جهازي بطئ ويعلق بليز مساعده

محروم.كوم · #1 10-04-2011, 04:40 AM

السلام عليكم ورحمه الله وبركااته

انا جهازي كان سليم وفجأه فتحته وطوول مره مافتح طلع لي شاشه سودا كم دقيقه:cry4:
وفي شريط اسفل الشاشه يحمل وهكذا الجهاز صار بطئ ويعلللللللللللق :nonono::nonono:

وسويت تقرير باستخدام هالبرنامج ComboFix وتقرير ال HijackThis
وهذا هو التقرير

ComboFix 11-10-03.01 - L.S 10/03/2011 23:16:23.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2010.1587 [GMT 3:00]
Running from: c:\documents and settings\L.S\??? ?طع???\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))) )))))))))
.
.
c:\documents and settings\L.S\Application Data\PriceGong
c:\documents and settings\L.S\Application Data\PriceGong\Data\mru.xml
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\MyFunC ardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\Smiley CentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\Webfet tiBtn.html
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFX TBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFTBPR.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\2.bin\CHROME.MANIF EST
c:\program files\MyWebSearch\bar\2.bin\chrome\M3FFX TBR.JAR
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\2.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IEOVR.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3TPINST.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\0003E521.bin
c:\program files\MyWebSearch\bar\Cache\0003E65A.bin
c:\program files\MyWebSearch\bar\Cache\0003E6E6.bin
c:\program files\MyWebSearch\bar\Cache\005598D7
c:\program files\MyWebSearch\bar\Cache\007687A0
c:\program files\MyWebSearch\bar\Cache\00FBB10B.bin
c:\program files\MyWebSearch\bar\Cache\00FBB253.bmp
c:\program files\MyWebSearch\bar\Cache\00FBB36C.bin
c:\program files\MyWebSearch\bar\Cache\00FBB428.bin
c:\program files\MyWebSearch\bar\Cache\00FBB541.bin
c:\program files\MyWebSearch\bar\Cache\00FBB5DD.bin
c:\program files\MyWebSearch\bar\Cache\00FBB6D7.exe
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\IE9Mesg\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3 S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3 S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD. F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F 3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3 S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3 S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2. htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\msmqinst.log
c:\windows\system32\d3d9caps.dat
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))) )))))))))
.
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
.
.
((((((((((((((((((((((((( Files Created from 2011-09-03 to 2011-10-03 )))))))))))))))))))))))))))))))
.
.
2011-09-26 00:02 . 2011-09-26 00:02 -------- d-----w- c:\windows\system32\KB905474
2011-09-24 07:08 . 2011-09-24 07:08 -------- d-----w- c:\windows\ie8updates
2011-09-24 02:32 . 2011-09-24 02:32 -------- d-----w- c:\program files\Common Files\Adobe
2011-09-24 02:31 . 2011-09-24 02:31 -------- d-----w- c:\windows\Cache
2011-09-24 00:55 . 2008-06-14 17:31 271616 ------w- c:\windows\system32\drivers\bthport.sys
2011-09-24 00:10 . 2011-06-23 18:30 602112 ------w- c:\windows\system32\SET486.tmp
2011-09-24 00:10 . 2011-06-23 18:30 55296 ------w- c:\windows\system32\SET485.tmp
2011-09-24 00:10 . 2011-06-23 18:30 105984 ----a-w- c:\windows\system32\SET480.tmp
2011-09-24 00:10 . 2011-07-25 15:09 5969920 ----a-w- c:\windows\system32\SET484.tmp
2011-09-24 00:10 . 2011-06-23 18:30 1991680 ------w- c:\windows\system32\SET48A.tmp
2011-09-24 00:09 . 2011-06-23 18:30 916480 ----a-w- c:\windows\system32\SET47E.tmp
2011-09-24 00:09 . 2011-06-23 18:30 1212416 ----a-w- c:\windows\system32\SET47F.tmp
2011-09-24 00:09 . 2011-06-23 18:30 11081728 ------w- c:\windows\system32\SET48C.tmp
2011-09-24 00:00 . 2011-09-26 00:04 -------- d--h--w- c:\windows\$hf_mig$
2011-09-22 13:36 . 2011-09-22 13:36 -------- d-----w- c:\windows\system32\wbem\Repository
2011-09-22 12:52 . 2006-11-02 05:09 1419232 ----a-r- c:\windows\system32\WdfCoInstaller01005. dll
2011-09-22 12:52 . 2011-09-22 12:52 -------- d-----w- c:\program files\DellTPad
2011-09-22 12:52 . 2009-02-05 16:48 192048 ----a-r- c:\windows\system32\drivers\Apfiltr.sys
2011-09-22 12:52 . 2009-01-31 09:15 107622 ----a-r- c:\windows\system32\Vxdif.dll
2011-09-22 12:39 . 2011-09-23 22:53 -------- d-----w- c:\program files\CCleaner
2011-09-22 12:31 . 2011-09-22 12:31 -------- d-----w- c:\documents and settings\L.S\Application Data\SUPERAntiSpyware.com
2011-09-22 12:30 . 2011-09-29 01:47 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-22 12:30 . 2011-09-22 12:30 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-09-09 17:12 . 2001-09-18 11:04 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-09-09 17:12 . 2008-04-14 18:29 159232 ----a-w- c:\windows\system32\ptpusd.dll
2011-09-09 17:12 . 2008-04-13 21:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2011-09-08 11:09 . 2011-09-08 11:09 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar
2011-09-08 11:09 . 2011-09-08 11:09 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\BrotherSoft_Extreme
2011-09-08 11:09 . 2011-09-08 11:09 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))) ))))))))))))
.
2011-09-09 09:11 . 2008-04-15 11:00 598016 ----a-w- c:\windows\system32\crypt32.dll
2011-08-23 04:28 . 2011-08-23 04:28 319488 ----a-w- c:\windows\HideWin.exe
2011-07-15 13:29 . 2008-04-15 11:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-11 16:25 . 2010-07-21 13:16 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-11 16:25 . 2010-07-21 13:18 499712 -c--a-w- c:\windows\system32\msvcp71.dll
2011-07-08 14:02 . 2008-04-15 11:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-08 07:26 . 2011-08-22 03:01 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-05-26 . CA1867A515E40A015BA6D9ADD83FB823 . 1571328 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))) ))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Int ernet Explorer\URLSearchHooks]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files\BrotherSoft_Extreme\prxtbBrot.dll" [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 13:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
2011-01-17 13:54 175912 ----a-w- c:\program files\BrotherSoft_Extreme\prxtbBrot.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\In ternet Explorer\Toolbar]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files\BrotherSoft_Extreme\prxtbBrot.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll " [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Int ernet Explorer\Toolbar\Webbrowser]
"{51A86BB3-6602-4C85-92A5-130EE4864F13}"= "c:\program files\BrotherSoft_Extreme\prxtbBrot.dll" [2011-01-17 175912]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Win dows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\Googl eToolbarNotifier.exe" [2010-09-16 39408]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"Software Informer"="c:\program files\Software Informer\softinfo.exe" [2011-03-22 2859077]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware. exe" [2011-08-12 4603264]
"ctfmon.exe"="c:\windows\system32\ctfmon .exe" [2008-04-15 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi ndows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray .exe" [2009-06-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd .exe" [2009-06-16 170520]
"Persistence"="c:\windows\system32\igfxp ers.exe" [2009-06-16 141848]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-11-14 1708032]
"AESTFltr"="c:\windows\system32\AESTFltr .exe" [2009-02-18 737280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4. 19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.e xe" [2011-07-11 273544]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-02 483420]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\W indows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON .EXE" [2008-04-15 15360]
.
c:\documents and settings\All Users\çں‍ê، ں*§ڑ\ںé*©ںê¤\*§ک ںé¢¬نïé\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-8-15 604776]
.
[hkey_local_machine\software\microsoft\wi ndows\currentversion\explorer\ShellExecu teHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\wi ndows nt\currentversion\winlogon\notify\!SASWi nLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControl Set\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^قائمة ابدأ^البرامج^بدء التشغيل^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\se curity center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile\Authorize dApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\ firewallpolicy\standardprofile\GloballyO penPorts\List]
"89:TCP"= 89:TCP:FlexiServer Web Server
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 07:27 م 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13/07/2011 12:55 ص 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12/08/2011 02:38 ص 116608]
R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.e xe [11/09/2010 02:44 ص 114688]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdud f.sys [14/06/2011 11:54 م 66944]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AEST Aud.sys [06/08/2011 07:23 ص 113024]
S2 gupdate;خدمة تحديث Google (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16/09/2010 09:26 ص 136176]
S3 AMBFilt;Creative AMB Service;c:\windows\system32\drivers\AMBF ilt.sys [06/08/2011 07:23 ص 1656960]
S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\drivers\cmn susbser.sys [11/09/2010 02:44 ص 103424]
S3 ExpressAccountsService;Express Accounts;c:\program files\NCH Software\ExpressAccounts\expressaccounts .exe [11/01/2011 03:05 ص 2096644]
S3 gupdatem;خدمة Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [16/09/2010 09:26 ص 136176]
S3 InventoriaService;Inventoria Stock Manager;c:\program files\NCH Software\Inventoria\inventoria.exe [11/01/2011 03:04 ص 1363972]
.
[HKEY_LOCAL_MACHINE\software\microsoft\wi ndows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 14:57]
.
2011-10-03 c:\windows\Tasks\GoogleUpdateTaskMachine Core.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-16 06:26]
.
2011-10-03 c:\windows\Tasks\GoogleUpdateTaskMachine UA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-16 06:26]
.
2011-01-11 c:\windows\Tasks\inventoriaShakeIcon.job
- c:\program files\NCH Software\Inventoria\inventoria.exe [2011-01-11 00:04]
.
2011-10-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.ex e [2011-09-26 19:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=GRman000&pt b=O2RfWClEEHFP3Gy_4lYyNw
uInternet Settings,ProxyOverride = *.local
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Download all links with IDM - c:\docume~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEGetAll.htm
IE: Download FLV video content with IDM - c:\docume~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEGetVL.htm
IE: Download with IDM - c:\docume~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEExt.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_m ui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: إرسال إلى &جهاز Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: إرسال إلى Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: تحميل الفيديو بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: تحميل الكل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: تحميل المحددة بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: تحميل بواسطة Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\L.S\Application Data\Mozilla\Firefox\Profiles\n3haddl0.d efault\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=GRman000&ptb=O2RfWClEEHF P3Gy_4lYyNw&ind=2011080700&ptnrS=GRman00 0&si=&n=77dea7fc&psa=&st=kwd&searchfor =
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-fsm - (no file)
SafeBoot-Wdf01000.sys
.
.
.
**************************************** **********************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-03 23:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************** **********************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSI D\{26c9c765-9a8f-4d9e-8115-167e0e6f0b8f}]
@Denied: (Full) (Everyone)
"Model"=dword:000000da
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,4 8,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,88,79,0d,22,8e,33,17,75,6e,64,4 a,c3,17,2e,fc,cc,bf,ce,db,c2,5b,1f,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSI D\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):be,64,44,b1,aa,67,97,2d, 5d,84,43,b1,6e,5f,43,eb,0d,80,22,78,10,
fb,6c,c9,79,d2,17,c8,a0,c5,89,d7,e3,8a,c 8,c3,e5,03,8d,bd,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(888)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3040)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes. dll
c:\windows\system32\PortableDeviceApi.dl l
.
------------------------ Other Running Processes ------------------------
.
c:\program files\idt\xpm09_6162v012\wdm\STacSV.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\igfxsrvc.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EX E
c:\program files\Google\Chrome\Application\chrome.e xe
c:\program files\Google\Chrome\Application\chrome.e xe
c:\program files\Google\Chrome\Application\chrome.e xe
c:\program files\Google\Chrome\Application\chrome.e xe
c:\program files\Google\Chrome\Application\chrome.e xe
c:\program files\Google\Chrome\Application\chrome.e xe
.
**************************************** **********************************
.
Completion time: 2011-10-03 23:44:35 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-03 20:44
.
Pre-Run: 2,086,789,120 bytes free
Post-Run: 2,162,593,792 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition (1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WIND OWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 1D8DACD5E08E3E7BA3E8E1DA998E6BFD

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:07 ص, on 04/10/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\xpm09_6162v012\wdm\STacSV.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\ChgService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\program files\real\realplayer\update\realsched.e xe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware. exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EX E
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Google\Chrome\Application\chrome.e xe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jh...EHFP3Gy_4lYyNw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentV ersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 ME\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4. 19.19\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll

O2 - BHO: BrotherSoft Extreme - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6 406.1642\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4. 19.19\BabylonToolbarTlbr.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4. 19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.e xe" -osboot
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\Googl eToolbarNotifier.exe"
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware. exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Download all links with IDM - C:\DOCUME~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\DOCUME~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\DOCUME~1\L.S\LOCALS~1\Temp\Rar$EX01.4 69\Internet Download Manager v5[1].12Build5\Internet Download Manager v5.12Build5\IEExt.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_m ui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: إرسال إلى &جهاز Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: إرسال إلى Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: تحميل الفيديو بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: تحميل الكل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: تحميل المحددة بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: تحميل بواسطة Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.D LL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Change Modem Device Service - Unknown owner - C:\WINDOWS\System32\ChgService.exe
O23 - Service: Express Accounts (ExpressAccountsService) - NCH Software - C:\Program Files\NCH Software\ExpressAccounts\expressaccounts .exe
O23 - Service: خدمة تحديث Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Inventoria Stock Manager (InventoriaService) - NCH Software - C:\Program Files\NCH Software\Inventoria\inventoria.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\xpm09_6162v012\wdm\STacSV.exe

--
End of file - 10991 bytes

اتمنى تسااااعدووووووووووووني :heart-b::heart-b::cry4: __DEFINE_LIKE_SHARE__

المواضيع المتشابهه
الموضوع	كاتب الموضوع	المنتدى	مشاركات	آخر مشاركة
جهازي صار يطفىء من نفسه ويعلق "تم التعديل"	محروم.كوم	منتدى أخبار المواقع والمنتديات العربية والأجنبية	0	08-18-2011 08:10 AM
بليز تساعدونى جهازى خربااااااان:(	محروم.كوم	منتدى أخبار المواقع والمنتديات العربية والأجنبية	0	09-02-2010 06:40 PM
مساعدة مساعدة لكل من يعرف يحل المشكلة :: جهازي بطي وتعلق في كلمة مرحبا ويعلق ؟	محروم.كوم	منتدى أخبار المواقع والمنتديات العربية والأجنبية	0	08-02-2010 12:50 AM
جهازي بدآ يخبط ويعلق واستجابته بطيئه جدا	محروم.كوم	منتدى أخبار المواقع والمنتديات العربية والأجنبية	0	12-07-2009 02:40 AM
بليز ساعدوووني جهازي مو معرب	محروم.كوم	منتدى أخبار المواقع والمنتديات العربية والأجنبية	0	04-17-2009 07:40 PM