- بادئ الموضوع الشوكاني
- تاريخ البدء
- 896
AbOdy
عضو شرف
- إنضم
- 17 سبتمبر 2007
- المشاركات
- 6,865
- مستوى التفاعل
- 91
- النقاط
- 840
غير متصل
وعليكم السلامه ورحمه الله
احذفه واعد تثبيت البرنامج
وعطني هذا التقرير
حمل هذا البرنامج
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
=====================================
احذفه واعد تثبيت البرنامج
وعطني هذا التقرير
حمل هذا البرنامج
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
=====================================
التعديل الأخير بواسطة المشرف:
توقيع : AbOdy
تأييد
0
الشوكاني
زيزوومي جديد
غير متصل
Scan saved at 05:21:27 ص, on 25/06/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
--
End of file - 8916 bytes
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
--
End of file - 8916 bytes
تأييد
0
AbOdy
عضو شرف
- إنضم
- 17 سبتمبر 2007
- المشاركات
- 6,865
- مستوى التفاعل
- 91
- النقاط
- 840
غير متصل
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
توقيع : AbOdy
تأييد
0
الشوكاني
زيزوومي جديد
غير متصل
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.966.1025.18.1015.430 [GMT 3:00]
Running from: c:\users\user\Downloads\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))))
.
2009-06-25 03:50 . 2009-06-25 03:50 -------- d-----w- c:\users\user\AppData\Local\temp
2009-06-25 03:07 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-25 03:07 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 03:01 . 2009-06-25 03:01 92 ----a-w- c:\users\user\AppData\Local\fusioncache.dat
2009-06-25 03:01 . 2009-06-25 03:02 -------- d-----w- c:\users\user\AppData\Local\ApplicationHistory
2009-06-25 02:57 . 2009-06-25 02:57 -------- d-----w- c:\program files\MSXML 4.0
2009-06-25 02:51 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll
2009-06-25 02:51 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll
2009-06-25 02:50 . 2009-03-03 04:40 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-06-25 02:50 . 2009-03-03 04:36 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-06-25 02:50 . 2009-03-03 04:46 3547632 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-06-25 02:50 . 2009-03-03 04:39 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-06-25 02:50 . 2009-03-03 04:46 3599328 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-06-25 02:50 . 2009-03-03 04:40 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-06-25 02:50 . 2009-03-03 03:04 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-06-25 02:50 . 2009-03-03 02:16 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-06-25 02:47 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-25 02:46 . 2009-06-25 02:46 -------- d-----w- c:\users\user\AppData\Roaming\GRETECH
2009-06-25 02:44 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll
2009-06-25 02:44 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll
2009-06-25 02:44 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll
2009-06-25 02:44 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe
2009-06-25 02:44 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe
2009-06-25 02:44 . 2008-04-10 05:12 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-06-25 02:44 . 2008-05-10 01:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-06-25 02:44 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll
2009-06-25 02:25 . 2009-06-25 02:25 -------- d-----w- c:\program files\GRETECH
2009-06-25 02:21 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-06-25 02:21 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-06-25 02:21 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-06-25 02:21 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-06-25 02:21 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-06-25 02:21 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-06-25 02:21 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-06-25 02:21 . 2008-10-16 11:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-06-25 02:21 . 2008-10-16 10:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-06-25 02:20 . 2009-06-25 02:20 -------- d-----w- c:\program files\Trend Micro
2009-06-25 02:20 . 2008-09-28 19:00 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2009-06-25 01:38 . 2009-06-23 07:06 52224 ----a-w- c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\FFExternalAlert.dll
2009-06-25 01:38 . 2009-06-23 07:06 114688 ----a-w- c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\npmozax.dll
2009-06-25 01:32 . 2009-06-25 01:32 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-25 01:32 . 2008-11-12 13:44 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-25 01:32 . 2008-11-12 13:44 17152 ----a-w- c:\windows\system32\authuitu.dll
2009-06-25 01:32 . 2009-06-25 01:32 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-25 01:31 . 2009-06-25 01:31 -------- d-----w- c:\users\user\AppData\Roaming\TuneUp Software
2009-06-25 01:31 . 2009-06-25 01:31 -------- d-----w- c:\programdata\TuneUp Software
2009-06-25 01:00 . 2009-06-25 01:32 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-25 00:58 . 2009-06-25 03:18 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-25 00:24 . 2009-06-25 00:24 -------- d-----w- c:\users\user\AppData\Roaming\BitDefender
2009-06-25 00:23 . 2009-06-25 03:20 -------- d-----w- c:\program files\BitDefender
2009-06-25 00:23 . 2009-06-25 00:27 -------- d-----w- c:\programdata\BitDefender
2009-06-25 00:22 . 2009-06-25 00:22 -------- d-----w- c:\windows\system32\URTTEMP
2009-06-25 00:18 . 2009-06-25 03:20 -------- d-----w- c:\program files\Common Files\BitDefender
2009-06-25 00:12 . 2009-06-25 00:12 -------- d-----w- c:\users\user\AppData\Roaming\vlc
2009-06-25 00:09 . 2009-06-25 00:09 198064 ----a-w- c:\users\user\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-25 00:08 . 2009-06-25 03:50 -------- d-----w- c:\users\user\AppData\Roaming\DMCache
2009-06-25 00:08 . 2009-06-25 00:09 -------- d-----w- c:\users\user\AppData\Roaming\IDM
2009-06-24 23:56 . 2009-06-25 03:23 -------- d-----w- c:\program files\Internet Download Manager
2009-06-24 23:54 . 2009-06-24 23:54 -------- d-----w- c:\users\user\AppData\Local\Mozilla
2009-06-24 22:03 . 2009-06-24 11:09 -------- d-----w- c:\windows\Panther
2009-06-24 22:03 . 2009-06-24 22:03 -------- d-sh--w- C:\Boot
2009-06-24 21:21 . 2009-06-24 21:21 -------- d-----w- c:\users\user\AppData\Roaming\Media Player Classic
2009-06-24 20:02 . 2009-06-24 20:02 -------- d-----w- c:\program files\Cisco
2009-06-24 20:01 . 2009-06-24 20:01 -------- d-----w- c:\windows\system32\no-NO
2009-06-24 20:01 . 2009-06-24 20:01 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2009-06-24 20:01 . 2009-06-24 20:01 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll
2009-06-24 20:01 . 2009-06-24 20:01 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll
2009-06-24 20:01 . 2009-06-24 20:01 3502080 ----a-w- c:\windows\system32\bcmihvui.dll
2009-06-24 20:01 . 2009-06-24 20:01 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2009-06-24 20:01 . 2009-06-24 20:01 -------- d-----w- c:\program files\Broadcom
2009-06-24 19:58 . 2007-09-27 14:28 12800 ----a-w- c:\windows\HPNICVersion.dll
2009-06-24 19:27 . 2008-04-14 11:39 9344 ----a-w- c:\windows\system32\drivers\CPQBttn.sys
2009-06-24 19:27 . 2007-06-18 14:12 16768 ----a-w- c:\windows\system32\drivers\HpqKbFiltr.sys
2009-06-24 19:27 . 2006-11-02 04:09 1419232 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01005.dll
2009-06-24 19:27 . 2008-08-06 14:06 1560576 ----a-w- c:\windows\system32\BttnCmns_64.dll
2009-06-24 19:27 . 2006-06-30 03:46 1560576 ----a-w- c:\windows\system32\BttnCmns.dll
2009-06-24 19:27 . 2005-10-31 12:30 987136 ----a-w- c:\windows\system32\BttnCmn.dll
2009-06-24 15:49 . 2009-06-24 15:49 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-24 15:41 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\ar
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\wbem\ar-SA
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\ar-SA
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\drivers\ar-SA
2009-06-24 15:39 . 2009-06-24 15:39 -------- d-----w- C:\Vistalizator_
2009-06-24 15:38 . 2009-06-24 15:38 -------- d-----w- C:\Arabic 32 bit with SP1
2009-06-24 15:37 . 2009-06-24 15:37 -------- d-----w- c:\program files\The KMPlayer
2009-06-24 15:36 . 2007-01-20 18:26 1565480 ----a-w- c:\windows\system32\wmv9vcm.dll
2009-06-24 15:36 . 2006-11-01 11:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2009-06-24 15:36 . 2004-01-25 15:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-06-24 15:36 . 2007-02-01 02:56 639066 ----a-w- c:\windows\system32\divx.dll
2009-06-24 15:36 . 2007-01-30 03:03 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-06-24 15:36 . 2007-01-30 03:03 200704 ----a-w- c:\windows\system32\ssldivx.dll
2009-06-24 15:36 . 2007-01-30 03:03 1044480 ----a-w- c:\windows\system32\libdivx.dll
2009-06-24 15:36 . 2007-01-30 02:56 73728 ----a-w- c:\windows\system32\dpl100.dll
2009-06-24 15:36 . 2007-01-30 02:56 196608 ----a-w- c:\windows\system32\dtu100.dll
2009-06-24 15:36 . 2006-11-01 11:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-24 15:36 . 2007-02-21 18:00 10752 ----a-w- c:\windows\system32\ff_vfw.dll
2009-06-24 15:36 . 2009-06-24 15:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-24 15:35 . 2009-06-24 15:35 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-24 15:35 . 2009-06-24 15:35 -------- d-----w- c:\program files\Java
2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\program files\Windows Live
2009-06-24 15:34 . 2009-06-24 21:26 -------- d-----w- c:\program files\Google
2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\users\user\AppData\Local\Google
2009-06-24 15:33 . 2009-06-25 00:47 -------- d-----w- c:\programdata\Skype
2009-06-24 15:32 . 2009-06-24 15:32 -------- d-----w- c:\program files\VideoLAN
2009-06-24 15:25 . 2009-06-24 15:25 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-24 15:25 . 2009-06-24 15:25 -------- d-----w- c:\program files\Common Files\Real
2009-06-24 15:24 . 2009-06-24 15:24 -------- d-----w- c:\program files\Real
2009-06-24 15:23 . 2009-06-25 00:26 -------- d-----w- c:\windows\system32\Macromed
2009-06-24 15:15 . 2009-06-24 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-24 14:59 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-06-24 14:58 . 2009-06-24 14:58 -------- d-----w- c:\program files\Microsoft Works
2009-06-24 14:57 . 2009-06-24 14:57 -------- d-----w- c:\windows\PCHEALTH
2009-06-24 14:57 . 2009-06-24 14:57 -------- d-----w- c:\program files\Microsoft.NET
2009-06-24 14:56 . 2009-06-24 14:56 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-06-24 14:55 . 2009-06-24 14:55 -------- d-----w- c:\users\user\AppData\Local\Microsoft Help
2009-06-24 14:55 . 2009-06-24 15:00 -------- d-----w- c:\programdata\Microsoft Help
2009-06-24 14:55 . 2009-06-24 14:55 -------- d--h--r- C:\MSOCache
2009-06-24 14:47 . 2009-06-24 14:47 -------- d-----w- c:\program files\AVG
2009-06-24 14:20 . 2009-06-24 14:20 -------- d-----w- c:\windows\system32\Lang
2009-06-24 14:20 . 2007-09-24 09:27 920088 ----a-w- c:\windows\system32\igxpun.exe
2009-06-24 14:20 . 2006-11-10 06:25 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-06-24 14:18 . 2007-07-26 13:15 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-24 14:18 . 2009-06-24 14:26 -------- d-----w- C:\Intel
2009-06-24 14:17 . 2007-05-07 11:16 13312 ------w- c:\windows\HPModemVersion.dll
2009-06-24 14:17 . 2007-01-02 12:01 68096 ----a-w- c:\windows\agrsmdel.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-25 03:44 . 2009-06-24 11:16 1356 ----a-w- c:\users\user\AppData\Local\d3d9caps.dat
2009-06-25 02:20 . 2009-06-25 02:20 6027 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-24 15:41 . 2009-06-24 15:41 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfd.dat
2009-06-24 15:41 . 2009-06-24 15:41 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfc.dat
2009-06-24 15:41 . 2009-06-24 15:41 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfi.dat
2009-06-24 15:41 . 2009-06-24 15:41 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfh.dat
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-24 15:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-24 14:58 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-06-24 14:27 . 2009-06-24 14:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-24 14:12 . 2009-06-24 14:12 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-03-05 15:08 . 2009-06-25 00:27 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-08-16 5728112]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2009-06-24 171448]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-07 2807216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 137752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-24 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 148888]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-24 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2B979A3F-5AEC-41AC-BC38-788AC7DBA34F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{425E5528-625C-45B7-B604-A7032EEDF557}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5B79B6C8-7CBC-4881-8154-B488A17CA090}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{9C65DE41-C003-4542-835B-7602DA83AF7E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{99B55E62-6638-4E44-8387-D0BBF0479F38}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8093302C-E1BA-4CAC-8B78-19A7A2181D64}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [25/06/09 04:32 ص 603904]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [24/06/09 10:27 م 193840]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-06-25 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
.
.
------- Supplementary Scan -------
.
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2204547&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - bestarabsites Customized Web Search
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2204547&SearchSource=2&q=
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\users\user\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\FFExternalAlert.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-06-25 06:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3972)
c:\windows\system32\btmmhook.dll
.
Completion time: 2009-06-25 6:51
ComboFix-quarantined-files.txt 2009-06-25 03:51
Pre-Run: 54,408,069,120 bytes free
Post-Run: 54,209,220,608 bytes free
256 --- E O F --- 2009-06-25 03:32
Running from: c:\users\user\Downloads\ComboFix.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
SP: BitDefender Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))))
.
2009-06-25 03:50 . 2009-06-25 03:50 -------- d-----w- c:\users\user\AppData\Local\temp
2009-06-25 03:07 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-06-25 03:07 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 03:01 . 2009-06-25 03:01 92 ----a-w- c:\users\user\AppData\Local\fusioncache.dat
2009-06-25 03:01 . 2009-06-25 03:02 -------- d-----w- c:\users\user\AppData\Local\ApplicationHistory
2009-06-25 02:57 . 2009-06-25 02:57 -------- d-----w- c:\program files\MSXML 4.0
2009-06-25 02:51 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll
2009-06-25 02:51 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll
2009-06-25 02:50 . 2009-03-03 04:40 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll
2009-06-25 02:50 . 2009-03-03 04:36 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll
2009-06-25 02:50 . 2009-03-03 04:46 3547632 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-06-25 02:50 . 2009-03-03 04:39 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-06-25 02:50 . 2009-03-03 04:46 3599328 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-06-25 02:50 . 2009-03-03 04:40 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll
2009-06-25 02:50 . 2009-03-03 03:04 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-06-25 02:50 . 2009-03-03 02:16 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2009-06-25 02:47 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-25 02:46 . 2009-06-25 02:46 -------- d-----w- c:\users\user\AppData\Roaming\GRETECH
2009-06-25 02:44 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll
2009-06-25 02:44 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll
2009-06-25 02:44 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll
2009-06-25 02:44 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe
2009-06-25 02:44 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe
2009-06-25 02:44 . 2008-04-10 05:12 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-06-25 02:44 . 2008-05-10 01:33 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-06-25 02:44 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll
2009-06-25 02:25 . 2009-06-25 02:25 -------- d-----w- c:\program files\GRETECH
2009-06-25 02:21 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-06-25 02:21 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-06-25 02:21 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-06-25 02:21 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-06-25 02:21 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-06-25 02:21 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-06-25 02:21 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-06-25 02:21 . 2008-10-16 11:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-06-25 02:21 . 2008-10-16 10:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-06-25 02:20 . 2009-06-25 02:20 -------- d-----w- c:\program files\Trend Micro
2009-06-25 02:20 . 2008-09-28 19:00 439440 ----a-w- c:\program files\un_Internet Download Manager_16575.exe
2009-06-25 01:38 . 2009-06-23 07:06 52224 ----a-w- c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\FFExternalAlert.dll
2009-06-25 01:38 . 2009-06-23 07:06 114688 ----a-w- c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\npmozax.dll
2009-06-25 01:32 . 2009-06-25 01:32 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-06-25 01:32 . 2008-11-12 13:44 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-06-25 01:32 . 2008-11-12 13:44 17152 ----a-w- c:\windows\system32\authuitu.dll
2009-06-25 01:32 . 2009-06-25 01:32 362240 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-06-25 01:31 . 2009-06-25 01:31 -------- d-----w- c:\users\user\AppData\Roaming\TuneUp Software
2009-06-25 01:31 . 2009-06-25 01:31 -------- d-----w- c:\programdata\TuneUp Software
2009-06-25 01:00 . 2009-06-25 01:32 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-06-25 00:58 . 2009-06-25 03:18 81984 ----a-w- c:\windows\system32\bdod.bin
2009-06-25 00:24 . 2009-06-25 00:24 -------- d-----w- c:\users\user\AppData\Roaming\BitDefender
2009-06-25 00:23 . 2009-06-25 03:20 -------- d-----w- c:\program files\BitDefender
2009-06-25 00:23 . 2009-06-25 00:27 -------- d-----w- c:\programdata\BitDefender
2009-06-25 00:22 . 2009-06-25 00:22 -------- d-----w- c:\windows\system32\URTTEMP
2009-06-25 00:18 . 2009-06-25 03:20 -------- d-----w- c:\program files\Common Files\BitDefender
2009-06-25 00:12 . 2009-06-25 00:12 -------- d-----w- c:\users\user\AppData\Roaming\vlc
2009-06-25 00:09 . 2009-06-25 00:09 198064 ----a-w- c:\users\user\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
2009-06-25 00:08 . 2009-06-25 03:50 -------- d-----w- c:\users\user\AppData\Roaming\DMCache
2009-06-25 00:08 . 2009-06-25 00:09 -------- d-----w- c:\users\user\AppData\Roaming\IDM
2009-06-24 23:56 . 2009-06-25 03:23 -------- d-----w- c:\program files\Internet Download Manager
2009-06-24 23:54 . 2009-06-24 23:54 -------- d-----w- c:\users\user\AppData\Local\Mozilla
2009-06-24 22:03 . 2009-06-24 11:09 -------- d-----w- c:\windows\Panther
2009-06-24 22:03 . 2009-06-24 22:03 -------- d-sh--w- C:\Boot
2009-06-24 21:21 . 2009-06-24 21:21 -------- d-----w- c:\users\user\AppData\Roaming\Media Player Classic
2009-06-24 20:02 . 2009-06-24 20:02 -------- d-----w- c:\program files\Cisco
2009-06-24 20:01 . 2009-06-24 20:01 -------- d-----w- c:\windows\system32\no-NO
2009-06-24 20:01 . 2009-06-24 20:01 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2009-06-24 20:01 . 2009-06-24 20:01 87280 ----a-w- c:\windows\system32\bcmwlcoi.dll
2009-06-24 20:01 . 2009-06-24 20:01 3809280 ----a-w- c:\windows\system32\bcmihvsrv.dll
2009-06-24 20:01 . 2009-06-24 20:01 3502080 ----a-w- c:\windows\system32\bcmihvui.dll
2009-06-24 20:01 . 2009-06-24 20:01 1331192 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2009-06-24 20:01 . 2009-06-24 20:01 -------- d-----w- c:\program files\Broadcom
2009-06-24 19:58 . 2007-09-27 14:28 12800 ----a-w- c:\windows\HPNICVersion.dll
2009-06-24 19:27 . 2008-04-14 11:39 9344 ----a-w- c:\windows\system32\drivers\CPQBttn.sys
2009-06-24 19:27 . 2007-06-18 14:12 16768 ----a-w- c:\windows\system32\drivers\HpqKbFiltr.sys
2009-06-24 19:27 . 2006-11-02 04:09 1419232 ----a-w- c:\windows\system32\drivers\wdfcoinstaller01005.dll
2009-06-24 19:27 . 2008-08-06 14:06 1560576 ----a-w- c:\windows\system32\BttnCmns_64.dll
2009-06-24 19:27 . 2006-06-30 03:46 1560576 ----a-w- c:\windows\system32\BttnCmns.dll
2009-06-24 19:27 . 2005-10-31 12:30 987136 ----a-w- c:\windows\system32\BttnCmn.dll
2009-06-24 15:49 . 2009-06-24 15:49 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-24 15:41 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\ar
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\wbem\ar-SA
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\ar-SA
2009-06-24 15:40 . 2009-06-24 15:41 -------- d-----w- c:\windows\system32\drivers\ar-SA
2009-06-24 15:39 . 2009-06-24 15:39 -------- d-----w- C:\Vistalizator_
2009-06-24 15:38 . 2009-06-24 15:38 -------- d-----w- C:\Arabic 32 bit with SP1
2009-06-24 15:37 . 2009-06-24 15:37 -------- d-----w- c:\program files\The KMPlayer
2009-06-24 15:36 . 2007-01-20 18:26 1565480 ----a-w- c:\windows\system32\wmv9vcm.dll
2009-06-24 15:36 . 2006-11-01 11:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2009-06-24 15:36 . 2004-01-25 15:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-06-24 15:36 . 2007-02-01 02:56 639066 ----a-w- c:\windows\system32\divx.dll
2009-06-24 15:36 . 2007-01-30 03:03 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-06-24 15:36 . 2007-01-30 03:03 200704 ----a-w- c:\windows\system32\ssldivx.dll
2009-06-24 15:36 . 2007-01-30 03:03 1044480 ----a-w- c:\windows\system32\libdivx.dll
2009-06-24 15:36 . 2007-01-30 02:56 73728 ----a-w- c:\windows\system32\dpl100.dll
2009-06-24 15:36 . 2007-01-30 02:56 196608 ----a-w- c:\windows\system32\dtu100.dll
2009-06-24 15:36 . 2006-11-01 11:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2009-06-24 15:36 . 2007-02-21 18:00 10752 ----a-w- c:\windows\system32\ff_vfw.dll
2009-06-24 15:36 . 2009-06-24 15:36 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-24 15:35 . 2009-06-24 15:35 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-24 15:35 . 2009-06-24 15:35 -------- d-----w- c:\program files\Java
2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\program files\Windows Live
2009-06-24 15:34 . 2009-06-24 21:26 -------- d-----w- c:\program files\Google
2009-06-24 15:34 . 2009-06-24 15:34 -------- d-----w- c:\users\user\AppData\Local\Google
2009-06-24 15:33 . 2009-06-25 00:47 -------- d-----w- c:\programdata\Skype
2009-06-24 15:32 . 2009-06-24 15:32 -------- d-----w- c:\program files\VideoLAN
2009-06-24 15:25 . 2009-06-24 15:25 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-24 15:25 . 2009-06-24 15:25 -------- d-----w- c:\program files\Common Files\Real
2009-06-24 15:24 . 2009-06-24 15:24 -------- d-----w- c:\program files\Real
2009-06-24 15:23 . 2009-06-25 00:26 -------- d-----w- c:\windows\system32\Macromed
2009-06-24 15:15 . 2009-06-24 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-24 14:59 . 2006-10-26 16:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-06-24 14:58 . 2009-06-24 14:58 -------- d-----w- c:\program files\Microsoft Works
2009-06-24 14:57 . 2009-06-24 14:57 -------- d-----w- c:\windows\PCHEALTH
2009-06-24 14:57 . 2009-06-24 14:57 -------- d-----w- c:\program files\Microsoft.NET
2009-06-24 14:56 . 2009-06-24 14:56 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-06-24 14:55 . 2009-06-24 14:55 -------- d-----w- c:\users\user\AppData\Local\Microsoft Help
2009-06-24 14:55 . 2009-06-24 15:00 -------- d-----w- c:\programdata\Microsoft Help
2009-06-24 14:55 . 2009-06-24 14:55 -------- d--h--r- C:\MSOCache
2009-06-24 14:47 . 2009-06-24 14:47 -------- d-----w- c:\program files\AVG
2009-06-24 14:20 . 2009-06-24 14:20 -------- d-----w- c:\windows\system32\Lang
2009-06-24 14:20 . 2007-09-24 09:27 920088 ----a-w- c:\windows\system32\igxpun.exe
2009-06-24 14:20 . 2006-11-10 06:25 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-06-24 14:18 . 2007-07-26 13:15 53248 ----a-w- c:\windows\system32\CSVer.dll
2009-06-24 14:18 . 2009-06-24 14:26 -------- d-----w- C:\Intel
2009-06-24 14:17 . 2007-05-07 11:16 13312 ------w- c:\windows\HPModemVersion.dll
2009-06-24 14:17 . 2007-01-02 12:01 68096 ----a-w- c:\windows\agrsmdel.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-25 03:44 . 2009-06-24 11:16 1356 ----a-w- c:\users\user\AppData\Local\d3d9caps.dat
2009-06-25 02:20 . 2009-06-25 02:20 6027 ----a-w- c:\program files\un_Internet Download Manager_16575.txt
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-24 15:41 . 2009-06-24 15:41 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfd.dat
2009-06-24 15:41 . 2009-06-24 15:41 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfc.dat
2009-06-24 15:41 . 2009-06-24 15:41 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfi.dat
2009-06-24 15:41 . 2009-06-24 15:41 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfh.dat
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-24 15:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-24 15:41 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-24 14:58 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-06-24 14:27 . 2009-06-24 14:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-06-24 14:12 . 2009-06-24 14:12 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2009-03-05 15:08 . 2009-06-25 00:27 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-10-18 455968]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-08-16 5728112]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2009-06-24 171448]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-07 2807216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 137752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-24 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-24 148888]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-24 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{2B979A3F-5AEC-41AC-BC38-788AC7DBA34F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{425E5528-625C-45B7-B604-A7032EEDF557}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5B79B6C8-7CBC-4881-8154-B488A17CA090}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{9C65DE41-C003-4542-835B-7602DA83AF7E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{99B55E62-6638-4E44-8387-D0BBF0479F38}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{8093302C-E1BA-4CAC-8B78-19A7A2181D64}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [25/06/09 04:32 ص 603904]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [24/06/09 10:27 م 193840]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-06-25 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 13:28]
.
.
------- Supplementary Scan -------
.
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2204547&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - bestarabsites Customized Web Search
FF - prefs.js: browser.startup.homepage -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2204547&SearchSource=2&q=
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - component: c:\users\user\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\43ag7z4z.default\extensions\{c82ecb7d-e143-46cf-92a7-fc893430d4f0}\components\FFExternalAlert.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2009-06-25 06:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(3972)
c:\windows\system32\btmmhook.dll
.
Completion time: 2009-06-25 6:51
ComboFix-quarantined-files.txt 2009-06-25 03:51
Pre-Run: 54,408,069,120 bytes free
Post-Run: 54,209,220,608 bytes free
256 --- E O F --- 2009-06-25 03:32
تأييد
0
- الحالة