مشكلة مالقيت لها حل بالـ كاسبر v8

  • بادئ الموضوع بادئ الموضوع nhoor
  • تاريخ البدء تاريخ البدء
N

nhoor

زيزوومي جديد
إنضم
19 يوليو 2009
المشاركات
48
مستوى التفاعل
0
النقاط
40
غير متصل
السلام عليكم ..

اخواني انا شريت برنامج كاسبر انترنت سكيورتي 2009 الاصلي وجا مع السي دي سيريال نمبر
ثبتت البرنامج وكل شي اوكي بس لما اجي اعمل تحديث يطلب مني تحديث ثاني لقاعدة البيانات واعمل تحديث ويوصل بسرعه ل 100 ويطلب تحديث ثاني وكمان ب مركز الامان كلشي اوك ماعدا الحمايه ضد الفايروسات غير مراقب وكمان استغربت ان المده الي عاطيني اياها لصلاحية البرنامج سنه كيف وهو اصلي ؟؟

مع اني كم مره اركب برامج حمايه من النت وتشتغل تمام ف ليش البرنامج الاصلي واجهني فيه مشكله؟ جربت احذف البرنامج وهم نفس الشي وجربت كل الحلول الموجوده هنا وماكو فايده
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وين الاخوان ؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟؟
 

تأييد 0
يااخوان رجعت ثبت النوود وحذفته ب برنامج ريمووف وهم نفس المشكله يعني ماالي الا الفورمات؟
 
تأييد 0
معذرة على التاخير
مالحاصل الان ؟
 
تأييد 0
ذا اخر تقرير _ بس صار لونه احمر ومش راضي يتحدث احدثه يطلب تحديث ثاني وبرضو التوقيت لازم يكون غلط لاني لو عدلته يقولي المفتاح خاطي ,, انا الي مجنني ان السي دي اصلي ):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:09:14 ص, on 27/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 8038 bytes
 
تأييد 0
وذي صوره للحاصل الان ): افكر اوديه اعمله فورمات واشوف شو المشكله ):


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

 
تأييد 0
اختي اضبطي التاريخ اولا
ثم اعملي تحديث
وماهي المشكلة اللي تصير لو كان الوقت صحيحا ؟
 
تأييد 0
تأييد 0
معقووله للان ماكو حل؟
 
تأييد 0
شلون اخوي انا دحين حذفته ةبرجع انصبه بس كيف اعمل اصلاح؟
 
تأييد 0
اخوي كم مره احذفه وانصبه ونفس الشي اذا غيرت التاريخ يقول الكاي غلط واذ خليت التاريخ غلط يضبط واعمل ابديت وتصير حمرا وصفرا ومايتحدث كل شوي يبي تحديث
 
تأييد 0
طيب خذي هالبرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



ارفعي الملف الناتج على اي مركز تحميل والصقي الرابط في ردك القادم
 
توقيع : البارون
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:57:40 م, on 27/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 6968 bytes
 
تأييد 0
عطل برامج الحماية عن العمل
نزل هذه الاداة


يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
 
توقيع : البارون
تأييد 0
ذا التقرير ..

ComboFix 09-07-26.03 - user 07/27/2009 23:53.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.223.87 [GMT 3:00]
Running from: c:\documents and settings\user\سطح المكتب\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\user\Local Settings\Temporary Internet Files\TestBrowser.html
c:\windows\Installer\42b3af.msi
c:\windows\system32\kakle.dll
.
((((((((((((((((((((((((( Files Created from 2009-06-27 to 2009-07-27 )))))))))))))))))))))))))))))))
.
2009-08-11 20:44 . 2009-08-11 20:44 -------- d-----w- c:\program files\ESET
2009-08-01 18:13 . 2009-08-01 18:13 -------- d-----w- c:\program files\Trend Micro
2009-07-29 18:16 . 2009-07-29 18:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-07-18 11:22 . 2009-07-18 11:22 0 ----a-w- c:\windows\nsreg.dat
2009-07-18 11:22 . 2009-07-18 11:22 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2009-07-18 11:11 . 2009-07-18 11:16 5931872 ----a-w- c:\documents and settings\user\Application Data\OpenCandy\WeFiSetup_5_142_4.exe
2009-07-18 11:11 . 2009-07-18 11:11 -------- d-----w- c:\documents and settings\user\Application Data\OpenCandy
2009-07-18 11:11 . 2009-07-18 11:11 -------- d-----w- c:\program files\Regensoft
2009-07-18 11:10 . 2009-07-18 11:10 -------- d-----w- c:\program files\AviSynth 2.5
2009-07-16 11:45 . 2009-07-16 11:45 -------- d-----w- c:\program files\VS Revo Group
2009-07-16 10:54 . 2009-07-15 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-07-15 21:30 . 2009-07-15 21:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-07-15 14:44 . 2009-07-15 14:44 -------- d-----w- c:\documents and settings\user\Application Data\ESET
2009-07-15 14:19 . 2009-07-15 15:26 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\ESET
2009-07-11 05:15 . 2009-07-30 17:39 -------- d-----w- c:\program files\Stop-the-Pop-Up Lite
2009-07-11 05:15 . 1997-11-19 12:49 303616 ----a-w- c:\windows\IsUninst.exe
2009-07-11 05:15 . 2009-07-11 05:15 -------- d-----w- c:\documents and settings\user\WINDOWS
2009-07-09 20:29 . 2009-07-09 20:29 389120 ----a-w- c:\documents and settings\user\Application Data\love dog remote\DashAudioBin.exe
2009-07-09 20:24 . 2009-07-29 20:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Memo save stupid creative
2009-07-09 20:23 . 2009-07-09 20:23 -------- d-----w- c:\program files\love dog remote
2009-07-09 20:23 . 2009-07-29 21:54 -------- d-----w- c:\documents and settings\user\Application Data\love dog remote
2009-07-09 20:22 . 2009-07-30 12:39 -------- d-----w- c:\program files\Circle Developement
2009-07-09 20:22 . 2009-07-09 20:22 -------- d-----w- c:\program files\Windows Live
2009-07-08 18:23 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2009-07-07 17:08 . 2009-08-02 16:46 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Adobe
2009-07-07 17:07 . 2009-07-15 02:34 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-07 10:04 . 2009-07-07 10:04 -------- d-----w- c:\documents and settings\user\Application Data\COWON
2009-07-06 15:34 . 2009-07-06 15:34 -------- d-----w- c:\program files\MSXML 4.0
2009-07-06 05:30 . 2009-07-27 20:48 -------- d-----w- c:\documents and settings\user\Application Data\HPAppData
2009-07-06 05:04 . 2009-07-06 05:04 -------- d-----w- c:\documents and settings\user\Application Data\HP
2009-07-06 05:03 . 2009-07-06 05:03 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-07-06 05:00 . 2009-07-06 05:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-07-06 04:59 . 2007-10-20 15:25 118272 ----a-w- c:\windows\system32\hpz3l5mu.dll
2009-07-06 04:42 . 2009-07-06 04:43 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-07-06 04:42 . 2009-07-06 04:42 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-07-06 04:41 . 2009-07-06 04:41 -------- d-----w- c:\program files\Common Files\HP
2009-07-06 04:41 . 2009-07-06 04:41 -------- d-----w- c:\program files\Hewlett-Packard
2009-07-06 04:41 . 2009-07-06 04:41 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-07-06 04:40 . 2008-01-25 12:22 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-07-06 04:40 . 2008-01-25 12:22 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2009-07-06 04:40 . 2008-01-25 12:22 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2009-07-06 04:40 . 2008-01-25 12:23 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-07-06 04:40 . 2008-01-25 12:22 729088 ----a-w- c:\windows\system32\hpowiax7.dll
2009-07-06 04:40 . 2008-01-25 12:22 303104 ----a-w- c:\windows\system32\hpovst15.dll
2009-07-06 04:40 . 2008-01-25 12:22 581632 ----a-w- c:\windows\system32\hpotscl6.dll
2009-07-06 04:40 . 2008-01-25 12:22 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2009-07-06 04:40 . 2008-01-25 12:22 309760 ----a-w- c:\windows\system32\difxapi.dll
2009-07-06 04:29 . 2009-07-07 09:10 -------- d-----w- c:\program files\HP
2009-07-06 04:24 . 2009-07-06 05:04 166395 ----a-w- c:\windows\hpoins28.dat
2009-07-06 04:24 . 2008-07-01 18:02 796 ------w- c:\windows\hpomdl28.dat
2009-07-05 13:12 . 2009-07-05 13:12 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2009-07-05 09:04 . 2009-07-05 19:42 -------- d-----w- c:\documents and settings\user\Application Data\Apple Computer
2009-07-05 04:48 . 2009-07-05 04:48 -------- d--h--w- c:\windows\PIF
2009-07-04 17:16 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-07-04 06:37 . 2009-07-04 06:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-04 05:02 . 2009-07-04 05:03 -------- d-----w- c:\program files\Common Files\COWON
2009-07-04 05:02 . 2009-07-04 05:03 -------- d-----w- c:\program files\JetAudio
2009-07-04 05:02 . 2009-07-04 05:02 -------- d-----w- c:\documents and settings\user\Application Data\InstallShield
2009-07-04 04:38 . 2009-07-04 04:59 -------- d-----w- c:\documents and settings\user\Application Data\Gold Wave Editor
2009-07-04 04:37 . 2005-05-18 08:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-07-04 04:37 . 2005-05-17 09:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2009-07-04 04:37 . 2005-04-25 10:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2009-07-04 04:37 . 2005-04-25 10:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2009-07-04 04:37 . 2005-04-04 14:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2009-07-04 04:37 . 2005-03-28 12:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2009-07-04 04:37 . 2005-03-28 12:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2009-07-04 04:37 . 2005-02-24 08:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-07-04 04:37 . 2005-04-15 09:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2009-07-04 04:37 . 2005-03-29 04:57 2084864 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2009-07-04 04:37 . 2004-11-04 10:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2009-07-04 04:37 . 2009-07-04 04:59 -------- d-----w- c:\program files\Gold Wave Editor
2009-07-04 03:47 . 2009-07-04 03:47 -------- d-----w- c:\windows\l2schemas
2009-07-04 03:47 . 2009-07-04 03:47 -------- d-----w- c:\windows\system32\ar
2009-07-04 03:47 . 2009-07-04 03:47 -------- d-----w- c:\windows\system32\bits
2009-07-04 03:43 . 2009-07-04 03:48 -------- d-----w- c:\windows\ServicePackFiles
2009-07-04 02:01 . 2004-08-03 19:29 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2009-07-03 22:59 . 2009-07-03 22:59 -------- d-----w- c:\windows\ie8updates
2009-07-03 21:16 . 2008-06-14 17:31 271616 ------w- c:\windows\system32\drivers\bthport.sys
2009-07-03 20:43 . 2008-04-21 21:14 215040 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-07-03 19:57 . 2009-07-15 17:27 -------- d--h--w- c:\windows\$hf_mig$
2009-07-03 19:44 . 2009-07-03 19:44 -------- d-sh--w- c:\documents and settings\user\IECompatCache
2009-07-03 19:44 . 2009-07-03 19:44 -------- d-sh--w- c:\documents and settings\user\PrivacIE
2009-07-03 19:42 . 2001-09-18 11:04 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-07-03 19:42 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-07-03 19:42 . 2004-08-03 21:55 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-07-03 19:42 . 2009-07-03 19:42 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-07-03 19:42 . 2009-07-03 19:42 -------- d-sh--w- c:\documents and settings\user\IETldCache
2009-07-03 19:33 . 2009-07-03 19:34 -------- dc-h--w- c:\windows\ie8
2009-07-03 19:33 . 2009-07-04 03:47 -------- d-----w- c:\windows\system32\ar-SA
2009-07-03 18:04 . 2009-08-01 19:17 -------- d-----w- c:\documents and settings\user\Contacts
2009-07-03 18:02 . 2008-04-14 15:59 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-07-03 18:02 . 2008-04-14 15:40 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-07-03 18:02 . 2001-09-18 10:38 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-07-03 18:02 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-07-03 18:02 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-16 02:30 . 2009-07-02 19:31 103584 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-15 23:00 . 2009-07-15 23:00 12860 ----a-w- c:\windows\Fonts\download-الخط-الفارسي-المحبوب-2631.htm
2009-07-15 14:19 . 2009-07-02 20:18 -------- d-----w- c:\program files\Real_SC
2009-07-15 02:30 . 2009-07-02 20:10 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-12 00:22 . 2001-09-19 12:00 59544 ----a-w- c:\windows\system32\perfc001.dat
2009-07-12 00:22 . 2001-09-19 12:00 330870 ----a-w- c:\windows\system32\perfh001.dat
2009-07-10 01:49 . 2009-07-02 20:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-09 20:22 . 2009-07-02 20:15 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-05 19:41 . 2009-07-05 08:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-05 09:04 . 2009-07-05 09:03 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-05 09:04 . 2009-07-05 09:03 -------- d-----w- c:\program files\iTunes
2009-07-05 09:03 . 2009-07-05 09:03 -------- d-----w- c:\program files\iPod
2009-07-05 09:03 . 2009-07-05 08:58 -------- d-----w- c:\program files\Common Files\Apple
2009-07-05 09:03 . 2009-07-02 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-05 09:02 . 2009-07-05 09:02 -------- d-----w- c:\program files\Bonjour
2009-07-05 08:59 . 2009-07-05 08:59 -------- d-----w- c:\program files\Apple Software Update
2009-07-04 04:07 . 2009-07-02 20:14 -------- d-----w- c:\program files\MSN Messenger
2009-07-04 03:51 . 2009-07-02 19:23 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-02 20:20 . 2009-07-02 20:19 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-07-02 20:19 . 2009-07-02 20:19 172032 ------w- c:\windows\Setup1.exe
2009-07-02 20:19 . 2009-07-02 20:19 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-07-02 20:18 . 2009-07-02 20:18 196608 ----a-w- c:\windows\system32\maag.dll
2009-07-02 20:18 . 2009-07-02 20:18 1212416 ----a-w- c:\windows\system32\ckll.dll
2009-07-02 20:18 . 2009-07-02 20:18 1245184 ----a-w- c:\windows\system32\bkll.dll
2009-07-02 20:18 . 2009-07-02 20:18 90112 ----a-w- c:\windows\system32\agsaami.dll
2009-07-02 20:18 . 2009-07-02 20:18 610304 ----a-w- c:\windows\system32\agsaamg.dll
2009-07-02 20:18 . 2009-07-02 20:18 372736 ----a-w- c:\windows\system32\agsaamc.dll
2009-07-02 20:18 . 2009-07-02 20:18 2535424 ----a-w- c:\windows\system32\agsaamj.dll
2009-07-02 20:18 . 2009-07-02 20:18 1986560 ----a-w- c:\windows\system32\akll.dll
2009-07-02 20:18 . 2009-07-02 20:18 -------- d-----w- c:\documents and settings\user\Application Data\ACD Systems
2009-07-02 20:17 . 2009-07-02 20:17 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-07-02 20:17 . 2009-07-02 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-07-02 20:17 . 2009-07-02 20:17 -------- d-----w- c:\program files\ACD Systems
2009-07-02 20:17 . 2009-07-02 20:17 10368 ----a-w- c:\windows\system32\drivers\pfc.sys
2009-07-02 20:14 . 2009-07-02 20:14 2232 ----a-w- c:\windows\java\Packages\Data\UGZ9ND7L.DAT
2009-07-02 20:14 . 2009-07-02 20:14 155995 ----a-w- c:\windows\java\Packages\F53HZ7DR.ZIP
2009-07-02 20:14 . 2009-07-02 20:14 2678 ----a-w- c:\windows\java\Packages\Data\DZFBXBX3.DAT
2009-07-02 20:14 . 2009-07-02 20:14 2678 ----a-w- c:\windows\java\Packages\Data\6L7TRJPJ.DAT
2009-07-02 20:14 . 2009-07-02 20:14 2678 ----a-w- c:\windows\java\Packages\Data\U97ZPBV1.DAT
2009-07-02 20:14 . 2009-07-02 20:14 2678 ----a-w- c:\windows\java\Packages\Data\QIA2J31N.DAT
2009-07-02 20:14 . 2009-07-02 20:14 2678 ----a-w- c:\windows\java\Packages\Data\C3FFFZ3R.DAT
2009-07-02 20:12 . 2009-07-02 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-07-02 20:11 . 2009-07-02 20:11 -------- d-----w- c:\program files\CyberLink
2009-07-02 20:04 . 2009-07-02 20:04 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-02 20:02 . 2009-07-02 20:02 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-02 20:01 . 2009-07-02 20:01 -------- d-----w- c:\program files\mpegable
2009-07-02 20:01 . 2009-07-02 20:01 47104 ------w- c:\windows\AKDeInstall.exe
2009-07-02 20:00 . 2009-07-02 20:00 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-02 20:00 . 2009-07-02 20:00 -------- d-----w- c:\program files\Real
2009-07-02 20:00 . 2009-07-02 20:00 -------- d-----w- c:\program files\Common Files\Real
2009-07-02 20:00 . 2009-07-02 20:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-02 20:00 . 2009-07-02 20:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-02 19:51 . 2009-07-02 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-07-02 19:49 . 2009-07-02 19:49 -------- d-----w- c:\program files\Microsoft Works
2009-07-02 19:49 . 2009-07-02 19:49 -------- d-----w- c:\program files\MSBuild
2009-07-02 19:25 . 2009-07-02 19:25 -------- d-----w- c:\program files\microsoft frontpage
2009-07-02 19:21 . 2009-07-02 19:21 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-16 14:36 . 2004-08-03 22:55 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2001-09-19 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-05 10:57 . 2009-06-05 10:57 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-05 08:42 . 2009-07-05 08:59 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 08:42 . 2009-07-05 08:59 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-03 19:10 . 2004-08-03 22:55 1289216 ----a-w- c:\windows\system32\quartz.dll
2009-05-13 05:02 . 2004-08-03 22:55 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:32 . 2004-08-03 22:55 345600 ----a-w- c:\windows\system32\localspl.dll
2009-07-15 20:41 . 2009-07-18 11:21 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-02 185896]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\user\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-7-15 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-07-27 c:\windows\Tasks\A8ABDB3191645145.job
- c:\docume~1\user\applic~1\lovedo~1\DashAudioBin.exe [2009-07-09 20:29]
2009-07-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
- - - - ORPHANS REMOVED - - - -
URLSearchHooks-{0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
Toolbar-{0b876028-b388-4f6d-922f-f52faec8535f} - (no file)
WebBrowser-{0B876028-B388-4F6D-922F-F52FAEC8535F} - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B} - c:\program files\AdsGone\AdsGone
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\fhxlvfqy.default\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

");
.
**************************************************************************
catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-07-27 23:58
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-07-27 0:00
ComboFix-quarantined-files.txt 2009-07-27 21:00
Pre-Run: 21,054,619,648 bytes free
Post-Run: 21,381,582,848 bytes free
319 --- E O F --- 2009-07-15 17:27
 
تأييد 0
ذا التقرير ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:32 ص, on 28/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Photoshop CS\Photoshop.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\AdsGone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 6619 bytes
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى