مشكلة ؟؟ لا يمكن تثبيت الفوتو شوب !!

أ

أمكروس أمبارش

زيزوومى فعال
إنضم
11 مارس 2008
المشاركات
267
مستوى التفاعل
1
النقاط
330
غير متصل
السلام عليكم ورحمة الله تعالى وبركاته
يامجمع الخبراء الأكارم يسعدني جدا أن أعود اليكم مرة أخرى لترفعوا علم التحدي أمام المشاكل الزاحفة والمدمرة لأجهزتنا ويسعدني جدا أن أسمع منكم خبر سار لحل مشكلة مزقتني بالغضب على الجهاز حتى أكاد أن أضعه جانب
في برنامج فوتوشوب أعمل فيه كثيرا ثبت cs2 وكلما فتحت البرنامج وبمجرد بدأ العمل تخرج لي الرسالة التالية
get-10-2008-dk1nuw0p.jpg

حتى تحايلت مع الجهاز فثبت نسخة أخرى من الفوتوشوب cs3 فاستحسن الحال قليلا لكن مع كل هذا فالميساج يخرج وبمجرد خروجه يضغط على ok فيخرج البرنامج كلية فأعدت التشغيل من الوضع الآمن فخرج ميساج من نوع آخر ولكن هذه المرة بمجرد اشتغال البرنامج فما السبب وما الحل عساكم تسرني أسركم الله في الدنوالآخرة
بخصوص الرسائل التي تخرج لي في الوضع الآمن cs2
get-10-2008-frwcn3xk.jpg

cs3
get-10-2008-9ad0zlso.jpg
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام

الواضح اخوى انك داخل على الجهاز بحساب ضيف

والبرنامج يتطلب دخولك كادمن يعنى كمسؤل والله اعلم
 
تأييد 0
لا يا أخي أنا بحساب الأدمين
والدليل هذا هو
get-10-2008-kpmypuym.jpg
 
تأييد 0
اخوي يظهر ان النسخ الي انت مركبها كلها مش ولا بد جرب نسخ قديمة من الفوتوشوب وشوف هل المشكلة قائمة ولا راحت
 
توقيع : البارون
تأييد 0
قبل ما أجعل الفرمته للجهاز يا أخي حدثت لي نفس المشكلة ولكن استعملت cs
فمشت بشكل عادي
 
تأييد 0
هلا فيك اخوي
اعمل التالي:-

(1)
عطل جميع برامج الحماية ,,
وحمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
(2)
واعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : MA222
تأييد 0
عذرا منك أخي بتعديل العنوان لينم عن فحواه

بارك الله فيك وان شاء الله تجد حل لمشكلتك

بالتوفيق
 
توقيع : غَيّوضْ
تأييد 0
يا أخي شكرا جزيلا على الاهتمام وقد أعددت لك كل التقارير المعتمندة
في ما يخص تقرير الهيجكان
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:04:52, on 24/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20696)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\styler\Styler.exe
C:\Zyzoom_RFA_Platinum\rfagent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Bret Taylor\Stickies\Stickies.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Borland\InterBase\bin\ibguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\Program Files\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [rfagent] "C:\Zyzoom_RFA_Platinum\rfagent.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Stickies] C:\Program Files\Bret Taylor\Stickies\\Stickies.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DesktopIconToy] C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O4 - Global Startup: RocketDock.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE828C56-D6CC-40AD-8042-EF347B52E439}: NameServer = 208.67.222.222 193.55.10.102
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 9519 bytes


أما عن تقرير combofix
ComboFix 08-10-14.01 - Administrateur 2008-10-21 14:00:29.2 - NTFSx86
Running from: C:\Documents and Settings\Administrateur\Mes documents\Downloads\Programs\2.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-09-21 to 2008-10-21 )))))))))))))))))))))))))))))))
.
2008-10-19 16:42 . 2007-07-26 15:30 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2008-10-18 20:19 . 2008-10-19 16:00 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Desktopicon
2008-10-18 20:18 . 2008-10-18 20:19 <REP> d-------- C:\Program Files\VDOWNLOADER
2008-10-18 19:58 . 2008-10-18 19:58 <REP> d-------- C:\Program Files\YouTUBE (TM) movie downloader
2008-10-17 15:48 . 2008-10-17 15:48 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-10-17 15:43 . 2008-10-17 15:44 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-10-14 18:44 . 2008-10-14 18:44 <REP> d-------- C:\WINDOWS\system32\oobe
2008-10-13 23:25 . 2007-03-06 16:01 176 --a------ C:\WINDOWS\system32\drivers\RTHDAEQ3.dat
2008-10-13 23:25 . 2007-02-07 17:16 176 --a------ C:\WINDOWS\system32\drivers\RTHDAEQ2.dat
2008-10-13 23:25 . 2007-07-30 20:01 16 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.dat
2008-10-13 20:21 . 2008-10-13 20:21 <REP> d--h----- C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ
2008-10-13 20:21 . 2006-09-12 22:00 197,632 --a------ C:\WINDOWS\system32\CNMLM83.DLL
2008-10-13 20:20 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-10-13 19:42 . 2008-10-13 19:42 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo!
2008-10-13 19:39 . 2008-10-13 19:39 <REP> d-------- C:\Program Files\Yahoo!
2008-10-12 16:19 . 2008-10-12 16:19 <REP> d--h----- C:\BJPrinter
2008-10-12 16:19 . 2004-04-23 18:00 116,736 --a------ C:\WINDOWS\system32\CNMLM6e.DLL
2008-10-12 16:19 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-10-12 16:19 . 2004-04-23 18:00 7,680 --a------ C:\WINDOWS\system32\CNMVS6e.DLL
2008-10-11 22:26 . 2008-10-11 22:38 3,856 --a------ C:\WINDOWS\system32\tmp.reg
2008-10-11 19:15 . 2008-10-16 17:49 268 --ah----- C:\sqmdata19.sqm
2008-10-11 19:15 . 2008-10-16 17:49 244 --ah----- C:\sqmnoopt19.sqm
2008-10-11 18:25 . 2008-10-16 09:23 268 --ah----- C:\sqmdata18.sqm
2008-10-11 18:25 . 2008-10-16 09:23 244 --ah----- C:\sqmnoopt18.sqm
2008-10-10 20:20 . 2008-10-10 20:20 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Nero
2008-10-10 19:54 . 2008-10-15 01:27 268 --ah----- C:\sqmdata17.sqm
2008-10-10 19:54 . 2008-10-15 01:27 244 --ah----- C:\sqmnoopt17.sqm
2008-10-10 19:52 . 2008-10-10 19:52 <REP> d-------- C:\Program Files\MP3 Player Utilities 4.15
2008-10-10 19:27 . 2008-10-21 13:43 268 --ah----- C:\sqmdata16.sqm
2008-10-10 19:27 . 2008-10-21 13:43 244 --ah----- C:\sqmnoopt16.sqm
2008-10-09 22:24 . 2008-10-21 08:58 268 --ah----- C:\sqmdata15.sqm
2008-10-09 22:24 . 2008-10-21 08:58 244 --ah----- C:\sqmnoopt15.sqm
2008-10-09 17:46 . 2008-10-21 00:16 268 --ah----- C:\sqmdata14.sqm
2008-10-09 17:46 . 2008-10-21 00:16 244 --ah----- C:\sqmnoopt14.sqm
2008-10-09 05:47 . 2008-10-20 19:47 268 --ah----- C:\sqmdata13.sqm
2008-10-09 05:47 . 2008-10-20 19:47 244 --ah----- C:\sqmnoopt13.sqm
2008-10-08 19:15 . 2008-10-20 09:03 268 --ah----- C:\sqmdata12.sqm
2008-10-08 19:15 . 2008-10-20 09:03 244 --ah----- C:\sqmnoopt12.sqm
2008-10-08 19:00 . 2008-10-20 00:40 268 --ah----- C:\sqmdata11.sqm
2008-10-08 19:00 . 2008-10-20 00:40 244 --ah----- C:\sqmnoopt11.sqm
2008-10-06 20:35 . 2007-07-26 15:30 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-10-06 20:34 . 2008-10-19 16:42 <REP> d-------- C:\Program Files\Realtek
2008-10-06 20:34 . 2007-07-26 17:09 520,192 --a------ C:\WINDOWS\RtlExUpd.dll
2008-10-06 20:30 . 2008-10-06 20:30 0 --a------ C:\WINDOWS\CeEKey.INI
2008-10-06 20:25 . 2007-07-26 15:30 16,377,344 --a------ C:\WINDOWS\RTHDCPL.exe
2008-10-06 20:25 . 2007-07-26 15:30 9,715,200 --a------ C:\WINDOWS\RTLCPL.exe
2008-10-06 20:25 . 2007-07-26 15:30 4,429,312 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-10-06 20:25 . 2007-07-26 15:30 2,808,832 --a------ C:\WINDOWS\alcwzrd.exe
2008-10-06 20:25 . 2007-07-26 15:30 2,162,688 --a------ C:\WINDOWS\MicCal.exe
2008-10-06 20:25 . 2007-07-26 15:30 1,826,816 --a------ C:\WINDOWS\SkyTel.exe
2008-10-06 20:25 . 2007-07-26 15:30 1,191,936 --a------ C:\WINDOWS\RtlUpd.exe
2008-10-06 20:25 . 2007-07-26 15:30 299,008 --a------ C:\WINDOWS\system32\ALSndMgr.cpl
2008-10-06 20:25 . 2007-07-26 15:30 282,624 --a------ C:\WINDOWS\system32\RTSndMgr.cpl
2008-10-06 20:25 . 2007-07-26 15:30 86,016 --a------ C:\WINDOWS\SoundMan.exe
2008-10-06 19:51 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008-10-06 15:54 . 2008-10-06 15:54 <REP> d-------- C:\Program Files\Trapcode
2008-10-06 15:54 . 2008-10-06 15:54 36,868 --a------ C:\Program Files\uninst-shine.exe
2008-10-06 15:47 . 2007-02-20 16:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2008-10-06 15:47 . 2007-02-20 16:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-10-05 17:48 . 2008-10-05 17:48 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DivX
2008-10-04 13:55 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2008-10-01 21:46 . 2008-10-01 21:46 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2008-10-01 21:29 . 2008-10-01 21:29 <REP> d-------- C:\Program Files\Bonjour
2008-10-01 21:22 . 2008-10-01 21:22 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-10-01 11:43 . 2008-10-01 11:43 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Ulead Systems
2008-10-01 11:38 . 2008-10-01 11:39 <REP> d-------- C:\Program Files\Fichiers communs\Ulead Systems
2008-10-01 11:37 . 2008-10-01 11:37 <REP> d-------- C:\Program Files\Corel
2008-10-01 11:37 . 2008-10-01 11:38 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ulead Systems
2008-10-01 11:36 . 2008-10-01 11:36 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-10-01 02:44 . 2004-03-17 16:05 134,144 --------- C:\WINDOWS\system32\dllcache\Mssap.dll
2008-10-01 02:44 . 2004-08-12 17:45 61,952 --------- C:\WINDOWS\system32\Hdaudpropshortcut.exe
2008-10-01 02:44 . 2004-08-12 17:45 24,064 --------- C:\WINDOWS\system32\Hdaudprop.dll
2008-10-01 02:44 . 2004-08-12 17:45 5,120 --------- C:\WINDOWS\system32\Hdaudpropres.dll
2008-10-01 00:23 . 2008-10-19 18:09 268 --ah----- C:\sqmdata10.sqm
2008-10-01 00:23 . 2008-10-19 18:09 244 --ah----- C:\sqmnoopt10.sqm
2008-09-30 23:57 . 2007-08-01 09:24 2,364 --a------ C:\WINDOWS\system32\Add Licence To Your Windows.reg
2008-09-30 20:54 . 2008-10-19 16:28 268 --ah----- C:\sqmdata09.sqm
2008-09-30 20:54 . 2008-10-19 16:28 244 --ah----- C:\sqmnoopt09.sqm
2008-09-30 19:29 . 2008-09-30 19:29 <REP> d-------- C:\Zyzoom_RFA_Platinum
2008-09-30 19:29 . 2008-09-30 19:29 <REP> d-------- C:\Documents and Settings\All Users.WIN2
2008-09-30 18:19 . 2008-09-30 18:19 <REP> d-------- C:\Program Files\Trend Micro
2008-09-30 17:57 . 2008-10-19 01:26 268 --ah----- C:\sqmdata08.sqm
2008-09-30 17:57 . 2008-10-19 01:26 244 --ah----- C:\sqmnoopt08.sqm
2008-09-30 14:46 . 2008-10-18 07:46 268 --ah----- C:\sqmdata07.sqm
2008-09-30 14:46 . 2008-10-18 07:46 244 --ah----- C:\sqmnoopt07.sqm
2008-09-30 13:52 . 2008-10-18 00:14 268 --ah----- C:\sqmdata06.sqm
2008-09-30 13:52 . 2008-10-18 00:14 244 --ah----- C:\sqmnoopt06.sqm
2008-09-30 02:58 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-09-30 02:25 . 2008-09-30 02:25 <REP> d-------- C:\Program Files\ESET
2008-09-30 02:25 . 2008-09-30 02:25 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2008-09-30 01:57 . 2008-10-14 18:45 <REP> d--h----- C:\Documents and Settings\Administrateur\Contacts
2008-09-30 01:48 . 2008-09-30 01:48 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe Systems
2008-09-30 01:47 . 2008-09-30 01:47 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-09-30 01:46 . 2008-10-06 15:49 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-09-29 14:49 . 2007-11-16 14:51 <REP> d-------- C:\Program Files\VIPhd
2008-09-29 14:32 . 2008-09-29 14:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab Setup Files
2008-09-29 14:28 . 2008-10-17 11:48 268 --ah----- C:\sqmdata05.sqm
2008-09-29 14:28 . 2008-10-17 11:48 244 --ah----- C:\sqmnoopt05.sqm
2008-09-29 14:27 . 2008-09-29 14:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\CyberScrub
2008-09-29 14:27 . 2008-09-29 14:27 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\cleaner
2008-09-29 10:05 . 2008-10-17 11:06 268 --ah----- C:\sqmdata04.sqm
2008-09-29 10:05 . 2008-10-17 11:06 244 --ah----- C:\sqmnoopt04.sqm
2008-09-29 00:59 . 2008-09-29 00:59 <REP> d--h----- C:\WINDOWS\PIF
2008-09-28 22:10 . 2008-10-21 13:40 13,030 --a------ C:\PDOXUSRS.NET
2008-09-28 19:56 . 2008-10-21 13:52 <REP> d-------- C:\WINDOWS\system32\CatRoot2
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-21 12:00 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DMCache
2008-10-19 22:06 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Skype
2008-10-17 18:28 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\IDM
2008-10-13 08:25 --------- d-----w C:\Program Files\Kelk 2000
2008-09-30 17:21 --------- d-----w C:\Program Files\Total Video Converter
2008-09-30 01:07 --------- d-----w C:\Program Files\Paint.NET
2008-09-29 23:40 --------- d-----w C:\Program Files\Internet Download Manager
2008-09-19 09:49 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-22 10:16 9,216 ----a-r C:\WINDOWS\system32\agrsmsvc.exe
2008-07-22 10:16 50,752 ----a-r C:\WINDOWS\agrsmdel.exe
2008-07-22 10:16 13,312 ----a-r C:\WINDOWS\system32\agrscoin.dll
2006-12-12 09:13 32,768 ----a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\EBLib.dll
2006-07-28 14:25 19,456 ----a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\LPCFilter.sys
.
------- Sigcheck -------
2007-12-18 04:04 507904 fb66744d525ea5df9a719f1db9b2dff4 C:\WINDOWS\system32\winlogon.exe
2007-12-18 04:04 182656 bc84c4f67d0e880b0c46dc0ce2b8cbaa C:\WINDOWS\system32\drivers\ndis.sys
2007-02-28 18:08 2437632 61381c1b4c0374569fbbf20ff9be199c C:\WINDOWS\system32\ntkrnlpa.exe
2007-12-18 04:04 2479872 37cf5612cd0b972a6a9e5a1ec4219e47 C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\ntkrnlpa.exe
2007-02-28 18:08 2557952 58228e929147d49965b884070e29381b C:\WINDOWS\system32\ntoskrnl.exe
2007-12-18 04:04 2347392 c23532a465a0b2ea4fc35b494bff5524 C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\ntoskrnl.exe
2007-12-18 04:04 1789952 addc47dfd517f2143d71e9310e414b50 C:\WINDOWS\explorer.exe
2007-12-18 04:04 25088 43836cffabac8d6779e8ee55e308df2c C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-10-14_18.51.02.29 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-01 09:38:57 335,872 ----a-r C:\WINDOWS\Installer\{15803703-25FA-4C01-A062-3F4A59937E87}\ARPPRODUCTICON.exe
+ 2008-10-14 21:52:24 335,872 ----a-r C:\WINDOWS\Installer\{15803703-25FA-4C01-A062-3F4A59937E87}\ARPPRODUCTICON.exe
- 2001-08-17 22:03:02 4,736 ----a-w C:\WINDOWS\system32\drivers\usbd.sys
+ 2001-08-17 20:03:02 4,736 ----a-w C:\WINDOWS\system32\drivers\usbd.sys
- 2006-10-23 13:14:42 59,264 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
+ 2006-10-23 11:14:42 59,264 ----a-w C:\WINDOWS\system32\drivers\usbhub.sys
- 2005-07-30 02:01:14 121,856 ----a-w C:\WINDOWS\system32\drivers\usbvideo.sys
+ 2005-07-30 00:01:14 121,856 ----a-w C:\WINDOWS\system32\drivers\usbvideo.sys
- 2004-08-04 00:54:30 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
+ 2004-08-03 22:54:30 47,616 ----a-w C:\WINDOWS\system32\iyuv_32.dll
- 2004-08-04 00:55:04 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
+ 2004-08-03 22:55:04 294,912 ----a-w C:\WINDOWS\system32\msh263.drv
- 2004-08-04 00:54:36 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2004-08-03 22:54:36 17,408 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2008-10-09 15:23:50 71,044 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-10-16 14:55:02 71,044 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-10-09 15:23:50 84,294 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-10-16 14:55:02 84,294 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-10-09 15:23:50 440,790 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-10-16 14:55:02 440,790 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-10-09 15:23:50 509,684 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-10-16 14:55:02 509,684 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2005-05-03 16:43:28 69,632 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\ALCMTR.EXE
+ 2006-05-04 14:26:36 2,808,832 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\ALCWZRD.EXE
+ 2004-08-03 21:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\drmk.sys
+ 2005-12-29 00:29:30 141,056 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\ks.sys
+ 2004-08-03 22:54:30 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\ksuser.dll
+ 2004-03-16 08:58:20 136,960 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\portcls.sys
+ 2005-11-05 00:55:10 48,768 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\stream.sys
+ 2004-08-03 22:55:04 23,552 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\i386\wdmaud.drv
+ 2007-06-28 14:44:14 2,165,760 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\MicCal.exe
+ 2007-07-19 14:05:14 262,144 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RTCOMDLL.dll
+ 2007-08-10 13:21:56 16,384,000 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RTHDCPL.EXE
+ 2007-08-10 11:52:44 4,603,904 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RtkHDAud.sys
+ 2007-03-07 12:59:30 131,072 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RTLCPAPI.dll
+ 2007-03-23 17:19:10 9,715,200 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RTLCPL.EXE
+ 2007-07-26 16:06:22 1,191,936 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\RtlUpd.exe
+ 2007-08-03 11:22:02 1,826,816 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\SkyTel.exe
+ 2006-07-21 14:14:36 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\SOUNDMAN.EXE
- 2007-07-19 14:05:14 262,144 ----a-w C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
+ 2007-07-26 13:30:26 262,144 ----a-w C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
- 2007-03-07 12:59:30 131,072 ----a-w C:\WINDOWS\system32\RTCOM\RtlCPAPI.dll
+ 2007-07-26 13:30:36 131,072 ----a-w C:\WINDOWS\system32\RTCOM\RtlCPAPI.dll
- 2001-08-23 17:47:20 8,192 ----a-w C:\WINDOWS\system32\tsbyuv.dll
+ 2001-08-23 15:47:20 8,192 ----a-w C:\WINDOWS\system32\tsbyuv.dll
- 2004-08-04 00:54:44 54,784 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
+ 2004-08-03 22:54:44 54,784 ----a-w C:\WINDOWS\system32\vfwwdm32.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2005-03-14 1057280]
"Stickies"="C:\Program Files\Bret Taylor\Stickies\\Stickies.exe" [2007-03-14 335872]
"IDMan"="C:\Program Files\Internet Download Manager\IDMan.exe" [2008-02-21 2594224]
"DesktopIconToy"="C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe" [2008-03-01 430080]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-18 25088]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-30 4670704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VisualTaskTips"="C:\Windows\System32\VisualTaskTips.exe" [2007-12-18 36864]
"Vistadrv"="C:\Program Files\VIPhd\vsdrv.exe" [2006-07-30 121089]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2007-08-02 95504]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2006-07-17 122880]
"Styler"="C:\Program Files\styler\Styler.exe" [2006-05-03 307200]
"rfagent"="C:\Zyzoom_RFA_Platinum\rfagent.exe" [2007-06-12 617088]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-08-28 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2007-08-28 455168]
"pdfFactory Pro Dispatcher v2"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2003-11-10 385024]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2007-08-28 59392]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2007-08-28 208952]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-07-22 142104]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-07-22 162584]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168]
"CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2007-07-06 651264]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2007-01-10 1235456]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-26 C:\WINDOWS\RTHDCPL.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="C:\WINDOWS\system32\sti_ci.dll" [2007-12-18 678912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2007-12-18 44544]
"nltide_3"="advpack.dll" [2007-12-18 C:\WINDOWS\system32\advpack.dll]
C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Bluetooth Monitor.lnk - C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2004-09-27 69632]
RocketDock.exe [2007-09-02 495616]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage"= 0 (0x0)
"NoDevMgrPage"= 0 (0x0)
"NoFileSysPage"= 0 (0x0)
"NoVirtMemPage"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoUserNameInStartMenu"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoClose"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 Si3124;Si3124;C:\WINDOWS\system32\drivers\Si3124.sys [2007-12-18 76208]
R0 Si3132r5;Si3132r5;C:\WINDOWS\system32\drivers\Si3132r5.sys [2007-12-18 208688]
R0 Si3531;Si3531;C:\WINDOWS\system32\drivers\Si3531.sys [2007-12-18 210224]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-12-29 26368]
.
s of the 'Scheduled Tasks' folder
2008-10-21 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -
Toolbar-ITBarLayout - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBar7Layout - (no file)
Toolbar-ITBar7Position - (no file)

.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\bqceyn69.default\
.
.
------- File Associations -------
.
vbefile\shell\edit\command=C:\WINDOWS\Notepad.exe %1
vbsfile\shell\edit\command=%SystemRoot%\System32\Notepad.exe %1
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-10-21 14:04:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mchInjDrv]
"ImagePath"="\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mc21.tmp"
.
Completion time: 2008-10-21 14:05:22
ComboFix-quarantined-files.txt 2008-10-21 12:05:08
Pre-Run: 28 930 015 232 octets libres
Post-Run: 28,961,386,496 octets libres
307
 
تأييد 0
احذف القيمة التالية:-
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

طريقة الحذف



mg%20%283%29.png

mg%20%284%29.png

=================================​

استخدم هذه الاداة للتنظيف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

wh_15149054.png



شوف ياغالي ,,, حمل هذه الاداة ,,
واتبع الشرح التالي ,, لتنظيف جهازك من الفيروسات
و عمل تقرير بالعمليه حتى ترفقه بردك القادم ,,​

رابط الاداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شرح الاستخدام ,,,,,,


000.png


ولحفظ التقرير اعمل التالي ,,

001.png



002.png



بعدهاا ارفع التقرير على هذا الموقع ,, وارفق الرابط بردك القادم
 
توقيع : MA222
تأييد 0
هذا هو التقرير الذي طلب أخي الكريم
25-10-2008 15:44:41 Version du moteur=5200.2160
25-10-2008 15:44:41 AntiVirus - Version des fichiers DAT=5242.0000
25-10-2008 15:44:41 Nombre de signatures de détection dans EXTRA.DAT =Aucun
25-10-2008 15:44:41 Nom des signatures de détection dans EXTRA.DAT =Aucun
25-10-2008 15:44:33 Analyse démarrée F293EC58E1F94BD\Administrateur Analyse à la demande
25-10-2008 15:45:14 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@2o7[2].txt\00000000.ie -2O7(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@ad.yieldmanager[2].txt\00000000.ie -Yieldmanager(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@ad.yieldmanager[2].txt\00000000.ie -Yieldmanager(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@ad.yieldmanager[2].txt\00000000.ie -Yieldmanager(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@ad.yieldmanager[2].txt\00000000.ie -Yieldmanager(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@ad.yieldmanager[2].txt\00000000.ie -Yieldmanager(Programme potentiellement indésirable)
25-10-2008 15:45:16 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adtech[2].txt\00000000.ie -Adtech(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adultfriendfinder[1].txt\00000000.ie -Adultfriend(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@advertising[2].txt\00000000.ie -Advertising(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@advertising[2].txt\00000000.ie -Advertising(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@adviva[2].txt\00000000.ie -Adviva(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@atdmt[2].txt\00000000.ie -Atdmt(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@bs.serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@cybermonitor[1].txt\00000000.ie -Cybermonitor(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@doubleclick[1].txt\00000000.ie -Doubleclick(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@fastclick[1].txt\00000000.ie -Fastclick(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@fastclick[1].txt\00000000.ie -Fastclick(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@fastclick[1].txt\00000000.ie -Fastclick(Programme potentiellement indésirable)
25-10-2008 15:45:17 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@himedia.112.2o7[1].txt\00000000.ie -2O7(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@mediaplex[1].txt\00000000.ie -Mediaplex(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@cafe.122.2o7[1].txt\00000000.ie -2O7(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@msnportal.112.2o7[1].txt\00000000.ie -2O7(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@realmedia[2].txt\00000000.ie -RealMedia(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@realmedia[2].txt\00000000.ie -RealMedia(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@server.iad.liveperson[2].txt\00000000.ie -Liveperson(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@serving-sys[1].txt\00000000.ie -Eyeblaster(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@smartadserver[1].txt\00000000.ie -Adserver(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@smartadserver[1].txt\00000000.ie -Adserver(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@smartadserver[1].txt\00000000.ie -Adserver(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@smartadserver[1].txt\00000000.ie -Adserver(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@specificclick[2].txt\00000000.ie -SpecClick(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@statcounter[2].txt\00000000.ie -Statcounter(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@statcounter[2].txt\00000000.ie -Statcounter(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@untd[2].txt\00000000.ie -Untd(Programme potentiellement indésirable)
25-10-2008 15:45:18 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@untd[2].txt\00000000.ie -Untd(Programme potentiellement indésirable)
25-10-2008 15:45:19 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@yadro[2].txt\00000000.ie -Yadro(Programme potentiellement indésirable)
25-10-2008 15:45:19 Supprimé Administrateur c:\documents and settings\administrateur\s\administrateur@yadro[2].txt\00000000.ie -Yadro(Programme potentiellement indésirable)
25-10-2008 15:50:24 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\64925_84\64925\ARCHIVER.EXE
25-10-2008 15:50:24 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\74480_202\74480\DB1.MDB
25-10-2008 15:50:26 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Dream_Weaver_231\Dream_Weaver.zip\DREAM_WEAVER_MX_2004.PART1.RAR
25-10-2008 15:50:30 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\j-hed-18092008_107\j-hed-18092008.zip\J-HED-18092008.PDF
25-10-2008 15:50:31 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\m-hed-24092008_106\m-hed-24092008.zip\M-HED-24092008.PDF
25-10-2008 15:50:32 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\nod32_43\nod32.rar\NENTENST.EXE
25-10-2008 15:50:34 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E011_331\Prison-Preak-S1-E011.rar\111 - AND THEN THERE WERE 7.RMVB
25-10-2008 15:50:35 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E012_346\Prison-Preak-S1-E012.rar\112 - ODD MAN OUT.RMVB
25-10-2008 15:50:35 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E012_350\Prison-Preak-S1-E012.rar\112 - ODD MAN OUT.RMVB
25-10-2008 15:50:35 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E012_371\Prison-Preak-S1-E012.rar\112 - ODD MAN OUT.RMVB
25-10-2008 15:50:35 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E012_377\Prison-Preak-S1-E012.rar\112 - ODD MAN OUT.RMVB
25-10-2008 15:50:36 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E02_184\Prison-Preak-S1-E02.rar\102 - ALLEN.RMVB
25-10-2008 15:50:36 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E03_207\Prison-Preak-S1-E03.rar\103 - CELL TEST.RMVB
25-10-2008 15:50:38 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E06_270\Prison-Preak-S1-E06.rar\106 - RIOTS, DRILLS AND THE DEVIL (PART 1).RMVB
25-10-2008 15:50:38 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E06_271\Prison-Preak-S1-E06.rar\106 - RIOTS, DRILLS AND THE DEVIL (PART 1).RMVB
25-10-2008 15:50:38 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E06_275\Prison-Preak-S1-E06.rar\106 - RIOTS, DRILLS AND THE DEVIL (PART 1).RMVB
25-10-2008 15:50:38 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\Prison-Preak-S1-E07_279\Prison-Preak-S1-E07.rar\107 - RIOTS, DRILLS AND THE DEVIL (PART 2).RMVB
25-10-2008 15:50:41 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\prison.break.404.hdtv-lol.by_92\prison.break.404.hdtv-lol.by.C\BACKGROUND.JPG
25-10-2008 15:50:43 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\PrisonBreak-5BS04E07-5DByStarT_120\PrisonBreak-5BS04E07-5DByStarT\PRISONBREAK[S04E07]BYSTARTIMES2.COM.RMVB
25-10-2008 15:50:50 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Application Data\IDM\DwnlData\Administrateur\windows_sidebar_v6_52\windows_sidebar_v6.0-20--20naj\INSTALLER.EXE
25-10-2008 15:53:42 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\driver adfuud sys.rar\ADFUUD.SYS
25-10-2008 15:57:16 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\الفوتوشوب العاشر مع الكيجن\Keygen_cs3.rar\KEYGEN.EXE
25-10-2008 15:57:16 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\الفوتوشوب العاشر مع الكيجن\photoshop_cs3_me.rar\ADOBEPHOTOSHOP10EN_US.BUILD.LOG
25-10-2008 16:02:02 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\تصاميم العيد\3eed.rar\05.JPG
25-10-2008 16:02:03 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\تصاميم العيد\maseeg-and-osaeetalaeed.rar\ ퟪ-M-FAW.COM (1).TXT
25-10-2008 16:02:03 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\تصاميم العيد\osaeet.rar\ 埫.TXT
25-10-2008 16:02:09 Non analysé (fichier crypté) Administrateur c:\Documents and Settings\Administrateur\Mes documents\Downloads\Compressed\تصاميم العيد\soor.rar\42045.JPG
25-10-2008 16:02:37 Supprimé Administrateur HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|WIAWizardMenu RemAdm-ProcLaunch!171(Outil d'administration à distance)
25-10-2008 16:02:37 Supprimé Administrateur C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\MES DOCUMENTS\DOWNLOADS\PROGRAMS\2.EXE RemAdm-ProcLaunch!171(Outil d'administration à distance)



بارك الله فيكم
 
تأييد 0
هل المشكلة انحلت ولا لسى
 
توقيع : MA222
تأييد 0
السلام عليكم
بارك الله ىفيك على الاهتنمام
يأسفني أن أقول لك ليس بعد المشكل لازال قائم
 
تأييد 0
ماهي نسخة الويندوز
التي محملها على جهازك
 
توقيع : MA222
تأييد 0
توقيع : MA222
تأييد 0
اللغة الفرنسية أخي الكريم
 
تأييد 0
هلا بيك اخوي
هلا كانت النسخة تعمل من قبل بدون مشاكل
لاني بصراحة لم اقم بتحميل نسخة فوتوشوب على نسخة ويندوز فرنسية من قبل
احتمال تكون هذه النسخة لاتدعم النسخة الفرنسية
الله اعلم
 
توقيع : MA222
تأييد 0
في الحقيقة عند تثبيت الفوتوشوب تستطيع اختيار اللغة
والنسخة نفسها مثبتت في نفس الجهاز من قبل والنتيجة رائعة
ألا تشك أن المشكل من الهارد
 
تأييد 0
طيب اعمل اصلاح للنظام
اوذا لم تنجح مامعك الا ان تعمل فورمات
الا اذا كان عند احد الاخوان حل اخر
 
توقيع : MA222
تأييد 0
بارك الله فيك أخي الكريم على اهتمامك ومساندتك
في الحقيقة المشكلة لها تاريخ كبير معي
صلحت النظام أكثر من مرة وجعلت الفورمات أكثر من مرة
لكن الحال هو هو
على كل حال ألف شكر
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى