تم حل المشكلة الجهاز يعاد تشغيله تلقائيا + اختفاء الصوت

أسير الشام · 22 يونيو 2011

السلام عليكم ورحمة الله وبركاته ...

آخواني الجهاز عندي فيه مشكلتين ..

الآولى :- يعاد تشغيل الجهاز تلقائياً ..

الثانية :- الصوت يختفي ومايرجع إلا لما تعيد تشغيل الجهاز ...

وهذا تقرير الهايجاك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:28 ص, on 22/06/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\vip1\Local Settings\Application Data\MediaGet2\mediaget.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\progra~1\mcafee\sitead~1\McSACore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\uTorrentBar\uTorrentBarToolbarHelper.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:6006
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\TrayServer.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaGet2] C:\Documents and Settings\vip1\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1301733400913
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\progra~1\mcafee\sitead~1\McSACore.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 11705 bytes

أسير الشام · 22 يونيو 2011

هذا تقرير سجل أخطاء النظام

====== سجل أخطاء النظام ======
Computer Name: VIP
Event Code: 6004
Message: A driver packet received from the I/O subsystem was invalid. The data is the
packet.
Record Number: 3321
Source Name: EventLog
Time Written: 20110523090319.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 6004
Message: A driver packet received from the I/O subsystem was invalid. The data is the
packet.
Record Number: 3320
Source Name: EventLog
Time Written: 20110523090330.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 6004
Message: A driver packet received from the I/O subsystem was invalid. The data is the
packet.
Record Number: 3319
Source Name: EventLog
Time Written: 20110523090335.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 6004
Message: A driver packet received from the I/O subsystem was invalid. The data is the
packet.
Record Number: 3318
Source Name: EventLog
Time Written: 20110523090336.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 4321
Message: The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.33.
The machine with the IP address 192.168.1.6 did not allow the name to be claimed by
this machine.
Record Number: 3317
Source Name: NetBT
Time Written: 20110523081054.000000+180
Event Type: error
User:

===== سجل أخطاء البرامج =====
Computer Name: VIP
Event Code: 1517
Message: ‏‏قام Windows بحفظ تسجيل المستخدم VIP\vip1 بينما لا يزال تطبيق ما أو خدمة ما يستخدمان التسجيل وذلك أثناء تسجيل الخروج. لم يتم تحرير مساحة الذاكرة المستخدمة من قبل تسجيل المستخدم. سيتم إلغاء تحميل التسجيل عندما لا يكون مستخدماً.

هذا غالباً ينتج عن الخدمات التي تعمل كحساب مستخدم, حاول تكوين الخدمات لتعمل في الحساب المحلي للنظام.
Record Number: 2329
Source Name: Userenv
Time Written: 20110530112434.000000+180
Event Type: warning
User: NT AUTHORITY\SYSTEM
Computer Name: VIP
Event Code: 1000
Message: Faulting application winword.exe, version 14.0.4762.1000, stamp 4bae25b7, faulting module kernel32.dll, version 5.1.2600.5512, stamp 4802a12c, debug? 0, fault address 0x00012aeb.
Record Number: 2320
Source Name: Microsoft Office 14
Time Written: 20110530105604.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 1002
Message: ‏‏التطبيق المتوقف WINWORD.EXE, الإصدار 14.0.4762.1000, توقف الوحدة النمطية hungapp, الإصدار 0.0.0.0, العنوان المتوقف 0x00000000.
Record Number: 2296
Source Name: Application Hang
Time Written: 20110530103707.000000+180
Event Type: error
User:
Computer Name: VIP
Event Code: 902
Message: The Software Protection service has started.
14.0.370.400
Record Number: 2288
Source Name: Office Software Protection Platform Service
Time Written: 20110530102628.000000+180
Event Type:
User:
Computer Name: VIP
Event Code: 902
Message: The Software Protection service has started.
14.0.370.400
Record Number: 2272
Source Name: Office Software Protection Platform Service
Time Written: 20110530090731.000000+180
Event Type:
User:

===== تقرير انهيار البرامج =====

===== تقرير الشاشة الزرقاء =====
==================================================
Dump File : Mini061111-01.dmp
Crash Time : 10/07/1432 01:32:35 م
Bug Check String : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000007e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805bb452
Parameter 3 : 0xba513c74
Parameter 4 : 0xba513970
Caused By Driver : hal.dll
Caused By Address : hal.dll+2a4c
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini061411-01.dmp
Crash Time : 13/07/1432 11:11:03 ص
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x9870503c
Parameter 2 : 0x00000001
Parameter 3 : 0xb9e557e6
Parameter 4 : 0x00000000
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+207e6
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini061411-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062111-01.dmp
Crash Time : 20/07/1432 11:55:37 ص
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000004
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x80502cbe
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+1783
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2105)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062111-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062111-02.dmp
Crash Time : 20/07/1432 11:59:27 ص
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000004
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x80535962
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+21fc9
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062111-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062111-03.dmp
Crash Time : 20/07/1432 12:18:43 م
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x00000000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000000
Parameter 4 : 0x80502cb7
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+48f70
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062111-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062211-01.dmp
Crash Time : 21/07/1432 08:41:19 ص
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000000
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xa88cb30e
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+1b30e
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-0852)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062211-02.dmp
Crash Time : 21/07/1432 10:01:38 ص
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x98a993ae
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x804e4222
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+20a2c
File Description : NT File System Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062211-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================
==================================================
Dump File : Mini062211-03.dmp
Crash Time : 21/07/1432 10:30:43 ص
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xf000a24b
Parameter 2 : 0x00000008
Parameter 3 : 0xf000a24b
Parameter 4 : 0x00000002
Caused By Driver : aswSnx.SYS
Caused By Address : aswSnx.SYS+376c1
File Description : avast! Virtualization Driver
Product Name : avast! Antivirus System
Company : AVAST Software
File Version : 6.0.1125.0
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini062211-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90,112
==================================================

KoNaMi · 22 يونيو 2011

حياك اخوي

في البدايه احذف جميع تعريفات الشبكه .. وعرفهم من جديد

بعدين اعمل الاتي

مالوووير بااايت

أسير الشام · 22 يونيو 2011

konami قال:
حياك اخوي

في البدايه احذف جميع تعريفات الشبكه .. وعرفهم من جديد

بعدين اعمل الاتي

مالوووير بااايت

كيف أحذف تعريفات الشبكه ..؟

MAAX · 22 يونيو 2011

اعمل المالوير مؤقتا الان
واعمل تقرير قائمة البرامج المثبتة ايضا

أسير الشام · 26 يونيو 2011

هذا المالوير عملته..

************' Anti-Malware 1.50.1.1100
www.************.org
Database version: 5742
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
26/06/2011 08:46:46 ص
mbam-log-2011-06-26 (08-46-46).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 223235
Time elapsed: 51 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 11
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\vip1\Desktop\منوع\مولد سيريالات اوفيس 2007\microsoft office 2007 - keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b087f17e-75ee-49f1-9c99-9f79c38122a2}\RP52\A0007168.exe (Malware.Tool) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b087f17e-75ee-49f1-9c99-9f79c38122a2}\RP68\A0012204.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b087f17e-75ee-49f1-9c99-9f79c38122a2}\rp74\a0021132.exe (Adware.ADON) -> Quarantined and deleted successfully.
c:\WINDOWS\mui\FALLBACK\0401\calc.exe.mui (Trojan.FakeAlert) -> Quarantined and deleted successfully.
d:\system volume information\_restore{b087f17e-75ee-49f1-9c99-9f79c38122a2}\RP52\A0007169.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\system volume information\_restore{b087f17e-75ee-49f1-9c99-9f79c38122a2}\RP52\A0007170.exe (Worm.VB) -> Quarantined and deleted successfully.
d:\برامج\انتاج فيديو\magix_video_premium\magix_video_premium\magix video deluxe 17 premium hd sonderedition 10.0.11.0\Crack\magix keygen\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
d:\برامج محموله\kilma.net-internet_download_manager_5.19_build_5_final\kilma.net-internet download manager 5.19 build 5 final\Patch\patch .xx 2.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\برامج محموله\kilma.net-internet_download_manager_5.19_build_5_final\kilma.net-internet download manager 5.19 build 5 final\Patch\patch 6.xx.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
d:\برامج محموله\هل تريد تحويل فيديوهاتك الى فيديوهات فائقة الجودة hd مع total video converter 3.50\total_video_converter_3.50_portable\total_video_converter_3.50_portable\Stubs\6b481d36a72714a437c76439bc4166e222b893\regsvr32.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.

أسير الشام · 26 يونيو 2011

تقرير قائمة البرامج المثبتة

====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3

====== قائمة البرامج المثبتة ======
1st Screen Recorder 2.6
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS
Adobe Reader 9
Adobe® Flash® Player 10 Plugin
ALO RM to MP3 Converter 7.0
Ask Toolbar
Ask.com Search Assistant 1.0.2
avast! Internet Security
BufferChm
Conduit Engine
CyberLink PowerDVD 8
CyberLink PowerDVD 8
Destination Component
DeviceManagementQFolder
DocProc
DocProcQFolder
eSupportQFolder
Express English
Firebird SQL Server - MAGIX Edition
Free Hide IP
Golden Al-Wafi Translator
GOM Player
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB954550-v5)
HP Commercial Scanjet 5590 TWAIN Driver
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart Essential
HP Scanjet 5590 9.0
HP Solution Center 9.0
HP Update
hpg5590
hpg5590QFolder
HPProductAssistant
HPScanjet5590Corporate11
ImageShack Uploader 2.2.0
Intel(R) Graphics Media *********** Driver
Intel(R) Management Engine Interface
Intel(R) Network Connections Drivers
Intel® Active Management Technology
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 24
JonDo
Junk Mail filter update
K-Lite Codec Pack 4.7.0 (Full)
MAGIX Screenshare
MAGIX Speed burnR (MSI)
MAGIX Video deluxe 17 Premium Sonderedition Download-Version
MAGIX Video deluxe 17 Premium Sonderedition Download-Version
McAfee SiteAdvisor
Messenger Plus! 5
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Access MUI (Arabic) 2010
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Excel MUI (Arabic) 2010
Microsoft Office Groove MUI (Arabic) 2010
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2010
Microsoft Office Language Pack 2007 - Arabic العربية
Microsoft Office O MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2010
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2010
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Arabic) 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing (Arabic) 2010
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Publisher MUI (Arabic) 2010
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office SharePoint Designer MUI (Arabic) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Office Word MUI (Arabic) 2010
Microsoft Office X MUI (Arabic) 2007
Microsoft Software Update for Web Folders (Arabic) 12
Microsoft Software Update for Web Folders (Arabic) 14
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSXML 6.0 Parser
MUI Help Package - ARA
Nero 7 Lite 7.7.5.1
Nero Micro 9.2.6.0 Build.2.2
PanoStandAlone
ParetoLogic DriverCure
Platinum Hide IP
PowerDVD DX
Presto! PageManager 7.16
RealPlayer
Scan
ScannerCopy
Segoe UI
SolutionCenter
SoundMAX
SurfingTunnel 1.5
The KMPlayer (remove only)
Trojan Killer 2.0
Unlocker 1.8.7
USB Disk Security
uTorrentBar Toolbar
VLC media player 1.1.9
WebFldrs XP
WebReg
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Upload Tool
WinRAR archiver
بريد Windows Live
مساعد تسجيل الدخول إلى Windows Live

مـوآدع · 26 يونيو 2011

المالو بيت فيه اصابات تم تنظيفها

بالنسبه للبرامج المثبته أحذفي التالي

Ask Toolbar

Ask.com Search Assistant 1.0.2

Free Hide IP
Platinum Hide IP

Trojan Killer 2.0

uTorrentBar Toolbar

مـوآدع · 26 يونيو 2011

بالنسبه للهايجك

أحذفي التالي

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

تنظيف قيم الهايجاك

أسير الشام · 27 يونيو 2011

آخوي مـوآدع
تم تنفيذ كل ماطلبت مني ...
وشكراً على المساعده

مـوآدع · 27 يونيو 2011

طيب اخوي

الأن كيف وضع الجهاز

أسير الشام · 28 يونيو 2011

مـوآدع قال:
طيب اخوي

الأن كيف وضع الجهاز

آلحين الحمدلله الجهاز .. مايطفي
لاكن
الصوت يختفي زي ما هوووو

YHYA -KSA · 28 يونيو 2011

هلا اختي شوفي
روحي ابدا تشغيل

اكتبي dxdiag

وهاتي صورة

أسير الشام · 3 يوليو 2011

تفضل آخوي هذي الصوره

YHYA -KSA · 3 يوليو 2011

روحي كافه البرامج واحذفي

SoundMAX

وهاتي تقرير هاياك جديد اختي ~ٍ

أسير الشام · 5 يوليو 2011

YHYA -KSA قال:
روحي كافه البرامج واحذفي

SoundMAX

وهاتي تقرير هاياك جديد اختي ~ٍ

اوكي اخوووي

أسير الشام · 5 يوليو 2011

هذا تقرير الهايجك بعد حذف sound max

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:33:21 ص, on 05/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\vip1\Local Settings\Application Data\MediaGet2\mediaget.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\progra~1\mcafee\sitead~1\McSACore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\TrayServer.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MediaGet2] C:\Documents and Settings\vip1\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1301733400913
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\progra~1\mcafee\sitead~1\McSACore.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 11311 bytes

أسير الشام · 5 يوليو 2011

آخوي آلحين الصوت راح بالكامل ... مايشتغل الصوت عندي

YHYA -KSA · 5 يوليو 2011

تعريف الصوت اخرشيئ نركبه بعد تحليل التقارير

اخذفي القيم وسكري كل شيئ لا تخلي شيئ مفتوح ثما احذفي

O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\s wg.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup

O4 - HKCU\..\Run: [MediaGet2] C:\Documents and Settings\vip1\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized

طريقة الحذف لمستخدمي الفيستا و 7

ثم ضع اشارة الصح على كل القيم المطلوب منك حذفها حسب الشرح التالي

ثما اعملي رن سكنر

أسير الشام · 6 يوليو 2011

أخوي هذا تقرير الهايجاك بعد حذف القيم

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:24 ص, on 06/07/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\progra~1\mcafee\sitead~1\McSACore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_17_Premium_Sonderedition_Download-Version\TrayServer.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1301733400913
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\progra~1\mcafee\sitead~1\McSACore.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 9831 bytes

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومى فعال

زيزوومى فعال

زيزوومى فضى

توقيع : KoNaMi

زيزوومى فعال

عضوشرف

زيزوومى فعال

زيزوومى فعال

عضو شرف

توقيع : مـوآدع

عضو شرف

توقيع : مـوآدع

زيزوومى فعال

عضو شرف

توقيع : مـوآدع

زيزوومى فعال

زيزوومى فضى

توقيع : YHYA -KSA

زيزوومى فعال

زيزوومى فضى

توقيع : YHYA -KSA

زيزوومى فعال

زيزوومى فعال

زيزوومى فعال

زيزوومى فضى

توقيع : YHYA -KSA

زيزوومى فعال

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم