04-03 17:40 . 2009-04-03 17:40 <DIR> d-------- c:\program files\Real
2009-04-03 17:13 . 2009-04-03 17:13 <DIR> d-------- c:\documents and settings\Al Asfoor\Application Data\Media Player Classic
2009-04-03 17:12 . 2008-07-30 23:09 38 --a------ c:\windows\avisplitter.ini
2009-04-03 17:11 . 2009-04-03 17:11 <DIR> d-------- c:\program files\K-Lite Codec Pack
2009-04-03 17:11 . 2008-09-20 01:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-04-03 17:11 . 2008-09-24 22:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-04-03 17:11 . 2008-01-10 16:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2009-04-03 17:11 . 2004-01-25 20:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-04-03 17:11 . 2008-01-10 16:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2009-04-03 17:11 . 2007-09-21 04:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-04-03 17:11 . 2008-09-25 12:03 81,920 --a------ c:\windows\system32\dpl100.dll
2009-04-03 17:11 . 2008-11-02 18:02 7,680 --a------ c:\windows\system32\ff_vfw.dll
2009-04-03 17:11 . 2007-07-10 20:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-04-03 17:11 . 2008-10-03 16:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-04-03 09:38 . 2009-04-03 09:38 332 --a------ c:\windows\desctemp.dat
2009-04-02 19:10 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-04-02 19:10 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\dllcache\usbccgp.sys
2009-04-02 19:09 . 2007-04-19 23:27 88,960 --a------ c:\windows\system32\drivers\ewusbmdm.sys
2009-04-02 19:09 . 2007-04-19 23:27 24,448 --a------ c:\windows\system32\drivers\ewdcsc.sys
2009-04-02 14:09 . 2009-04-02 14:09 <DIR> d-------- c:\program files\Nawras Internet-E220
2009-03-31 23:59 . 2009-03-31 23:59 <DIR> d-------- c:\documents and settings\Al Asfoor\Application Data\cleaner1
2009-03-12 01:31 . 2009-03-12 01:31 <DIR> d-------- c:\windows\system32\CatRoot2
2009-03-11 11:53 . 2009-03-11 11:53 <DIR> d-------- c:\documents and settings\Al Asfoor\Application Data\Thinstall
2009-03-11 11:17 . 2009-03-11 11:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2009-03-11 11:17 . 2009-03-11 11:17 <DIR> d-------- c:\documents and settings\Al Asfoor\Application Data\URSoft
2009-03-11 10:39 . 2009-03-11 10:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Bluetooth
2009-03-11 10:31 . 2009-03-11 10:31 <DIR> d-------- c:\program files\IVT Corporation
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-03 08:18 68,752 ----a-w c:\documents and settings\Al Asfoor\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2009-03-31_23.58.31.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2000-08-31 04:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 04:00:00 29,696 ----a-w c:\windows\Nircmd.exe
- 2003-08-31 21:23:08 609,280 ------w c:\windows\system32\divx.dll
+ 2008-10-28 22:35:56 684,032 ----a-w c:\windows\system32\divx.dll
+ 2009-02-03 02:07:18 240,544 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10b.exe
+ 2009-04-03 06:25:16 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2006-10-12 02:25:26 58,596 ----a-w c:\windows\system32\perfc009.dat
+ 2009-04-02 15:11:52 58,596 ----a-w c:\windows\system32\perfc009.dat
- 2006-10-12 02:25:26 392,296 ----a-w c:\windows\system32\perfh009.dat
+ 2009-04-02 15:11:52 392,296 ----a-w c:\windows\system32\perfh009.dat
- 2009-03-11 16:29:34 278,528 ----a-w c:\windows\system32\pncrt.dll
+ 2009-04-03 21:50:26 278,528 ----a-w c:\windows\system32\pncrt.dll
- 2009-03-11 16:29:36 6,656 ----a-w c:\windows\system32\pndx5016.dll
+ 2009-04-03 21:50:30 6,656 ----a-w c:\windows\system32\pndx5016.dll
- 2009-03-11 16:29:36 5,632 ----a-w c:\windows\system32\pndx5032.dll
+ 2009-04-03 21:50:30 5,632 ----a-w c:\windows\system32\pndx5032.dll
- 2009-03-11 16:29:54 176,167 ----a-w c:\windows\system32\rmoc3260.dll
+ 2009-04-03 21:50:48 185,920 ----a-w c:\windows\system32\rmoc3260.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"BeamFile"="c:\progra~1\BEAMFILE\BeamFile.exe" [2006-06-19 5283840]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-09-30 190024]
"Pando"="c:\program files\Pando Networks\Pando\Pando.exe" [2007-10-18 5207368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CyberLat Ram Cleaner"="c:\program files\CyberLat\CyberLat RAM Cleaner 2" [X]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-09-30 190024]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-09-02 921600]
"AcceleNet Client Application"="c:\program files\Ict\AcceleNet\AcceleNetClient.exe" [2007-05-03 266240]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-04 185872]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\Al Asfoor\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2006-07-16 626176]
[HKLM\~\startupfolder\C:^Documents and Settings^Al Asfoor^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^802.11g Wireless Client Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\802.11g Wireless Client Utility.lnk
backup=c:\windows\pss\802.11g Wireless Client Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^IdiomaX Translation Assistant.lnk]
backup=c:\windows\pss\IdiomaX Translation Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTT]
c:\htt-humaxgbox\HTT-Startup.bat\ [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2004-08-03 18:32 208952 c:\windows\ime\IMJP8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2004-08-03 18:32 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2004-08-03 18:32 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2009-04-04 01:50 185872 c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2003-12-18 10:00 64512 c:\windows\SOUNDMAN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Al-Ufuq Internet Timer\\TimerTool.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
R0 TwkMs;CHIPDRIVE Mouse Adapter;c:\windows\system32\drivers\TWKMS.SYS [2006-07-26 7968]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPortIO.SYS [2006-07-12 3584]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [2006-08-02 5152]
R2 TwkPCSC;CHIPDRIVE PC/SC Drivers;c:\windows\system32\drivers\TWKPCSC.SYS [2006-07-26 20220]
S2 ioperm;ioperm support for Cygwin driver;\??\c:\htt-humaxgbox\cygwin\bin\ioperm.sys --> c:\htt-humaxgbox\cygwin\bin\ioperm.sys [?]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [2005-10-20 22752]
S2 TWKSCARDSRV;CHIPDRIVE SCARD Service;c:\windows\SCARDS32.EXE --> c:\windows\SCARDS32.EXE [?]
S3 ATHFMWDL;802.11 USB Wireless Adapter Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [2006-09-30 43392]
S3 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-03 32512]
S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-01-23 13952]
S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2004-01-23 28800]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51b291b4-1f6b-11de-9bd2-aabbcc563412}]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f72c22-1f74-11de-9bd4-aabbcc563412}]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f72c23-1f74-11de-9bd4-aabbcc563412}]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa10454-1f9a-11de-9bd8-aabbcc563412}]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8fa10455-1f9a-11de-9bd8-aabbcc563412}]
\Shell\AutoRun\command - H:\AutoRun.exe
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-DvdHelp - c:\docume~1\ALASFO~1\APPLIC~1\GRAMBA~1\warnmfcd.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.om/
uInternet Settings,ProxyServer = http=
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: &إنزال الكل باستعمال ماس دونلوودر - c:\program files\Mass Downloader\Add_All.htm
IE: &إنزال باستعمال ماس دونلوودر - c:\program files\Mass Downloader\Add_Url.htm
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Show all images in original quality - c:\program files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: Show image in original quality - c:\program files\
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
IE: Update Page Content - c:\program files\Ict\AcceleNet\refreshpage.htm
IE: View All Originals On Page - c:\program files\Ict\AcceleNet\getoriginal.htm
IE: View Original Image - c:\program files\Ict\AcceleNet\getoriginal.htm
LSP: c:\windows\system32\imon.dll
TCP: {2F6CAA56-0C5A-4461-8820-1AED8A0F3127} = 213.42.20.20,195.229.241.222
DPF: Microsoft XML Parser for Java
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-06 22:54:07
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...

C:\sccfg.sys 16384 bytes
scan completed successfully
hidden files: 1
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\ACS.EXE
c:\windows\System32\SCardSvr.exe
c:\windows\SYSTEM32\NETDDE.EXE
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Ict\AcceleNet\ClientSideProxy.exe
.
**************************************************************************
.
Completion time: 2009-04-06 22:56:58 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-06 18:56:54
ComboFix2.txt 2009-03-31 20:00:22
Pre-Run: 12,472,369,152 bytes free
Post-Run: 12,481,150,976 bytes free
209
 
تأييد 0
جرب حذف الريل بلاير اللي عندك
وتنصيب نسخة احدث
 
تأييد 0
جربت عدة اصدارات واخرها RealPlayer Gold v11.0.5 Build 6.0.14.826 Plus Final
ولكن واجهت نفس رسالة الخطا تظهر لي كل ما حاولت اشغل اليرنامج
وشاكر لك تعاونك وسعة صدرك
 
تأييد 0
طيب اخي احذف كل مشغلات الفديو عندك وخلي الريل بلاير فقط حالياا
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى