الجهاز يطفى فجأه وارتفاع مفاجئ بالحراره

#1 05-27-2011

عندي مشكله بالجهاز ماظهرت الا قريبا عندما اقوم بتغشيل الجهاز اول ماضع الباسوورد ينطفى لحاله وبعض اوقات يشتغل مضبوط وبعد مضئ مابين 5 الى 6 دقايق يطفى الجهاز مما ادى الى شلل كامل بماوس الجهاز اتمنى المساعده

هايجك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:35:57 ص, on 28/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\DOCUME~1\xp\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1296580572265
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://209.236.115.90/talk.cab
O16 - DPF: {7253A666-804A-1107-A4DC-00E04C504708} (BMC Control) - http://ksacam.info/bmc.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 7239 bytes

رن سكنر

http://www.eupload.org/shared/67758runscanner.rar

البرامج المثبته

====== معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3

====== قائمة البرامج المثبتة ======
Adobe Flash Player 10 ActiveX
Agere Systems HDA Modem
Ashampoo Burning Studio 6 FREE
BSPlayer
CCleaner (remove only)
ESET Smart Security
FormatFactory 2.00
Hitman Pro 3.5
Intel(R) Graphics Media *********** Driver
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 25
K-Lite Codec Pack 3.01 Full
Launch Manager
Messenger Plus! Live
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSVCRT
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Segoe UI
VLC media player 1.0.3
WebFldrs XP
WIDCOMM Bluetooth Software
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
WinRAR archiver
Your Uninstaller! 2010
أداة التحميل Windows Live Upload Tool
برنامج إصلاح (Hotfix) لـ Windows XP (KB2443685)‎
برنامج إصلاح (Hotfix) لـ Windows XP (KB952287)‎
‏‏تحديث الأمان لـ Windows Media Player (KB2378111)
‏‏تحديث الأمان لـ Windows Media Player (KB952069)
‏‏تحديث الأمان لـ Windows Media Player (KB954155)
‏‏تحديث الأمان لـ Windows Media Player (KB973540)
‏‏تحديث الأمان لـ Windows Media Player (KB975558)
‏‏تحديث الأمان لـ Windows Media Player (KB978695)
تحديث أمان لـ Windows Internet Explorer 7 (KB2497640)‎
تحديث أمان لـ Windows Internet Explorer 7 (KB938127-v2)‎
تحديث أمان لـ Windows Internet Explorer 8 (KB2482017)‎
تحديث أمان لـ Windows Internet Explorer 8 (KB2497640)‎
تحديث أمان لـ Windows Internet Explorer 8 (KB2510531)‎
تحديث أمان لـ Windows Internet Explorer 8 (KB982381)‎
تحديث أمان لـ Windows XP (KB2079403)‎
تحديث أمان لـ Windows XP (KB2115168)‎
تحديث أمان لـ Windows XP (KB2121546)‎
تحديث أمان لـ Windows XP (KB2229593)‎
تحديث أمان لـ Windows XP (KB2296011)‎
تحديث أمان لـ Windows XP (KB2347290)‎
تحديث أمان لـ Windows XP (KB2360937)‎
تحديث أمان لـ Windows XP (KB2387149)‎
تحديث أمان لـ Windows XP (KB2393802)‎
تحديث أمان لـ Windows XP (KB2412687)‎
تحديث أمان لـ Windows XP (KB2419632)‎
تحديث أمان لـ Windows XP (KB2423089)‎
تحديث أمان لـ Windows XP (KB2440591)‎
تحديث أمان لـ Windows XP (KB2443105)‎
تحديث أمان لـ Windows XP (KB2476687)‎
تحديث أمان لـ Windows XP (KB2478960)‎
تحديث أمان لـ Windows XP (KB2478971)‎
تحديث أمان لـ Windows XP (KB2479943)‎
تحديث أمان لـ Windows XP (KB2481109)‎
تحديث أمان لـ Windows XP (KB2483185)‎
تحديث أمان لـ Windows XP (KB2485663)‎
تحديث أمان لـ Windows XP (KB2503658)‎
تحديث أمان لـ Windows XP (KB2506212)‎
تحديث أمان لـ Windows XP (KB2506223)‎
تحديث أمان لـ Windows XP (KB2507618)‎
تحديث أمان لـ Windows XP (KB2508272)‎
تحديث أمان لـ Windows XP (KB2508429)‎
تحديث أمان لـ Windows XP (KB2509553)‎
تحديث أمان لـ Windows XP (KB2510581)‎
تحديث أمان لـ Windows XP (KB2511455)‎
تحديث أمان لـ Windows XP (KB2524375)‎
تحديث أمان لـ Windows XP (KB923561)‎
تحديث أمان لـ Windows XP (KB946648)‎
تحديث أمان لـ Windows XP (KB950762)‎
تحديث أمان لـ Windows XP (KB950974)‎
تحديث أمان لـ Windows XP (KB951376-v2)‎
تحديث أمان لـ Windows XP (KB952004)‎
تحديث أمان لـ Windows XP (KB952954)‎
تحديث أمان لـ Windows XP (KB954459)‎
تحديث أمان لـ Windows XP (KB956572)‎
تحديث أمان لـ Windows XP (KB956744)‎
تحديث أمان لـ Windows XP (KB956802)‎
تحديث أمان لـ Windows XP (KB956844)‎
تحديث أمان لـ Windows XP (KB958644)‎
تحديث أمان لـ Windows XP (KB959426)‎
تحديث أمان لـ Windows XP (KB960803)‎
تحديث أمان لـ Windows XP (KB960859)‎
تحديث أمان لـ Windows XP (KB961501)‎
تحديث أمان لـ Windows XP (KB969059)‎
تحديث أمان لـ Windows XP (KB970430)‎
تحديث أمان لـ Windows XP (KB971657)‎
تحديث أمان لـ Windows XP (KB972270)‎
تحديث أمان لـ Windows XP (KB973507)‎
تحديث أمان لـ Windows XP (KB973869)‎
تحديث أمان لـ Windows XP (KB973904)‎
تحديث أمان لـ Windows XP (KB974112)‎
تحديث أمان لـ Windows XP (KB974318)‎
تحديث أمان لـ Windows XP (KB974392)‎
تحديث أمان لـ Windows XP (KB974571)‎
تحديث أمان لـ Windows XP (KB975025)‎
تحديث أمان لـ Windows XP (KB975467)‎
تحديث أمان لـ Windows XP (KB975560)‎
تحديث أمان لـ Windows XP (KB975562)‎
تحديث أمان لـ Windows XP (KB975713)‎
تحديث أمان لـ Windows XP (KB977816)‎
تحديث أمان لـ Windows XP (KB977914)‎
تحديث أمان لـ Windows XP (KB978338)‎
تحديث أمان لـ Windows XP (KB978542)‎
تحديث أمان لـ Windows XP (KB978601)‎
تحديث أمان لـ Windows XP (KB978706)‎
تحديث أمان لـ Windows XP (KB979309)‎
تحديث أمان لـ Windows XP (KB979482)‎
تحديث أمان لـ Windows XP (KB979687)‎
تحديث أمان لـ Windows XP (KB980436)‎
تحديث أمان لـ Windows XP (KB981322)‎
تحديث أمان لـ Windows XP (KB981997)‎
تحديث أمان لـ Windows XP (KB982132)‎
تحديث أمان لـ Windows XP (KB982665)‎
تحديث لـ Windows Internet Explorer 8 (KB2447568)‎
تحديث لـ Windows XP (KB2345886)‎
تحديث لـ Windows XP (KB2467659)‎
تحديث لـ Windows XP (KB898461)‎
تحديث لـ Windows XP (KB951978)‎
تحديث لـ Windows XP (KB955759)‎
تحديث لـ Windows XP (KB961503)‎
تحديث لـ Windows XP (KB967715)‎
تحديث لـ Windows XP (KB968389)‎
تحديث لـ Windows XP (KB971029)‎
تحديث لـ Windows XP (KB971737)‎
تحديث لـ Windows XP (KB973687)‎
تحديث لـ Windows XP (KB973815)‎
مساعد تسجيل الدخول إلى Windows Live

نقاط بدء التشغيل

"Silent Runners.vbs", revision 61, http://www.silentrunners.org/
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run \ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"MSMSGS" = ""C:\Program Files\Messenger\msmsgs.exe" /background" [MS]
"IDMan" = "C:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run \ {++}
"TkBellExe" = ""C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot" ["RealNetworks, Inc."]
"RTHDCPL" = "RTHDCPL.EXE" ["Realtek Semiconductor Corp."]
"Alcmtr" = "ALCMTR.EXE" ["Realtek Semiconductor Corp."]
"IgfxTray" = "C:\WINDOWS\system32\igfxtray.exe" ["Intel Corporation"]
"HotKeysCmds" = "C:\WINDOWS\system32\hkcmd.exe" ["Intel Corporation"]
"Persistence" = "C:\WINDOWS\system32\igfxpers.exe" ["Intel Corporation"]
"LManager" = "C:\PROGRA~1\LAUNCH~1\LManager.exe" ["Dritek System Inc."]
"egui" = ""C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice" ["ESET"]
"SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\
{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDMIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."]
{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)
-> {HKLM...CLSID} = "RealPlayer Download and Record Plugin for Internet Explorer"
\InProcServer32\(Default) = "C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll" ["RealPlayer"]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "مساعد تسجيل الدخول إلى Windows Live"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"
-> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She ll Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshell.dll" ["RealNetworks, Inc."]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{7842554E-6BED-11D2-8CDB-B05550C10000}" = "Monitor"
-> {HKLM...CLSID} = "Monitor Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\btncopy.dll" ["Broadcom Corporation."]
"{B089FE88-FB52-11D3-BDF1-0050DA34150D}" = "ESET Smart Security - Context Menu Shell Extension"
-> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]
"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places"
-> {HKLM...CLSID} = "My Bluetooth Places"
\InProcServer32\(Default) = "C:\WINDOWS\system32\BTNEIG~1.DLL" ["Broadcom Corporation."]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
igfxcui\DLLName = "igfxdev.dll" ["Intel Corporation"]
HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\
text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
livecall\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL" [MS]
ms-itss\CLSID = "{0A9007C0-4076-11D3-8789-0000F8105754}"
-> {HKLM...CLSID} = "Microsoft Infotech Storage Protocol for IE 4.0"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL" [MS]
msnim\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL" [MS]
mso-offdap\CLSID = "{3D9F03FA-7A94-11D3-BE81-0050048385D1}"
-> {HKLM...CLSID} = "Data Page Pluggable Protocol mso-offdap Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC 10.D LL" [MS]
mso-offdap11\CLSID = "{32505114-5902-49B2-880A-1F7738E5A384}"
-> {HKLM...CLSID} = "Data Page Plugable Protocal mso-offdap11 Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC 11.D LL" [MS]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandler s\
ESET Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMen uHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHa ndlers\
Monitor\(Default) = "{7842554E-6BED-11D2-8CDB-B05550C10000}"
-> {HKLM...CLSID} = "Monitor Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\btncopy.dll" ["Broadcom Corporation."]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHa ndlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Directory\Background\shellex \ContextMenuHandlers\
igfxcui\(Default) = "{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}"
-> {HKLM...CLSID} = "GraphicsShellExt Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\igfxpph.dll" ["Intel Corporation"]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHa ndlers\
ESET Smart Security - Context Menu Shell Extension\(Default) = "{B089FE88-FB52-11D3-BDF1-0050DA34150D}"
-> {HKLM...CLSID} = "ESET Smart Security - Context Menu Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\ESET\ESET Smart Security\shellExt.dll" ["ESET"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandl ers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Bliss.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Bliss.bmp"

Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\3DMOUN~1.SCR" (3D Mountain Lake Premium.scr) [null data]

Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\AutoplayHandlers\Handlers\
ASHAshampoo_Burning_Studio_6_FREEBURNONARRIVAL\
"Provider" = "Ashampoo Burning Studio 6 FREE"
"InvokeProgID" = "Ashampoo.BurningStudio6FREE"
"InvokeVerb" = "autoplay-burn"
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio6FREE\ shell\autoplay-burn\Command\(Default) = ""C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe" -autoplay -selectdrive "%l"" ["ashampoo Technology GmbH & Co. KG"]
ASHAshampoo_Burning_Studio_6_FREECOPYONARRIVAL\
"Provider" = "Ashampoo Burning Studio 6 FREE"
"InvokeProgID" = "Ashampoo.BurningStudio6FREE"
"InvokeVerb" = "autoplay-copy"
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio6FREE\ shell\autoplay-copy\Command\(Default) = "C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe" -autoplay -selectdrive "%l" -copy" [file not found]
ASHAshampoo_Burning_Studio_6_FREERIPONARRIVAL\
"Provider" = "Ashampoo Burning Studio 6 FREE"
"InvokeProgID" = "Ashampoo.BurningStudio6FREE"
"InvokeVerb" = "autoplay-rip"
HKLM\SOFTWARE\Classes\Ashampoo.BurningStudio6FREE\ shell\autoplay-rip\Command\(Default) = ""C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\burningstudio.exe" -autoplay -selectdrive "%l" -rip" ["ashampoo Technology GmbH & Co. KG"]
MPCPlayCDAudioOnArrival\
"Provider" = "Media Player Classi"
"InvokeProgID" = "MPC.CDAudio"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\MPC.CDAudio\shell\play\comma nd\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %L /cd" ["Gabest"]
MPCPlayDVDMovieOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MPC.DVDMovie"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\MPC.DVDMovie\shell\play\comm and\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" %L /dvd" ["Gabest"]
RPCDBurningOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.CDBurn.6"
"InvokeVerb" = "open"
HKCU\Software\Classes\RealPlayer.CDBurn.6\shell\op en\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]
RPDeviceOnArrival\
"Provider" = "RealPlayer"
"ProgID" = "RealPlayer.HWEventHandler"
HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CL SID\(Default) = "{67E76F1D-BDE2-4052-913C-2752366192D2}"
-> {HKLM...CLSID} = "RealNetworks Scheduler"
\LocalServer32\(Default) = ""C:\Program Files\Real\RealPlayer\Update\realsched.exe" -autoplay" ["RealNetworks, Inc."]
RPDVDBurningOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.DVDBurn.6"
"InvokeVerb" = "open"
HKCU\Software\Classes\RealPlayer.DVDBurn.6\shell\o pen\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /burndvd "%1"" ["RealNetworks, Inc."]
RPPlayCDAudioOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AudioCD.6"
"InvokeVerb" = "play"
HKCU\Software\Classes\RealPlayer.AudioCD.6\shell\p lay\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /play %1 " ["RealNetworks, Inc."]
RPPlayDVDMovieOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.DVD.6"
"InvokeVerb" = "play"
HKCU\Software\Classes\RealPlayer.DVD.6\shell\play\ command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /dvd %1 " ["RealNetworks, Inc."]
RPPlayMediaOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AutoPlay.6"
"InvokeVerb" = "open"
HKCU\Software\Classes\RealPlayer.AutoPlay.6\shell\ open\command\(Default) = ""C:\Program Files\Real\RealPlayer\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]
VLCPlayCDAudioOnArrival\
"Provider" = "VideoLAN VLC media player"
"InvokeProgID" = "VLC.CDAudio"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\play\comma nd\(Default) = ""C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda://%1" ["the VideoLAN Team"]
VLCPlayDVDMovieOnArrival\
"Provider" = "VideoLAN VLC media player"
"InvokeProgID" = "VLC.DVDMovie"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\play\comm and\(Default) = ""C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd://%1" ["the VideoLAN Team"]

Startup items in "xp" & "All Users" startup folders:
----------------------------------------------------
C:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل
"Bluetooth" -> shortcut to: "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" ["Broadcom Corporation."]

Enabled Scheduled Tasks:
------------------------
"RealUpgradeLogonTaskS-1-5-21-1645522239-879983540-1177238915-1003" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]
"RealUpgradeLogonTaskS-1-5-21-3304606059-2492055727-822101781-1003" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck" ["RealNetworks, Inc."]
"RealUpgradeScheduledTaskS-1-5-21-1645522239-879983540-1177238915-1003" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]
"RealUpgradeScheduledTaskS-1-5-21-3304606059-2492055727-822101781-1003" -> launches: "C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck" ["RealNetworks, Inc."]
"User_Feed_Synchronization-{B0F25380-70BA-49B4-96FA-9E864AD585A6}" -> launches: "C:\WINDOWS\system32\msfeedssync.exe sync" [MS]

Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Pa rameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 27
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&بحث"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "بحث"
{CCA281CA-C863-46EF-9331-5C8D4460577F}\
"ButtonText" = "@btrez.dll,-4015"
"MenuText" = "@btrez.dll,-12650"
"Script" = "C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm" [null data]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Agere Modem Call Progress Audio, AgereModemAudio, "C:\WINDOWS\system32\agrsmsvc.exe" ["Agere Systems"]
Bluetooth Service, btwdins, "C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe" ["Broadcom Corporation."]
ESET Service, ekrn, ""C:\Program Files\ESET\ESET Smart Security\ekrn.exe"" ["ESET"]
Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
WMI Performance Adapter, WmiApSrv, "C:\WINDOWS\system32\wbem\wmiapsrv.exe" [MS]

Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------
HKLM\System\CurrentControlSet\Control\SafeBoot\Net work\
hitmanpro35, (null value)
hitmanpro35.sys, (null value)
HitmanPro35Crusader, (null value)

Print Monitors:
---------------
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\
Bluetooth Printer Port\Driver = "bthcrp.dll" ["Broadcom Corporation."]
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]

---------- (launch time: 2011-05-28 04:41:23)
: Suspicious data at a malware launch point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 41 seconds, including 13 seconds for message boxes)

أكثر...

المواضيع المتشابهه
الموضوع	كاتب الموضوع	المنتدى	مشاركات	آخر مشاركة
الجهاز انقلب فجأه	RSS	Arabic Rss	0	04-09-2011 05:46 AM
مشكلة وقوف الجهاز عن العمل فجأه	RSS	Arabic Rss	0	03-10-2011 12:51 AM
مشكله توقف الجهاز فجأه	RSS	Arabic Rss	0	02-11-2011 06:24 PM
الجهاز ينطفئ فجأه !	RSS	Arabic Rss	0	10-12-2010 12:54 AM
الجهاز يطفي من حاله	RSS	Arabic Rss	0	07-18-2010 07:33 PM

الجهاز يطفى فجأه وارتفاع مفاجئ بالحراره

Arabic Rss