!! الهاردسك الخارجي لا يظهر !! + !! تقرير !!

fahd1980.ck · ‏يناير 15, 2010

المصدر: !! الهاردسك الخارجي لا يظهر !! + !! تقرير !!
في منتدى : منتدى مشاكـل وحلول الحـاسب

السلام عليكم ورحمة الله وبركاته :.

!! الهاردسك الخارجي لا يظهر !!

المشكلة عندي هي :.

عندي هارديسك خارجي نوع وستر دجتل 80 جيجا ومشكلتي
عندما اشبك الهاردسك يطلع عندي انتهى تثبيت الهاردسك والامبه
خضرا شغاله ولكن عندما اذهب للجهاز لا اجده وغيرت السلك ونفس
المشكله مع العلم عندي هاردسك ثاني نفس النوعية والحجم وشغال مافيه شي !!

قلت يمكن من الكفر حق الهاردسك وبدلت بين الاثنين ولاكن ماشتغل !!

ومادري وش المشكلة .....................!!
هذا التقرير
تحميل الملف من هنا

تم تحرير الرابط

كان · ‏يناير 15, 2010

وعليكم السلام والرحمة

أخي الكريم , هل أنت متأكد من الرابط ؟؟!
عند فتحه خرج لي الكاسبر بتحذير , وهذه الصورة تثبت ذلك

MAAX · ‏يناير 15, 2010

ارفع هنا اخي

http://www.up-master.com/index.php

fahd1980.ck · ‏يناير 15, 2010

مقتبس من كان: ↑

وعليكم السلام والرحمة

أخي الكريم , هل أنت متأكد من الرابط ؟؟!
عند فتحه خرج لي الكاسبر بتحذير , وهذه الصورة تثبت ذلك

أنقر للتوسيع...

متآكد آخوي مافيه شي !!
غريبه !!

fahd1980.ck · ‏يناير 15, 2010

مقتبس من MAAX: ↑

ارفع هنا اخي

http://www.up-master.com/index.php
أنقر للتوسيع...

تم رفعه على الموقع

http://www.up-master.com/data/fahd.rar

MAAX · ‏يناير 15, 2010

اشبك الهارد واعمل هذا التقرير

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

fahd1980.ck · ‏يناير 15, 2010

ComboFix 10-01-14.06 - user 01/15/2010 18:07:33.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2046.1634 [GMT 4.5:30]
Running from: c:\documents and settings\user\My Documents\Downloads\Programs\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Avira Firewall *enabled* {11638345-E4FC-4BEE-BB73-EC754659C5F6}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\autorun.inf
I:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SKYNET
-------\Service_SKYNET

((((((((((((((((((((((((( Files Created from 2009-12-15 to 2010-01-15 )))))))))))))))))))))))))))))))
.

2010-01-15 13:28 . 2010-01-15 13:28 -------- d-----w- c:\documents and settings\user\Application Data\Avira
2010-01-15 02:07 . 2010-01-15 02:07 198064 ----a-w- c:\documents and settings\user\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2010-01-15 02:07 . 2010-01-15 13:42 -------- d-----w- c:\documents and settings\user\Application Data\DMCache
2010-01-15 02:07 . 2010-01-15 11:56 -------- d-----w- c:\documents and settings\user\Application Data\IDM
2010-01-15 02:07 . 2010-01-15 13:29 -------- d-----w- c:\program files\Internet Download Manager
2010-01-15 01:45 . 2010-01-15 01:45 -------- d-----w- c:\program files\Trend Micro
2010-01-15 01:36 . 2010-01-15 01:36 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Runscanner.net
2010-01-14 22:24 . 2010-01-14 22:24 -------- d-----w- c:\program files\Bethesda Softworks
2010-01-14 21:05 . 2010-01-14 21:06 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-14 21:05 . 2010-01-14 21:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-14 21:05 . 2010-01-14 21:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-14 21:05 . 2010-01-14 21:36 -------- d-----w- c:\documents and settings\user\Application Data\DAEMON Tools Lite
2010-01-14 21:05 . 2010-01-14 21:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-01-14 21:04 . 2010-01-14 21:04 -------- d-----w- c:\program files\MSBuild
2010-01-14 21:04 . 2010-01-14 22:19 63464 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-14 21:03 . 2010-01-14 22:20 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-14 21:02 . 2010-01-14 21:02 -------- d-----w- c:\program files\Reference Assemblies
2010-01-14 21:02 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-14 21:02 . 2006-06-29 08:37 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-14 21:02 . 2007-04-04 14:23 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-01-14 21:02 . 2007-03-15 12:27 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-01-14 21:02 . 2007-03-12 12:12 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2010-01-14 21:02 . 2007-03-12 12:12 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-01-14 21:01 . 2010-01-14 21:01 -------- d-----w- c:\windows\system32\xlive
2010-01-14 21:01 . 2010-01-14 21:01 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-14 20:43 . 2010-01-14 20:43 -------- d-----w- c:\program files\UltraISO
2010-01-14 20:43 . 2010-01-14 20:43 -------- d-----w- c:\program files\Common Files\EZB Systems
2010-01-14 18:47 . 2010-01-14 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2010-01-14 18:32 . 2010-01-14 23:24 -------- d-----w- c:\program files\ProgDVB
2010-01-14 17:06 . 2000-11-28 22:37 307200 ----a-w- c:\windows\system32\msvcr70.dll
2010-01-14 11:50 . 2010-01-15 01:23 -------- d-----w- c:\documents and settings\user\Application Data\dvdcss
2010-01-14 11:35 . 2010-01-14 11:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Identities
2010-01-13 20:22 . 2010-01-13 20:22 -------- d-----w- c:\windows\Sun
2010-01-12 21:46 . 2010-01-14 23:10 -------- d-----w- C:\dvbdream
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\DVBViewer TE2
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\MainConcept
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\TechniSat DVB
2010-01-12 21:42 . 2010-01-12 21:42 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-12 21:42 . 2009-09-11 03:17 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-01-12 21:00 . 2010-01-12 21:00 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-12 21:00 . 2010-01-12 21:00 -------- d-----w- c:\program files\McAfee Security Scan
2010-01-12 20:47 . 2010-01-12 20:47 0 ----a-w- c:\windows\nsreg.dat
2010-01-12 20:47 . 2010-01-12 20:47 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2010-01-12 19:05 . 2001-08-17 10:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-01-12 19:04 . 2008-04-14 18:07 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-01-12 19:03 . 2008-04-14 18:29 73728 ----a-w- c:\windows\system32\usbui.dll
2010-01-12 19:00 . 2010-01-15 13:43 -------- d-----w- c:\windows\system32\CatRoot2
2010-01-12 19:00 . 2010-01-14 22:00 -------- d-----w- c:\windows\system32\CatRoot

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 13:39 . 2008-04-15 21:00 67438 ----a-w- c:\windows\system32\perfc001.dat
2010-01-15 13:39 . 2008-04-15 21:00 366874 ----a-w- c:\windows\system32\perfh001.dat
2010-01-15 02:18 . 2010-01-12 17:21 -------- d-----w- c:\documents and settings\user\Application Data\vlc
2010-01-14 22:23 . 2010-01-12 16:35 12328 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-14 17:50 . 2010-01-12 17:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-12 21:42 . 2010-01-12 16:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-12 17:24 . 2010-01-12 17:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-12 17:21 . 2010-01-12 17:21 -------- d-----w- c:\program files\VideoLAN
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Common Files\Real
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Common Files\xing shared
2010-01-12 17:19 . 2010-01-12 16:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-12 17:19 . 2010-01-12 16:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Real
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-12 17:18 . 2010-01-12 17:17 -------- d-----w- c:\program files\Windows Live
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\Microsoft
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\GRETECH
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-12 17:17 . 2010-01-12 17:17 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-12 17:16 . 2010-01-12 17:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-12 17:16 . 2010-01-12 17:16 -------- d-----w- c:\program files\Avira
2010-01-12 17:15 . 2010-01-12 16:13 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-12 17:15 . 2010-01-12 17:15 -------- d-----w- c:\program files\Java
2010-01-12 16:52 . 2010-01-12 16:50 -------- d-----w- c:\program files\Realtek
2010-01-12 16:48 . 2010-01-12 16:48 -------- d-----w- c:\documents and settings\user\Application Data\ATI
2010-01-12 16:48 . 2010-01-12 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2010-01-12 16:47 . 2010-01-12 16:47 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-12 16:45 . 2010-01-12 16:40 -------- d-----w- c:\program files\ATI Technologies
2010-01-12 16:43 . 2010-01-12 16:43 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-12 16:40 . 2010-01-12 16:39 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-12 16:37 . 2010-01-12 16:37 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2010-01-12 16:14 . 2010-01-12 16:14 -------- d-----w- c:\program files\microsoft frontpage
2010-01-12 16:13 . 2010-01-12 16:13 -------- d-----w- c:\program files\TechSmith
2010-01-12 16:11 . 2010-01-12 16:11 -------- d-----w- c:\program files\CCleaner
2010-01-12 16:10 . 2010-01-12 16:10 -------- d-----w- c:\program files\MSXML 4.0
2010-01-12 16:09 . 2010-01-12 16:09 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-12 16:07 . 2010-01-12 16:07 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-12 16:06 . 2010-01-12 16:06 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-09 18:00 . 2010-01-12 17:18 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-30 11:10 . 2009-10-30 11:10 1183176 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.

------- Sigcheck -------

[-] 2009-06-06 . 46044F23D214FBB2939C9B4CC5AF62EE . 1571328 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-09-16 3118512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"RTHDCPL"="RTHDCPL.EXE" [2009-06-25 17887232]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-12 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-12 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-12 113664]
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2010-1-13 338448]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/01/2010 01:35 ص 691696]
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [18/09/2008 07:12 ص 124928]
R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [12/01/2010 09:46 م 97608]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [12/01/2010 09:46 م 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [12/01/2010 09:46 م 194817]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/01/2010 09:46 م 108289]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [12/01/2010 09:46 م 69632]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/01/2010 09:20 م 1684736]
S4 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [12/01/2010 09:46 م 434945]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|resource:/browserconfig.properties
FF - component: c:\documents and settings\user\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-15 18:13
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spgz.sys >>UNKNOWN [0x89C03938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9e09b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek PCIe GBE Family Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9ce0bb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ceda21
SendHandler -> NDIS.sys @ 0xb9ccb87b
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1044)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1100)
c:\program files\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(3044)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\windows\system32\imapi.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2010-01-15 18:13:56 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-15 13:43

Pre-Run: 144,413,286,400 bytes free
Post-Run: 144,580,792,320 bytes free

- - End Of File - - B70EAB88C8F8EF0C494457E8427B586E

MAAX · ‏يناير 15, 2010

كيف الوضع ؟

fahd1980.ck · ‏يناير 15, 2010

ماطلع عندي شي

آخوي للمعلوميه عندي هاردسكين مركبهم واحد 500 جيجا والثاني 250 جيجا
ومقسمهم كل واحد ثلاثه

وآخوي عند ماسويت الطريقة تجيني مربعات من برنامج الحماية مادري وش معناها
وفيها اضغط ok

fahd1980.ck · ‏يناير 15, 2010

فحص جديد

ComboFix 10-01-14.07 - user 01/15/2010 19:24:22.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2046.1617 [GMT 4.5:30]
Running from: c:\documents and settings\user\My Documents\Downloads\Programs\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\wbem\Performance\WmiApRpl_new.h

.
((((((((((((((((((((((((( Files Created from 2009-12-15 to 2010-01-15 )))))))))))))))))))))))))))))))
.

2010-01-15 14:41 . 2010-01-15 14:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-15 02:07 . 2010-01-15 02:07 198064 ----a-w- c:\documents and settings\user\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2010-01-15 02:07 . 2010-01-15 14:52 -------- d-----w- c:\documents and settings\user\Application Data\DMCache
2010-01-15 02:07 . 2010-01-15 11:56 -------- d-----w- c:\documents and settings\user\Application Data\IDM
2010-01-15 02:07 . 2010-01-15 13:29 -------- d-----w- c:\program files\Internet Download Manager
2010-01-15 01:45 . 2010-01-15 01:45 -------- d-----w- c:\program files\Trend Micro
2010-01-15 01:36 . 2010-01-15 01:36 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Runscanner.net
2010-01-14 22:24 . 2010-01-14 22:24 -------- d-----w- c:\program files\Bethesda Softworks
2010-01-14 21:05 . 2010-01-14 21:06 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-14 21:05 . 2010-01-14 21:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-14 21:05 . 2010-01-14 21:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-14 21:05 . 2010-01-14 21:36 -------- d-----w- c:\documents and settings\user\Application Data\DAEMON Tools Lite
2010-01-14 21:05 . 2010-01-14 21:05 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-01-14 21:04 . 2010-01-14 21:04 -------- d-----w- c:\program files\MSBuild
2010-01-14 21:04 . 2010-01-14 22:19 63464 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-01-14 21:03 . 2010-01-14 22:20 -------- d-----w- c:\windows\system32\XPSViewer
2010-01-14 21:02 . 2010-01-14 21:02 -------- d-----w- c:\program files\Reference Assemblies
2010-01-14 21:02 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-14 21:02 . 2006-06-29 08:37 14048 ------w- c:\windows\system32\spmsg2.dll
2010-01-14 21:02 . 2007-04-04 14:23 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-01-14 21:02 . 2007-03-15 12:27 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-01-14 21:02 . 2007-03-12 12:12 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2010-01-14 21:02 . 2007-03-12 12:12 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-01-14 21:01 . 2010-01-14 21:01 -------- d-----w- c:\windows\system32\xlive
2010-01-14 21:01 . 2010-01-14 21:01 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-01-14 20:43 . 2010-01-14 20:43 -------- d-----w- c:\program files\UltraISO
2010-01-14 20:43 . 2010-01-14 20:43 -------- d-----w- c:\program files\Common Files\EZB Systems
2010-01-14 18:47 . 2010-01-14 18:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2010-01-14 18:32 . 2010-01-15 14:48 -------- d-----w- c:\program files\ProgDVB
2010-01-14 17:06 . 2000-11-28 22:37 307200 ----a-w- c:\windows\system32\msvcr70.dll
2010-01-14 11:50 . 2010-01-15 01:23 -------- d-----w- c:\documents and settings\user\Application Data\dvdcss
2010-01-14 11:35 . 2010-01-14 11:35 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Identities
2010-01-13 20:22 . 2010-01-13 20:22 -------- d-----w- c:\windows\Sun
2010-01-12 21:46 . 2010-01-15 14:48 -------- d-----w- C:\dvbdream
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\DVBViewer TE2
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\MainConcept
2010-01-12 21:42 . 2010-01-12 21:42 -------- d-----w- c:\program files\TechniSat DVB
2010-01-12 21:42 . 2010-01-12 21:42 -------- dc----w- c:\windows\system32\DRVSTORE
2010-01-12 21:42 . 2009-09-11 03:17 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-01-12 21:00 . 2010-01-12 21:00 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2010-01-12 20:47 . 2010-01-12 20:47 0 ----a-w- c:\windows\nsreg.dat
2010-01-12 20:47 . 2010-01-12 20:47 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2010-01-12 19:05 . 2001-08-17 10:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-01-12 19:04 . 2008-04-14 18:07 57472 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-01-12 19:03 . 2008-04-14 18:29 73728 ----a-w- c:\windows\system32\usbui.dll
2010-01-12 19:00 . 2010-01-15 14:54 -------- d-----w- c:\windows\system32\CatRoot2
2010-01-12 19:00 . 2010-01-14 22:00 -------- d-----w- c:\windows\system32\CatRoot

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 14:55 . 2008-04-15 21:00 67438 ----a-w- c:\windows\system32\perfc001.dat
2010-01-15 14:55 . 2008-04-15 21:00 366874 ----a-w- c:\windows\system32\perfh001.dat
2010-01-15 14:40 . 2010-01-12 17:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-01-15 02:18 . 2010-01-12 17:21 -------- d-----w- c:\documents and settings\user\Application Data\vlc
2010-01-14 22:23 . 2010-01-12 16:35 12328 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-14 17:50 . 2010-01-12 17:16 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-12 21:42 . 2010-01-12 16:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-12 17:24 . 2010-01-12 17:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-12 17:21 . 2010-01-12 17:21 -------- d-----w- c:\program files\VideoLAN
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Common Files\Real
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Common Files\xing shared
2010-01-12 17:19 . 2010-01-12 16:11 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-12 17:19 . 2010-01-12 16:11 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-12 17:19 . 2010-01-12 17:19 -------- d-----w- c:\program files\Real
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-12 17:18 . 2010-01-12 17:17 -------- d-----w- c:\program files\Windows Live
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\Microsoft
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\GRETECH
2010-01-12 17:18 . 2010-01-12 17:18 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-12 17:17 . 2010-01-12 17:17 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-12 17:15 . 2010-01-12 16:13 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-12 17:15 . 2010-01-12 17:15 -------- d-----w- c:\program files\Java
2010-01-12 16:52 . 2010-01-12 16:50 -------- d-----w- c:\program files\Realtek
2010-01-12 16:48 . 2010-01-12 16:48 -------- d-----w- c:\documents and settings\user\Application Data\ATI
2010-01-12 16:48 . 2010-01-12 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2010-01-12 16:47 . 2010-01-12 16:47 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-12 16:45 . 2010-01-12 16:40 -------- d-----w- c:\program files\ATI Technologies
2010-01-12 16:43 . 2010-01-12 16:43 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-12 16:40 . 2010-01-12 16:39 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-12 16:37 . 2010-01-12 16:37 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2010-01-12 16:14 . 2010-01-12 16:14 -------- d-----w- c:\program files\microsoft frontpage
2010-01-12 16:13 . 2010-01-12 16:13 -------- d-----w- c:\program files\TechSmith
2010-01-12 16:11 . 2010-01-12 16:11 -------- d-----w- c:\program files\CCleaner
2010-01-12 16:10 . 2010-01-12 16:10 -------- d-----w- c:\program files\MSXML 4.0
2010-01-12 16:09 . 2010-01-12 16:09 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-12 16:07 . 2010-01-12 16:07 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-12 16:06 . 2010-01-12 16:06 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-09 18:00 . 2010-01-12 17:18 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-30 11:10 . 2009-10-30 11:10 1183176 ----a-w- c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.

------- Sigcheck -------

[-] 2009-06-06 . 46044F23D214FBB2939C9B4CC5AF62EE . 1571328 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-01-15_13.42.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-15 14:51 . 2010-01-15 14:51 16384 c:\windows\Temp\Perflib_Perfdata_3f8.dat
+ 2008-04-15 21:00 . 2010-01-15 14:55 67448 c:\windows\system32\perfc009.dat
- 2008-04-15 21:00 . 2010-01-15 13:39 67448 c:\windows\system32\perfc009.dat
+ 2008-04-15 21:00 . 2010-01-15 14:55 432492 c:\windows\system32\perfh009.dat
- 2008-04-15 21:00 . 2010-01-15 13:39 432492 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-09-16 3118512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-13 98304]
"RTHDCPL"="RTHDCPL.EXE" [2009-06-25 17887232]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-12 149280]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-12 198160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-12 113664]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2010-1-13 338448]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [18/09/2008 07:12 ص 124928]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/01/2010 01:35 ص 691696]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/01/2010 09:20 م 1684736]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - component: c:\documents and settings\user\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\0dj1mx62.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-15 19:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-15 19:26:46
ComboFix-quarantined-files.txt 2010-01-15 14:56
ComboFix2.txt 2010-01-15 13:43

Pre-Run: 144,735,498,240 bytes free
Post-Run: 144,702,943,232 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 73719E2F2A20C6F8AD16B6349A03FBA0

MAAX · ‏يناير 15, 2010

اخي طيب جرب الهارد على جهاز ثاني
وشوف هل يعمل او لا ؟

LAZIZZ · ‏يناير 15, 2010

انا عندي نفس المشكله وليا موضوع محد رد عليه

وشبكتو على لاب توب ثاني مايطلع في جهاز الكمبيوتر مع العلم ان الهاردسك تشتغل مروحتو لمن اشبكو وتولع النور

fahd1980.ck · ‏يناير 16, 2010

مقتبس من maax: ↑

اخي طيب جرب الهارد على جهاز ثاني
وشوف هل يعمل او لا ؟
أنقر للتوسيع...

هارد الثاني شغال مافيه شي !!

هارد هذا رحت وجربته على جهاز ثاني وماشتغل !!

MAAX · ‏يناير 16, 2010

معناه الله يعوض عليك
الهارد تالف

fahd1980.ck · ‏يناير 16, 2010

يعني راح مجهود ثلاث سنوات

شي يقهر !!

تسجيل الدخول

!! الهاردسك الخارجي لا يظهر !! + !! تقرير !!

fahd1980.ck زيزوومي جديد

كان زيزوومى متألق

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

LAZIZZ زيزوومي نشيط

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

مشاركة هذه الصفحة

تسجيل الدخول

!! الهاردسك الخارجي لا يظهر !! + !! تقرير !!

fahd1980.ck زيزوومي جديد

كان زيزوومى متألق

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

LAZIZZ زيزوومي نشيط

fahd1980.ck زيزوومي جديد

MAAX عضوشرف

fahd1980.ck زيزوومي جديد

مشاركة هذه الصفحة

عمليات بحث مفيدة