مشكلة في جهازي وكلي امل بان تساعدوني ..

ا

الامير الاحمر

زيزوومى فعال
إنضم
4 أبريل 2008
المشاركات
218
مستوى التفاعل
0
النقاط
280
غير متصل
الاخوة الكرام ..
السلام عليكم ورحمة الله وبركاته ..

جهازي بضل ينهق وصوته مزعج !!
واليوم صادفتني هذه المشكلة وما كان صوته سابقاً هيك ..
وغير هيك حاولت اليوم اضع الفلاش في مدخل الـ USB .. وما تعرف الجهاز على الفلاش
وجربت كل المداخل بالجهاز وعالفاضي ..

وهذا تقرير هايجاك ..

__________________________


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:07:37 ص, on 21/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINXP\system32\slserv.exe
C:\WINXP\system32\svchost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\WINXP\system32\Ati2evxx.exe
C:\WINXP\Explorer.EXE
C:\WINXP\RTHDCPL.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\WINXP\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Programs\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\2009\My Documents\Downloads\Programs\Zyzoom_HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programs\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINXP\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINXP\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINXP\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [TrojanScanner] D:\Programs\New Folder\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "D:\Programs\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Programs\Adobe Reader 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Programs\New Folder (2)\IEPro\iepro.dll (file missing)
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Programs\New Folder (2)\IEPro\iepro.dll (file missing)
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Programs\New Folder (2)\IEPro\iepro.dll (file missing)
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Programs\New Folder (2)\IEPro\iepro.dll (file missing)
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\winxp\system32\nwprovau.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINXP\system32\Ati2evxx.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINXP\SYSTEM32\slserv.exe
O24 - Desktop Component 0: (no name) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


--
End of file - 7389 bytes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
تأييد 0
ComboFix 09-03-19.02 - 2009 03/21/2009 1:01:20.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.446.191 [GMT 2:00]
Running from: c:\documents and settings\2009\My Documents\Downloads\Programs\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\winxp\system32\agsaame.dll
c:\winxp\system32\ALOAudioFile2.dll
c:\winxp\system32\ALOAVIFile.dll
c:\winxp\system32\ALOQuickTimeFile.dll
c:\winxp\system32\ALOVideoCoreM.dll
c:\winxp\system32\ALOWMAFile2.dll
c:\winxp\system32\kakle.dll
c:\winxp\system32\videocore.dll
c:\winxp\system32\videoformat.dll
c:\winxp\system32\winitn.dll

.
((((((((((((((((((((((((( Files Created from 2009-02-20 to 2009-03-20 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-20 23:01 --------- d-----w c:\documents and settings\2009\Application Data\DMCache
2009-03-20 21:45 --------- d-----w c:\program files\ma-config.com
2009-03-20 21:45 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-03-20 20:58 --------- d-----w c:\documents and settings\2009\Application Data\IDM
2009-03-19 18:46 --------- d-----w c:\program files\Nokia
2009-03-19 18:46 --------- d-----w c:\program files\Common Files\Nokia
2009-03-19 18:44 --------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-03-14 18:52 --------- d-----w c:\documents and settings\2009\Application Data\PC Suite
2009-03-13 21:55 --------- d-----w c:\program files\TeamViewer
2009-03-10 20:17 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-10 20:16 --------- d-----w c:\program files\PC Camera
2009-03-10 20:16 --------- d-----w c:\program files\Common Files\PCCamera
2009-03-10 20:16 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-05 22:12 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-05 22:11 --------- d-----w c:\program files\SUPERAntiSpyware
2009-03-05 22:11 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-05 22:11 --------- d-----w c:\documents and settings\2009\Application Data\SUPERAntiSpyware.com
2009-02-27 22:19 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft
2009-02-27 22:18 --------- d-----w c:\program files\EsetOnlineScanner
2009-02-27 22:04 --------- d-----w c:\documents and settings\2009\Application Data\Avira
2009-02-27 21:00 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-27 20:37 --------- d-----w c:\documents and settings\All Users\Application Data\Simply Super Software
2009-02-27 20:37 --------- d-----w c:\documents and settings\2009\Application Data\Simply Super Software
2009-02-27 15:48 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-02-26 16:09 --------- d-----w c:\program files\Avira
2009-02-26 16:09 --------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-02-12 23:58 --------- d-----w c:\documents and settings\2009\Application Data\TeamViewer
2009-02-12 16:13 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-12 10:30 --------- d-----w c:\documents and settings\2009\Application Data\Nokia
2009-02-09 10:19 1,846,272 ----a-w c:\winxp\system32\win32k.sys
2009-02-07 16:07 --------- d-----w c:\program files\Common Files\Adobe
2009-02-07 16:05 --------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-01-25 18:04 --------- d-----w c:\documents and settings\All Users\Application Data\Nokia
2009-01-25 18:03 --------- d-----w c:\program files\MSXML 6.0
2009-01-22 08:46 --------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-01-21 20:33 --------- d-----w c:\documents and settings\2009\Application Data\MiniDm
2009-01-21 19:25 0 ---ha-w c:\winxp\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-01-21 19:25 0 ---ha-w c:\winxp\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-01-21 19:21 --------- d-----w c:\program files\PC Connectivity Solution
2009-01-21 19:21 --------- d-----w c:\program files\Common Files\PCSuite
2009-01-21 15:51 --------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-01-21 14:10 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield
2009-01-21 09:52 --------- d-----w c:\documents and settings\All Users\Application Data\Adobe Systems
2009-01-20 14:18 --------- d-----w c:\documents and settings\All Users\Application Data\MSScanAppDataDir
2009-01-15 00:16 44,544 ----a-w c:\winxp\system32\msxml4a.dll
2009-01-03 13:50 344,064 ----a-w c:\winxp\system32\dkll.dll
2009-01-03 13:50 196,608 ----a-w c:\winxp\system32\maag.dll
2009-01-03 13:50 1,986,560 ----a-w c:\winxp\system32\akll.dll
2009-01-03 13:50 1,212,416 ----a-w c:\winxp\system32\ckll.dll
2009-01-03 13:38 155,995 ----a-w c:\winxp\java\Packages\U5BDBJ1Z.ZIP
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\winxp\system32\ctfmon.exe" [08/04/2004 02:56 AM 15360]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [07/16/2007 03:17 PM 4670704]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [12/05/2008 09:39 AM 1384880]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [08/04/2004 01:06 AM 1667584]
"PC Suite Tray"="d:\programs\Nokia\Nokia PC Suite 7\PCSuite.exe" [12/03/2008 12:47 PM 1205760]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [01/05/2009 11:20 PM 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\winxp\IME\imjp8_1\IMJPMIG.EXE" [08/04/2004 12:32 AM 208952]
"MSPY2002"="c:\winxp\system32\IME\PINTLGNT\ImScInst.exe" [08/04/2004 12:31 AM 59392]
"PHIME2002ASync"="c:\winxp\system32\IME\TINTLGNT\TINTSETP.EXE" [08/04/2004 12:32 AM 455168]
"PHIME2002A"="c:\winxp\system32\IME\TINTLGNT\TINTSETP.EXE" [08/04/2004 12:32 AM 455168]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [01/16/2009 08:43 PM 185896]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [06/12/2008 01:28 PM 266497]
"TrojanScanner"="d:\programs\New Folder\Trojan Remover\Trjscan.exe" [02/27/2009 10:53 PM 1211784]
"RTHDCPL"="RTHDCPL.EXE" [01/11/2006 11:23 AM 15961088 c:\winxp\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\winxp\system32\CTFMON.EXE" [08/04/2004 02:56 AM 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - d:\programs\Adobe Reader 7.0\Reader\reader_sl.exe [2005-09-23 29696]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [05/13/2008 09:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
12/22/2008 11:05 AM 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Programs\\Carbide_ui_Theme\\JRE\\bin\\javaw.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-22 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-22 55024]
R2 AntiVirMailService;Avira AntiVir Premium MailGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe [2009-02-26 164097]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avwebgrd.exe [2009-02-26 258305]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [2009-02-26 41217]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-22 7408]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\winxp\system32\drivers\nmwcdnsu.sys [2009-01-25 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\winxp\system32\drivers\nmwcdnsuc.sys [2009-01-25 8320]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - DRIVERHARDWAREV2
*NewlyCreated* - MACONFSERVICE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b52d4191-f8ed-11dd-945a-001320db669c}]
\Shell\AutoRun\command - G:\xdw.com
\Shell\open\Command - G:\xdw.com
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-DrvIcon - c:\program files\Vista Drive Icon\DrvIcon.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.windowsxlive.net
uInternet Connection Wizard,ShellNext = iexplore
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
IE: {{000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - d:\programs\New Folder (2)\IEPro\iepro.dll
LSP: avsda.dll
DPF: Microsoft XML Parser for Java - file://c:\winxp\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\2009\Application Data\Mozilla\Firefox\Profiles\x4l005w0.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-gb.
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - component: c:\documents and settings\2009\Application Data\Mozilla\Firefox\Profiles\x4l005w0.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}\components\mintray-9178506d-2005072516-trunk.dll
FF - component: c:\documents and settings\2009\Application Data\Mozilla\Firefox\Profiles\x4l005w0.default\extensions\mozilla_cc@internetdownloadmanager.com\components\idmmzcc.dll
FF - component: c:\documents and settings\2009\Application Data\Mozilla\Firefox\Profiles\x4l005w0.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: d:\programs\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM1.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM2.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM3.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM4.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM5.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM6.dll
FF - plugin: d:\programs\Adobe Reader 7.0\Reader\browser\nppdf32.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-03-21 01:03:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b2,cf,43,ed,c7,02,ff,57,b3,c8,e3,f2,01,a0,79,a8,a2,6b,c1,33,7a,
00,28,46,6c,df,64,6c,ef,29,0f,07,3a,dc,ba,69,7b,04,63,98,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{af4c2bf0-4b91-4621-aef4-88b553df7ee0}]
@Denied: (Full) (Everyone)
"Model"=dword:0000004e
"Therad"=dword:00000007
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(388)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\winxp\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(444)
c:\winxp\system32\avsda.dll
.
Completion time: 03/21/2009 1:04:26
ComboFix-quarantined-files.txt 2009-03-20 23:04:21

Pre-Run: 12,779,184,128 bytes free
Post-Run: 12,853,583,872 bytes free

195 --- E O F --- 2009-03-11 22:02:07
 
تأييد 0
وين الشباب ؟؟؟؟؟
 
تأييد 0
اخي تاكد من عمل مراوح التبريد
وانه نظيف من الغبار

موفق
 
تأييد 0
maax قال:
اخي تاكد من عمل مراوح التبريد
وانه نظيف من الغبار

موفق
أنقر للتوسيع...

نضفت المراوح وراح الصوت ..
بخصوص مداخل الـ usb ؟؟؟
شو الحل اخي ؟؟
 
تأييد 0
جرب الفلاش على جهاز ثاني
اذ اشتغلت اتوقع عندك مشكلة بالهاردوير بجهازك
 
تأييد 0
maax قال:
جرب الفلاش على جهاز ثاني
اذ اشتغلت اتوقع عندك مشكلة بالهاردوير بجهازك
أنقر للتوسيع...

الصوت رجع من تاني !!
شكلو حتى حمي الجهاز رجع الصوت ! :(

بخوص الـ usb .. ما اظن في مشكلة بالهاردوير لاني شابك السماعات على احد المداخل وشغالة السماعات ..
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى