الموضوع: سؤال مشكلة بالجهاز .. يوجد تقرير (تم تعديل العنوان)
عرض مشاركة واحدة
  #1  
قديم 09-21-2008, 06:01 AM
الصورة الرمزية العاشق 2005  
رقـم العضويــة: 365
تاريخ التسجيل: Sep 2008
المشـــاركـات: 94,808
نقـــاط الخبـرة: 85
الأوسمة والجوائزالأوسمة
افتراضي سؤال مشكلة بالجهاز .. يوجد تقرير (تم تعديل العنوان)
السلام عليكم ورحمة الله وبركاته

قريت موضوع بخصوصا فحص الجهاز

فحصت جهازي لانه بطئ وفيه رسايل خطا لمااشغله

وقريت كيف انحلت مشاكل كثير بمساعدة المشرفين

جزاهم الله كل الخير

حبيت احط تقريري اتمنى الاقي الحل هنا

:


ComboFix 08-09-20.02 - Free User 09/19/2008 23:50:23.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.52 [GMT 3:00]
Running from: C:\Documents and Settings\Free User\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-08-20 to 2008-09-20 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))) ))))))))))))
.
2008-09-19 02:33 --------- d-----w C:\Program Files\HP
2008-09-19 02:33 --------- d-----w C:\Program Files\Hewlett-Packard
2008-09-19 02:14 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-19 00:49 --------- d-----w C:\Program Files\MSN Messenger
2008-09-19 00:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-18 07:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-09-18 07:43 --------- d-----w C:\Documents and Settings\Free User\Application Data\flag second cast
2008-09-18 07:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Cast ping **** frag
2008-09-18 07:40 --------- d-----w C:\Program Files\flag second cast
2008-09-18 07:38 --------- d-----w C:\Program Files\Windows Live
2008-09-18 07:38 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-18 07:38 --------- d-----w C:\Program Files\Circle Developement
2008-09-18 06:43 --------- d-----w C:\Program Files\Common Files\xing shared
2008-09-18 06:43 --------- d-----w C:\Program Files\Common Files\Real
2008-09-18 04:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-18 02:08 13,288,968 ----a-w C:\RealPlayer11GOLD.exe
2008-09-16 20:56 --------- d-----w C:\Program Files\Real
2008-09-16 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-16 06:34 2,398,736 ----a-w C:\WINDOWS\WLinstaller.exe
2008-09-16 05:09 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-09-16 01:09 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-13 21:16 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-13 10:09 --------- d-----w C:\Program Files\QuickTime
2008-09-13 00:17 --------- d-----w C:\Program Files\MSBuild
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))) ))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Win dows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon .exe" [12/31/2002 03:00 PM 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [01/19/2007 12:55 PM 5674352]
"Onedefault"="C:\DOCUME~1\FREEUS~1\APPLI C~1\FLAGSE~1\meetcamp.exe" [09/18/2008 10:40 AM 501760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi ndows\CurrentVersion\Run]
"ccExecute"="C:\WINDOWS\system32\bootcfg 1.exe" [02/23/2007 11:51 PM 36864]
"ToolBoxFX"="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [06/15/2006 10:43 AM 49152]
"TomcatStartup"="C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [03/31/2003 09:28 PM 155648]
"StatusClient"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusC lient.exe" [12/16/2002 06:51 PM 36864]
"HPUsageTracking"="C:\Program Files\HP\HP UT\bin\hppusg.exe" [06/09/2006 01:23 PM 36864]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 01:47 AM 31016]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [09/18/2008 09:42 AM 185896]
"**** frag grid bows"="C:\Documents and Settings\All Users\Application Data\Cast ping **** frag\stupid jugs.exe" [09/19/2008 07:07 PM 530944]
"ABBYY Community Agent"="C:\Program Files\Sprint & FineReader 5.0 Office Try&Buy\CAgent.exe" [02/03/2001 01:21 AM 241664]
[HKEY_USERS\.DEFAULT\Software\Microsoft\W indows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON .EXE" [12/31/2002 03:00 PM 15360]
C:\Documents and Settings\Free User\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]
[HKEY_LOCAL_MACHINE\software\microsoft\se curity center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile\Authorize dApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3. 1\\bin\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
S3 HPFXBULK;HPFXBULK;C:\WINDOWS\system32\dr ivers\hpfxbulk.sys [06/12/2006 01:36 PM 9344]
[HKEY_CURRENT_USER\software\microsoft\win dows\currentversion\explorer\mountpoints 2\G]
\*****\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE *****32.DLL,*****Exec_RunDLL copy.exe
.
*******s of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.sa/
R1 -: HKCU-Internet Settings,ProxyOverride =
O8 -: &تصدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 -: ت&صدير إلى Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.
**************************************** **********************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-19 23:52:00
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentV ersion\Run
ccExecute = C:\WINDOWS\system32\bootcfg1.exe???????? ???????????????????????????????????????? ???????????????????????????????????????? ???????????????????????????????????????? ???????????????????????????????????????? ???????????????????????????????????????? ??????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************** **********************************
.
Completion time: 09/19/2008 23:53:29
ComboFix-quarantined-files.txt 2008-09-19 20:53:23
ComboFix2.txt 2008-09-19 20:45:18
Pre-Run: 32,490,168,320 bytes free
Post-Run: 32,479,211,520 bytes free
103


...............
آحترامي