مشكلة في فتح أقراص c و d

د

دنيـا كئيبة

زيزوومي نشيط
إنضم
9 مايو 2008
المشاركات
189
مستوى التفاعل
0
النقاط
230
غير متصل
السلام عليكم
أخواني عندي مشكلة في فتح قرص الـ C وا لـ D
وكل قرص جارجي أتم أضافته للـجهاز ..
وهذي الصفحة تظهر لي وقت ما أبي أفتح أي قرص ..

zyzoom-da1fe407a2.png


ويش الحل ؟؟
 

توقيع : دنيـا كئيبة
ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام



اعمل تقرير للهايجاك
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات .. ويظهر لك تقرير اعمل تحديد الكل ==> انسخه والصقه بردك القادم​
 
توقيع : AbOdy
تأييد 0
تفضل أخوي هذا هو التقرير
.
.
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:53 ص, on 31/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\camel\apache\apache.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\camel\apache\apache.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\camel\camelserver.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\AC\Desktop\HiJackThis.exe
C:\Documents and Settings\AC\AC.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AC] C:\Documents and Settings\AC\AC.exe /i
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: خادم الجمل.lnk = C:\camel\camelserver.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CamelApache - Unknown owner - C:\camel\apache\apache.exe
O23 - Service: CamelMysql - Unknown owner - C:\camel\mysql\bin\mysqld-nt.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 7582 bytes
.
.
.
وهذي صورة تطلع لي من الفاحص إلي عندي
zyzoom-536d96ca9f.png

.
.
.
بالتوفيق
 
توقيع : دنيـا كئيبة
تأييد 0
عطل برامج الحماية وشغل الأداة​


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي



عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes



اثناء الفحص ممكن يعاد تشغيل الجهاز



وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى

وارفق لي هذا التقرير وتقرير هايجاك جديد
 
توقيع : AbOdy
تأييد 0
أخي الكريم بعد تطبيق ما ذكره الأخ AbOdy

حمل هذي الأداة
وشغلها لحظة وإن شاء الله تنحل المشكلة :q:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


أنتظر ردك بعد التطبيق
=================
اخوك
الأشــ عماد اللحام ــهب

:king:​
 
توقيع : الأشـهب
تأييد 0
حمل هذه الآداة وأضغط عليها
وأتبع التعليمات الموجودة بها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بعدها أفتح إى بارتيشن سيفتح عادى
 
توقيع : gaberbkr
تأييد 0
تفضل أخي هذي التقارير إلي ظهرت لي بعد ما طبقت إلي قلت لي عليه
.
.
.
الهايجك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:49 ص, on 31/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\camel\apache\apache.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\camel\apache\apache.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
C:\camel\camelserver.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\AC\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: خادم الجمل.lnk = C:\camel\camelserver.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Snagit 9.lnk = C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CamelApache - Unknown owner - C:\camel\apache\apache.exe
O23 - Service: CamelMysql - Unknown owner - C:\camel\mysql\bin\mysqld-nt.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 7337 bytes

.
.
تقرير الأداه الفحص

ComboFix 09-03-30.02 - AC 03/31/2009 10:35:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.1980.1513 [GMT 3:00]
Running from: c:\documents and settings\AC\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090330-0] *On-access scanning disabled* (Updated)
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Autorun.inf
c:\documents and settings\AC\AC.exe
c:\documents and settings\AC\Application Data\BITS
c:\documents and settings\AC\Application Data\BITS\BITS.ini
c:\documents and settings\AC\Application Data\BITS\DHTTable.dat
c:\documents and settings\AC\Application Data\BITS\ProxyList.ini
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074058.torrent
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074058.torrent.~tmp
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074058.torrent.bits
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074058.torrent.filelist
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074140.torrent
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074140.torrent.~tmp
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074140.torrent.bits
c:\documents and settings\AC\Application Data\BITS\Torrent\20090326074140.torrent.filelist
c:\documents and settings\AC\Application Data\BITS\UPnP.ini
c:\documents and settings\AC\Application Data\inst.exe
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\windows\system32\agsaame.dll
c:\windows\system32\ALOAudioFile2.dll
c:\windows\system32\ALOAVIFile.dll
c:\windows\system32\ALOQuickTimeFile.dll
c:\windows\system32\ALOVideoCoreM.dll
c:\windows\system32\ALOWMAFile2.dll
c:\windows\system32\crypts.dll
c:\windows\system32\kakle.dll
c:\windows\system32\nmdfgds1.dll
c:\windows\system32\videocore.dll
c:\windows\system32\videoformat.dll
c:\windows\system32\winitn.dll
c:\windows\system32\wpv951235998315.cpx
D:\Autorun.inf
F:\Autorun.inf
F:\u.com
.
((((((((((((((((((((((((( Files Created from 2009-02-28 to 2009-03-31 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-31 07:36 --------- d-----w c:\documents and settings\AC\Application Data\DMCache
2009-03-31 07:25 --------- d-----w c:\program files\Internet Download Manager
2009-03-30 22:21 --------- d-----w c:\program files\Alwil Software
2009-03-30 19:33 --------- d-----w c:\program files\Google
2009-03-30 19:32 --------- d-----w c:\documents and settings\AC\Application Data\uTorrent
2009-03-30 18:58 --------- d-----w c:\documents and settings\AC\Application Data\IDM
2009-03-30 18:16 --------- d-----w c:\program files\MSN Messenger
2009-03-30 18:15 --------- d-----w c:\program files\Windows Live SkyDrive
2009-03-30 18:15 --------- d-----w c:\program files\Windows Live
2009-03-30 18:15 --------- d-----w c:\program files\Microsoft
2009-03-30 18:13 --------- d-----w c:\program files\Common Files\Windows Live
2009-03-30 12:46 --------- d-----w c:\documents and settings\All Users\Application Data\SWiSHMax2WorkFolder
2009-03-30 12:42 --------- d-----w c:\program files\Macromedia
2009-03-30 12:42 --------- d-----w c:\program files\Common Files\Macromedia
2009-03-30 12:41 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-29 16:22 --------- d-----w c:\documents and settings\All Users\Application Data\WEBREG
2009-03-29 16:22 --------- d-----w c:\documents and settings\AC\Application Data\HP
2009-03-29 16:21 --------- d-----w c:\program files\HP
2009-03-29 16:21 --------- d-----w c:\program files\Common Files\HP
2009-03-29 16:20 --------- d-----w c:\program files\Hewlett-Packard
2009-03-29 16:20 --------- d-----w c:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-03-29 16:20 --------- d-----w c:\documents and settings\All Users\Application Data\HP
2009-03-29 16:19 --------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-03-29 16:17 --------- d-----w c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-03-29 15:45 --------- d-----w c:\program files\SWiSH Max2
2009-03-29 15:44 --------- d-----w c:\program files\Common Files\SWiSHzone.com
2009-03-27 08:58 --------- d-----w c:\documents and settings\AC\Application Data\Vso
2009-03-26 14:00 --------- d-----w c:\documents and settings\AC\Application Data\CyberLink
2009-03-24 14:45 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-03-24 14:45 47,360 ----a-w c:\documents and settings\AC\Application Data\pcouffin.sys
2009-03-24 14:45 --------- d-----w c:\program files\VSO
2009-03-23 19:05 --------- d-----w c:\program files\SCP
2009-03-23 17:24 --------- d-----w c:\program files\Common Files\Adobe
2009-03-23 17:22 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-23 13:29 --------- d-----w c:\program files\Windows Media Connect 2
2009-03-23 12:58 --------- d-----w c:\documents and settings\AC\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-03-23 09:12 --------- d-----w c:\program files\FlashFXP
2009-03-23 09:12 --------- d-----w c:\documents and settings\AC\Application Data\FlashFXP
2009-03-23 08:33 --------- d-----w c:\program files\Ozone
2009-03-23 08:31 --------- d-----w c:\program files\PHP Expert Editor 4.3
2009-03-23 08:26 --------- d-----w c:\program files\TechSmith
2009-03-23 08:26 --------- d-----w c:\documents and settings\All Users\Application Data\TechSmith
2009-03-23 08:25 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-23 08:22 --------- d-----w c:\program files\uTorrent
2009-03-23 08:15 --------- d-----w c:\documents and settings\AC\Application Data\Media Player Classic
2009-03-23 08:13 --------- d-----w c:\program files\K-Lite Codec Pack
2009-03-23 08:12 --------- d-----w c:\program files\Common Files\Real
2009-03-23 08:09 --------- d-----w c:\program files\CCleaner
2009-03-18 13:50 --------- d-----w c:\program files\Nero
2009-03-18 13:50 --------- d-----w c:\program files\Common Files\Ahead
2009-03-18 13:48 --------- d-----w c:\program files\QuickTime
2009-03-18 13:48 --------- d-----w c:\program files\iTunes
2009-03-18 13:48 --------- d-----w c:\program files\iPod
2009-03-18 13:48 --------- d-----w c:\program files\Bonjour
2009-03-18 13:48 --------- d-----w c:\program files\Apple Software Update
2009-03-18 13:48 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-18 13:48 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-18 13:48 --------- d-----w c:\documents and settings\AC\Application Data\Apple Computer
2009-03-18 13:47 --------- d-----w c:\program files\Common Files\Apple
2009-03-18 13:47 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-03-18 13:46 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-18 08:31 155,995 ----a-w c:\windows\java\Packages\GAVHRNFV.ZIP
2009-03-18 08:31 --------- d-----w c:\program files\Real
2009-03-18 08:30 348,160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-18 08:30 --------- d-----w c:\program files\CyberLink
2009-03-18 08:30 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-03-18 08:28 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-03-18 08:20 --------- d-----w c:\program files\Microsoft Works
2009-03-18 08:20 --------- d-----w c:\program files\Microsoft ActiveSync
2009-03-18 08:20 --------- d-----w c:\program files\Common Files\L&H
2009-03-18 08:18 --------- d-----w c:\program files\Microsoft.NET
2009-03-18 08:15 --------- d-----w c:\program files\Intel
2009-03-18 08:15 --------- d-----w c:\program files\Common Files\postureAgent
2009-03-18 08:15 --------- d-----w c:\program files\Common Files\Intel
2009-03-18 08:14 --------- d-----w c:\program files\DIFX
2009-03-18 08:14 --------- d-----w c:\program files\Dell
2009-03-18 08:12 --------- d-----w c:\documents and settings\AC\Application Data\InstallShield
2009-03-18 08:05 --------- d-----w c:\program files\Analog Devices
2009-03-18 07:52 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 18:56 67,584 ----a-w c:\windows\system32\ff_vfw.dll
2009-02-06 15:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-07 18:08 795,648 ----a-w c:\windows\system32\xvidcore.dll
2008-12-07 18:08 130,048 ----a-w c:\windows\system32\xvidvfw.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [12/16/2005 01:57 PM 94208]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [01/17/2008 12:40 PM 816368]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [02/06/2009 06:53 PM 3885408]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [11/25/2008 09:19 AM 935856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [08/29/2008 03:34 PM 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [08/29/2008 03:34 PM 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [08/29/2008 03:34 PM 150040]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [07/24/2008 03:27 PM 1044480]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" [07/23/2008 09:56 AM 773144]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [07/09/2001 11:50 AM 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [12/10/2006 09:52 PM 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [02/06/2009 12:08 AM 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
c:\documents and settings\AC\Start Menu\Programs\Startup\
¦ں§ê ںé¤êé.lnk - c:\camel\camelserver.exe [2003-10-17 1189888]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-03-23 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 210520]
Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2008-11-06 7217480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 06/12/2008 02:38 AM 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 10/01/2008 06:57 PM 289576 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 12/05/2006 10:55 PM 54832 c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 09/06/2008 03:09 PM 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 11/23/2006 03:10 PM 56928 c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\userinit.exe"=
"c:\\WINDOWS\\system32\\hkcmd.exe"=
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [2009-03-18 24064]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-31 20560]
R2 CamelApache;CamelApache;c:\camel\Apache\Apache.exe [2004-10-28 20545]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-03-18 2054680]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2009-03-18 144480]
S2 acpi32;acpi32;\??\c:\windows\system32\drivers\acpi32.sys --> c:\windows\system32\drivers\acpi32.sys [?]
S2 amd64si;amd64si;\??\c:\windows\system32\drivers\amd64si.sys --> c:\windows\system32\drivers\amd64si.sys [?]
S2 ksi32sk;ksi32sk;\??\c:\windows\system32\drivers\ksi32sk.sys --> c:\windows\system32\drivers\ksi32sk.sys [?]
S2 netsik;netsik;c:\windows\system32\drivers\netsik.sys [2009-03-18 30464]
S2 nicsk32;nicsk32;\??\c:\windows\system32\drivers\nicsk32.sys --> c:\windows\system32\drivers\nicsk32.sys [?]
S2 securentm;securentm;\??\c:\windows\system32\drivers\securentm.sys --> c:\windows\system32\drivers\securentm.sys [?]
S2 systemntmi;systemntmi;\??\c:\windows\system32\drivers\systemntmi.sys --> c:\windows\system32\drivers\systemntmi.sys [?]
S2 ws2_32sik;ws2_32sik;\??\c:\windows\system32\drivers\ws2_32sik.sys --> c:\windows\system32\drivers\ws2_32sik.sys [?]
S3 CamelMysql;CamelMysql;c:\camel\mysql\bin\mysqld-nt.exe --defaults-file="c:\camel\mysql\ini\my.ini" CamelMysql --> c:\camel\mysql\bin\mysqld-nt.exe --defaults-file=c:\camel\mysql\ini\my.ini [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08179e5b-1aac-11de-be40-0023ae665e9f}]
\Shell\AutoRun\command - H:\0bcobed.exe
\Shell\open\Command - H:\0bcobed.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63d1ae10-1785-11de-be2d-9dba0a4e787c}]
\Shell\AutoRun\command - G:\u.com
\Shell\open\Command - G:\u.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63d1ae7d-1785-11de-be2d-9dba0a4e787c}]
\Shell\AutoRun\command - G:\u.com
\Shell\open\Command - G:\u.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88d58916-13af-11de-be2a-0023ae665e9f}]
\Shell\AutoRun\command - F:\u.com
\Shell\open\Command - F:\u.com
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d956d69d-1a0d-11de-be3e-0023ae665e9f}]
\Shell\AutoRun\command - H:\u.com
\Shell\open\Command - H:\u.com
.
Contents of the 'Scheduled Tasks' folder
2009-03-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [07/30/2008 12:34 PM]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe
HKCU-Run-AC - c:\documents and settings\AC\AC.exe
MSConfigStartUp-FlashGet - c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe
MSConfigStartUp-MsnMsgr - c:\program files\MSN Messenger\MsnMsgr.Exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
DPF: Microsoft XML Parser for Java -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

FF - ProfilePath - c:\documents and settings\AC\Application Data\Mozilla\Firefox\Profiles\eepj3ln1.default\
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-03-31 10:36:33
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 03/31/2009 10:37:12
ComboFix-quarantined-files.txt 2009-03-31 07:37:10
Pre-Run: 116,904,476,672 bytes free
Post-Run: 116,902,744,064 bytes free
268

.
.
.
أخي الأشهب جاري التطبيق بس الفاحص أخليه متوقف ولا مشتغل عادي ؟؟
موفق
 
توقيع : دنيـا كئيبة
تأييد 0
عيدي تشغيل الجهاز

وشوفي هل المشكلة لازالت موجود ؟.
 
توقيع : AbOdy
تأييد 0
أنحلت المشكلة أخوي ..
تسلموا أخواني على المساعدة الطيبة هذي ..
والله يوفقكم جميع على كل ما قدمتوهـ لي ..
بالتوفيق جميع
.
.
 
توقيع : دنيـا كئيبة
تأييد 0
لا شكر على واجب

بالتوفيق يارب
 
توقيع : AbOdy
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى