مشكلة مع الشاشة الزرقاء و تهنق الجهاز ..

ش

شموع الأمل

زيزوومي جديد
إنضم
11 نوفمبر 2008
المشاركات
6
مستوى التفاعل
0
النقاط
0
غير متصل
السلام عليكم

كيفكم اعزائي

مشكلتي مع الشاشة الزرقاء اهورها بسرعه و بعدها يعيد التشغيل ( خاصه لما أشبك الفلاش مموري او الهارديسك الخارجي ) وبعض الحيان فجأه .

و تهنق الجهاز .. ثواني ( كل فتره )


علماً ان جهازي جديد ( 4 شهور ) هذا موصفات جهازي ..
i14678_.JPG
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام


HijackThis1.gif

حمل هذا الآداة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
أتمنى منك الصبر حتى يتم تحليل التقرير
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
شكراً لك عزيزي ..


تفضل هذا المطلوب ..

---
Logfile of HijackThis v1.99.1
Scan saved at 03:23:11 ص, on 31/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\AppServ\Apache\Apache.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\AppServ\Apache\Apache.exe
C:\AppServ\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\REGIST~2\rbcs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\user\سطح المكتب\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m–|ë
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CheckRegDefragService] "C:\PROGRA~1\REGIST~2\rbcs.exe" -autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Orbit.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: إضافة إلى حاجب إعلان الشعار - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: إحصائيات حماية حركة زيارة الويب - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe​
 
تأييد 0
عطل برامج الحماية وشغل الأداة


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes

اثناء الفحص ممكن يعاد تشغيل الجهاز

وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
ربي يعطيك العافيه أخوي ويرحم والديك ..


وهذا التقرير ..

ComboFix 09-05-30.04 - user 05/31/2009 17:51.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.3326.2703 [GMT 3:00]
Running from: c:\documents and settings\user\سطح المكتب\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090530-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-31 )))))))))))))))))))))))))))))))
.
2009-05-30 21:00 . 2009-05-30 21:00 -------- d-----w- c:\program files\Trend Micro
2009-05-30 20:54 . 2009-05-30 20:54 -------- d-----w- c:\program files\CPUID
2009-05-30 20:54 . 2009-03-26 22:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2009-05-28 09:18 . 2009-05-28 09:18 -------- d-----w- c:\program files\uTorrent
2009-05-28 09:18 . 2009-05-31 14:53 -------- d-----w- c:\documents and settings\user\Application Data\uTorrent
2009-05-28 08:48 . 2009-05-28 08:48 -------- d-----w- c:\program files\7-Zip
2009-05-27 14:44 . 2009-05-27 15:22 -------- d-----w- C:\WinSetupFromUSB
2009-05-27 01:43 . 2009-05-27 01:43 -------- d-----w- c:\program files\Registry Compressor
2009-05-27 01:35 . 2009-05-27 16:27 -------- d-----w- c:\program files\Registry Fast
2009-05-26 16:14 . 2009-05-26 22:59 -------- d-----w- C:\Downloads
2009-05-26 16:14 . 2009-05-31 14:53 -------- d-----w- c:\documents and settings\user\Application Data\Orbit
2009-05-26 16:14 . 2009-05-26 16:14 -------- d-----w- c:\program files\Orbitdownloader
2009-05-26 15:53 . 2009-05-26 15:53 -------- d-----w- C:\usb_prep8
2009-05-26 15:53 . 2009-05-26 15:53 -------- d-----w- C:\PeToUSB_3.0.0.7
2009-05-26 15:53 . 2009-05-26 15:53 -------- d-----w- C:\bootsect
2009-05-26 15:33 . 2009-05-26 15:53 -------- d-----w- C:\zyzoom_usb_xp
2009-05-20 01:13 . 2006-10-05 02:42 2560 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-05-20 01:13 . 2006-10-05 02:42 2432 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-05-20 01:12 . 2009-05-20 01:13 -------- d-----w- c:\program files\Picasa2
2009-05-16 15:16 . 2003-04-29 18:07 306688 ----a-w- c:\windows\IsUninst.exe
2009-05-04 14:52 . 2009-05-20 01:13 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Google
2009-05-04 14:08 . 2009-05-06 16:31 -------- d-----w- c:\program files\Google
2009-05-04 13:57 . 2009-05-06 15:25 -------- d-----w- c:\program files\Shareaza Applications
2009-05-02 01:46 . 2009-05-02 01:46 -------- d-----w- c:\windows\system32\LogFiles
2009-05-01 22:46 . 2009-02-05 21:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-05-01 22:46 . 2009-02-05 21:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-05-01 22:46 . 2009-02-05 21:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-05-01 22:46 . 2009-02-05 21:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-05-01 22:46 . 2009-02-05 21:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-05-01 22:46 . 2009-02-05 21:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-05-01 22:46 . 2009-02-05 21:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-05-01 22:46 . 2009-02-05 21:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-05-01 22:45 . 2009-02-05 21:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-05-01 22:45 . 2009-05-01 22:45 -------- d-----w- c:\program files\Alwil Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-31 14:55 . 2009-03-28 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-05-31 14:54 . 2009-03-30 18:06 16608 ----a-w- c:\windows\gdrv.sys
2009-05-31 14:53 . 2009-03-28 17:09 9468 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-05-31 14:53 . 2009-03-28 17:09 9056800 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-31 14:53 . 2009-03-28 17:09 78124 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-31 14:53 . 2009-03-28 17:09 614432 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-30 22:20 . 2009-04-27 17:07 -------- d-----w- c:\program files\TeamViewer
2009-05-30 20:37 . 2001-09-19 12:00 40360 ----a-w- c:\windows\system32\perfc001.dat
2009-05-30 20:37 . 2001-09-19 12:00 252140 ----a-w- c:\windows\system32\perfh001.dat
2009-05-30 14:23 . 2009-04-21 20:28 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-27 16:11 . 2009-04-15 11:46 -------- d-----w- c:\documents and settings\user\Application Data\U3
2009-05-23 19:05 . 2009-03-28 17:09 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-23 19:05 . 2009-03-28 17:09 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-20 00:58 . 2009-04-07 18:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-16 15:16 . 2009-03-30 18:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-29 19:13 . 2009-04-29 19:11 -------- d-----w- c:\program files\Image-Line
2009-04-29 19:12 . 2009-04-29 19:12 -------- d-----w- c:\program files\VstPlugins
2009-04-29 19:12 . 2009-04-29 19:12 -------- d-----w- c:\program files\Outsim
2009-04-27 17:47 . 2009-04-27 17:47 -------- d-----w- c:\documents and settings\LocalService\Application Data\TeamViewer
2009-04-27 17:19 . 2009-04-27 17:07 -------- d-----w- c:\documents and settings\user\Application Data\TeamViewer
2009-04-27 16:43 . 2009-04-27 16:43 -------- d-----w- c:\documents and settings\user\Application Data\Ashampoo
2009-04-27 16:36 . 2009-04-27 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2009-04-26 15:23 . 2009-04-26 15:23 -------- d-----w- c:\program files\CCleaner
2009-04-25 19:42 . 2009-04-25 19:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-25 18:56 . 2009-04-25 18:56 -------- d-----w- c:\program files\Windows Live
2009-04-25 18:56 . 2009-04-25 18:56 -------- d-----w- c:\program files\Messenger Plus! Live
2009-04-25 18:56 . 2009-04-25 18:54 -------- d-----w- c:\program files\MSN Messenger
2009-04-22 21:38 . 2009-04-22 20:19 -------- d-----w- c:\program files\LeapFTP
2009-04-22 17:13 . 2009-04-22 17:13 0 ----a-w- c:\windows\nsreg.dat
2009-04-21 20:28 . 2009-04-21 20:28 -------- d-----w- c:\program files\Avira
2009-04-21 20:28 . 2009-04-21 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-04-08 08:25 . 2009-04-08 08:25 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-04-08 08:25 . 2009-04-08 08:25 1047552 ----a-w- c:\windows\system32\MFC71u.dll
2009-04-07 18:25 . 2009-04-07 18:25 -------- d-----w- c:\documents and settings\user\Application Data\Media Player Classic
2009-04-07 18:08 . 2009-04-04 12:27 -------- d-----w- c:\program files\Realtek
2009-04-07 18:08 . 2009-03-30 18:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-07 18:08 . 2009-04-07 18:08 315392 ----a-w- c:\windows\HideWin.exe
2009-04-07 18:03 . 2009-04-07 18:03 -------- d-----w- c:\program files\Intel
2009-04-07 18:02 . 2009-04-07 18:02 -------- d-----w- c:\program files\Browser Configuration Utility
2009-04-07 18:02 . 2009-03-30 18:07 -------- d-----w- c:\program files\GIGABYTE
2009-04-07 17:58 . 2009-04-07 17:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-04-07 17:58 . 2009-04-07 17:50 -------- d-----w- c:\program files\Common Files\Real
2009-04-07 17:58 . 2009-04-07 17:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-04-07 17:58 . 2009-04-07 17:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-04-07 17:53 . 2009-04-07 17:53 390664 ----a-w- c:\documents and settings\user\Application Data\Real\RealPlayer\setup\AU_setup6.exe
2009-04-07 17:50 . 2009-04-07 17:50 -------- d-----w- c:\program files\Real
2009-04-04 12:42 . 2008-01-29 14:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-04-04 12:41 . 2009-04-04 12:41 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe
2009-04-04 12:41 . 2009-04-04 12:41 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys
2009-04-04 12:41 . 2009-04-04 12:41 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys
2009-04-04 12:27 . 2009-04-04 12:27 -------- d-----w- c:\documents and settings\user\Application Data\InstallShield
2009-04-02 02:03 . 2009-04-02 02:03 -------- d-----w- c:\program files\SWiSHmax
2009-04-02 01:29 . 2009-03-28 17:09 1253848 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-01 20:00 . 2009-04-01 20:00 -------- d-----w- c:\program files\Microsoft.NET
2009-03-30 20:05 . 2009-03-30 20:17 684 ----a-w- c:\windows\Fonts\Cocon-RegularConExp.pfm
2009-03-30 20:05 . 2009-03-30 20:17 681 ----a-w- c:\windows\Fonts\Cocon-RegularExp.pfm
2009-03-30 20:05 . 2009-03-30 20:17 678 ----a-w- c:\windows\Fonts\Cocon-Regular.pfm
2009-03-30 20:05 . 2009-03-30 20:17 688 ----a-w- c:\windows\Fonts\Cocon-LightExp.pfm
2009-03-30 20:05 . 2009-03-30 20:17 694 ----a-w- c:\windows\Fonts\Cocon-LightConExp.pfm
2009-03-30 20:05 . 2009-03-30 20:17 682 ----a-w- c:\windows\Fonts\Cocon-Light.pfm
2009-03-28 17:05 . 2009-03-28 16:41 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-28 16:40 . 2009-03-28 16:40 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-03-06 14:44 . 2004-08-03 21:55 282624 ----a-w- c:\windows\system32\pdh.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2008-09-02 14:07 398784 ----a-w- c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaIEHelper.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m–|ë" [X]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-04-04 206088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-02 13570048]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-02 86016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-07 198160]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-06-12 266497]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"CheckRegDefragService"="c:\progra~1\REGIST~2\rbcs.exe" [2004-09-22 299520]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-08-02 1657376]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-06-27 16875008]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SoundMan.exe [2008-06-18 77824]
"AlcWzrd"="ALCWZRD.EXE" - c:\windows\alcwzrd.exe [2008-06-19 2808832]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 05:29 م 33808]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [02/05/2009 01:46 ص 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [02/05/2009 01:46 ص 20560]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [07/04/2009 09:02 م 80392]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [13/03/2008 06:02 م 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 05:06 م 24592]
S3 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [30/05/2009 11:54 م 12672]
S4 AntiVirMailService;Avira AntiVir Premium MailGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe [21/04/2009 11:28 م 164097]
S4 antivirwebservice;Avira AntiVir Premium WebGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avwebgrd.exe [21/04/2009 11:28 م 258305]
S4 AVEService;Avira AntiVir Premium MailGuard helper service;c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [21/04/2009 11:28 م 41217]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-CheckRegDefragService - (no file)
SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: إضافة إلى حاجب إعلان الشعار - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\5pzo79gq.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-31 17:55
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(628)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Avira\AntiVir PersonalEdition Premium\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Premium\avguard.exe
c:\appserv\apache\Apache.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\appserv\mysql\bin\mysqld-nt.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\appserv\apache\Apache.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2009-05-31 17:57 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-31 14:57
Pre-Run: 95,460,089,856 bytes free
Post-Run: 95,449,354,240 bytes free
221
 
تأييد 0
عطل استعادة النظام حسب الشرح التالي

i7549_1.png


i7550_2.png


i7551_3.png


ثم

ادخل هذه الصفحة
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وحمل اداة المكافي
شغلها بدبل كلك واتركها حتى تنتهي صفحة الدوس من الفحص والتنظيف
ثم توجه الى القرص c ،، وقم
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
التقرير noor_mcafee
وارفعه على هذا الموقع
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وارفق رابط التحميل بمشاركتك القادمة
 
توقيع : ابـــو عــبــد الــلــه
تأييد 0
كيف أخذ التقرير ( التقرير noor_mcafee )

خاصه اني شغلت البرنامج ( اداة المكافي )

بعدها رجعت و شوفت الكمبيوتر ( عامل إعادة التشغيل ) ..



ربي يعطيك العافيه
 
تأييد 0
تفضل عزيزي هذا التقرير ..
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي




لم اتمكن من رفع التقرير على هذا الموقع (
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
) بسبب خروج رساله ..

Bandwidth Limit Exceeded

The server is temporarily unable to service your request due to the site owner reaching his/her bandwidth limit. Please try again later.​
 
تأييد 0
توقيع : ابـــو عــبــد الــلــه
تأييد 0
ربي يعطيك العافيه يالغالي

واعتذر عن التاخير ..



طبعاً المشكله من الرام يالغالي
 
تأييد 0
^^
غير الرام

والله يعينك حصلت لي هذه الشاشة مرتين مره صار الخلل من الرام .. ومره فيروس .. والفيروس الله لا يوفقه أتلف كل ملفاتي ما أقدر أدخل حتى بالوضع الآمن ...

وشكراً ..

 
توقيع : (مجرد انسان)
تأييد 0
اخوي جرب تخرج الرام وتنظفها لو فيها غبار ولا شي وثبتها من جديد
 
توقيع : Demo-dashDemo-dash is verified member.
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى