مشكلتي بعذ تثبيت أحد التحديثات

  • بادئ الموضوع بادئ الموضوع |حسام |
  • تاريخ البدء تاريخ البدء
  • المشاهدات 934
ح

|حسام |

زيزوومي نشيط
إنضم
18 فبراير 2008
المشاركات
114
مستوى التفاعل
0
النقاط
120
الإقامة
الرياض
غير متصل
السلام عليكم ورحمة الله وبركاته

جهازي ماك بوك الجديد ومثبت عليه ويندوز وماكنتوش بس أكثر شي أشتغل عليه ويندوز

وشغال الحمد لله تمام بس المشكله اليوم العصر نزلت أحد التحديثات بنظام الويندوز المتعلق بلوحة trackpad وهذا رابط التحديث

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وطلعت لي شاشه زرقاء :?: وأعاد التشغيل على طول

ويوم فتحت الجهاز ثانيه وفتحت أحد أفلامي طلعت الشاشه الزرقاء وأعاد التشغيل

وش الحل ؟؟؟؟
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
للرفع
 
تأييد 0
حياك يالغلا

اعمل الاتي بالترتيب

(1)

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
 بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
 انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة

(2)

 تقرير هايجاك
حمل هذا البرنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم




 
التعديل الأخير بواسطة المشرف:
توقيع : KoNaMi
تأييد 0
الله يجزاك خير انتظرن الله يحفظك
 
تأييد 0
هذا التقرير الأول

ComboFix 09-04-17.01 - MacBook 04/16/2009 20:20.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.1768.1274 [GMT 3:00]
Running from: c:\documents and settings\MacBook\My Documents\Downloads\Programs\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090416-0] *On-access scanning enabled* (Updated)
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\mac.dll
G:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2009-03-17 to 2009-04-17 )))))))))))))))))))))))))))))))
.
2009-04-16 13:51 . 2009-04-16 13:51 268 ---ha-w C:\sqmdata09.sqm
2009-04-16 13:51 . 2009-04-16 13:51 244 ---ha-w C:\sqmnoopt09.sqm
2009-04-16 13:50 . 2009-03-19 13:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-04-16 13:50 . 2008-04-17 09:12 107368 ----a-w c:\windows\system32\GEARAspi.dll
2009-04-16 13:50 . 2009-04-16 13:50 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-16 04:53 . 2009-04-16 05:13 -------- d-----w c:\documents and settings\MacBook\Application Data\dvdcss
2009-04-16 04:50 . 2009-04-16 13:50 -------- d-----w c:\documents and settings\MacBook\Application Data\Apple Computer
2009-04-16 04:47 . 2009-04-16 13:50 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-16 04:47 . 2009-04-16 13:50 -------- d-----w c:\documents and settings\MacBook\Local Settings\Application Data\Apple Computer
2009-04-14 03:30 . 2009-04-14 03:30 1555 ----a-w c:\windows\ata live update.ini
2009-04-14 03:22 . 2009-04-14 03:22 268 ---ha-w C:\sqmdata08.sqm
2009-04-14 03:22 . 2009-04-14 03:22 244 ---ha-w C:\sqmnoopt08.sqm
2009-04-14 03:22 . 2009-04-14 03:22 -------- d-----w c:\windows\speech
2009-04-14 03:22 . 2009-04-14 03:22 172032 ------w c:\windows\Setup1.exe
2009-04-14 03:22 . 2009-04-14 03:22 73216 ----a-w c:\windows\ST6UNST.EXE
2009-04-14 03:22 . 2009-04-14 03:22 -------- d-----w C:\Al-Moheet
2009-04-11 02:24 . 2009-04-14 03:23 -------- d-----w c:\documents and settings\MacBook\Application Data\uTorrent
2009-04-09 08:15 . 2009-04-09 08:15 -------- d-----w c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-04-09 00:06 . 2009-04-09 00:06 268 ---ha-w C:\sqmdata07.sqm
2009-04-09 00:06 . 2009-04-09 00:06 244 ---ha-w C:\sqmnoopt07.sqm
2009-04-08 22:43 . 2009-04-08 22:43 -------- d-----w c:\documents and settings\MacBook\Application Data\Media Player Classic
2009-04-08 22:42 . 2009-04-09 00:23 -------- d-----w c:\windows\system32\CatRoot_bak
2009-04-08 22:31 . 2009-04-08 22:31 268 ---ha-w C:\sqmdata06.sqm
2009-04-08 22:31 . 2009-04-08 22:31 244 ---ha-w C:\sqmnoopt06.sqm
2009-04-08 22:19 . 2009-04-08 22:19 268 ---ha-w C:\sqmdata05.sqm
2009-04-08 22:19 . 2009-04-08 22:19 244 ---ha-w C:\sqmnoopt05.sqm
2009-04-08 22:17 . 2009-04-08 22:18 -------- d-----w c:\documents and settings\MacBook\Application Data\vlc
2009-04-08 21:57 . 2009-04-08 21:57 268 ---ha-w C:\sqmdata04.sqm
2009-04-08 21:57 . 2009-04-08 21:57 244 ---ha-w C:\sqmnoopt04.sqm
2009-04-08 20:47 . 2009-04-16 13:19 -------- d-----w c:\documents and settings\MacBook\Local Settings\Application Data\Ares
2009-04-08 20:14 . 2008-03-17 08:56 103168 ----a-w c:\windows\system32\drivers\ewusbfake.sys
2009-04-08 20:14 . 2008-03-17 08:03 101376 ----a-w c:\windows\system32\drivers\ewusbmdm.sys
2009-04-08 20:14 . 2008-03-16 11:47 872192 ----a-w c:\windows\system32\drivers\mod7700.sys
2009-04-08 20:14 . 2008-01-22 12:09 100992 ----a-w c:\windows\system32\drivers\ewusbnet.sys
2009-04-08 20:14 . 2007-08-09 01:13 24448 ----a-w c:\windows\system32\drivers\ewdcsc.sys
2009-04-05 16:54 . 2008-08-14 13:42 2137600 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-05 16:54 . 2008-08-14 13:42 2181888 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-05 16:54 . 2008-08-14 13:42 2059264 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-04-05 16:54 . 2008-08-14 13:42 2017280 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-05 16:48 . 2009-04-05 16:48 -------- d-----w c:\documents and settings\MacBook\Application Data\GRETECH
2009-04-05 16:41 . 2008-10-24 11:10 453632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-05 16:32 . 2009-04-16 05:05 -------- d--h--w c:\windows\$hf_mig$
2009-04-03 19:51 . 2009-04-03 19:51 0 ----a-w c:\windows\nsreg.dat
2009-04-03 19:51 . 2009-04-03 19:51 -------- d-----w c:\documents and settings\MacBook\Local Settings\Application Data\Mozilla
2009-04-03 18:08 . 2009-04-03 18:08 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-04-03 18:08 . 2009-04-03 18:08 -------- d-----w c:\documents and settings\MacBook\Application Data\SUPERAntiSpyware.com
2009-04-03 18:05 . 2009-04-03 18:07 -------- d-----w c:\documents and settings\All Users\Application Data\WinZip
2009-04-03 17:53 . 2009-04-03 17:53 99496 ----a-w c:\documents and settings\MacBook\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-03 13:24 . 2009-04-16 02:30 -------- d-----w c:\documents and settings\MacBook\Application Data\IDM
2009-04-03 13:24 . 2009-04-16 17:21 -------- d-----w c:\documents and settings\MacBook\Application Data\DMCache
2009-04-02 12:34 . 2009-04-02 12:34 268 ---ha-w C:\sqmdata02.sqm
2009-04-02 12:34 . 2009-04-02 12:34 244 ---ha-w C:\sqmnoopt02.sqm
2009-04-01 16:08 . 2009-04-01 16:08 268 ---ha-w C:\sqmdata01.sqm
2009-04-01 16:08 . 2009-04-01 16:08 244 ---ha-w C:\sqmnoopt01.sqm
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-16 17:16 . 2004-08-04 12:00 40316 ----a-w c:\windows\system32\perfc001.dat
2009-04-16 17:16 . 2004-08-04 12:00 251946 ----a-w c:\windows\system32\perfh001.dat
2009-04-16 13:50 . 2009-04-16 13:50 -------- d-----w c:\program files\iTunes
2009-04-16 13:50 . 2009-04-16 13:50 -------- d-----w c:\program files\iPod
2009-04-16 13:50 . 2009-04-16 13:49 -------- d-----w c:\program files\Common Files\Apple
2009-04-16 13:50 . 2009-04-16 13:50 -------- d-----w c:\program files\Bonjour
2009-04-16 13:28 . 2009-04-16 13:27 -------- d-----w c:\program files\Safari
2009-04-16 04:48 . 2009-04-16 04:47 -------- d-----w c:\program files\QuickTime
2009-04-15 21:43 . 2009-04-03 13:24 -------- d-----w c:\program files\Internet Download Manager
2009-04-14 03:22 . 2009-04-14 03:22 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-04-11 19:01 . 2009-04-11 18:59 -------- d-----w c:\program files\The KMPlayer
2009-04-11 02:24 . 2009-04-11 02:24 -------- d-----w c:\program files\uTorrent
2009-04-10 02:51 . 2009-02-22 13:03 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-08 22:41 . 2009-04-03 17:25 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-08 22:16 . 2009-04-08 22:16 -------- d-----w c:\program files\VideoLAN
2009-04-08 20:47 . 2009-04-08 20:46 -------- d-----w c:\program files\Ares
2009-04-08 20:17 . 2009-04-08 20:13 -------- d-----w c:\program files\ALJAWAL 3.5G HSPA
2009-04-05 16:43 . 2009-04-05 16:43 -------- d-----w c:\program files\CEP 2009, vers 7.0 - system files
2009-04-03 18:18 . 2009-04-03 18:08 -------- d-----w c:\program files\SUPERAntiSpyware
2009-04-03 18:07 . 2009-04-03 18:07 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-03 17:46 . 2009-04-03 17:46 268 ---ha-w C:\sqmdata03.sqm
2009-04-03 17:46 . 2009-04-03 17:46 244 ---ha-w C:\sqmnoopt03.sqm
2009-04-03 17:46 . 2009-04-03 17:46 -------- d-----w c:\program files\Alwil Software
2009-04-03 17:42 . 2009-04-03 17:42 -------- d-----w c:\program files\GRETECH
2009-02-22 14:31 . 2009-02-22 14:31 268 ---ha-w C:\sqmdata00.sqm
2009-02-22 14:31 . 2009-02-22 14:31 244 ---ha-w C:\sqmnoopt00.sqm
2009-02-22 14:30 . 2009-02-22 14:30 -------- d-----w c:\program files\MSN Messenger
2009-02-22 13:36 . 2009-02-22 13:32 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-02-22 13:35 . 2009-02-22 13:35 -------- d-----w c:\program files\Microsoft Works
2009-02-22 13:35 . 2009-02-22 13:35 -------- d-----w c:\program files\MSBuild
2009-02-22 13:22 . 2009-02-22 13:22 -------- d-----w c:\program files\Intel
2009-02-22 13:21 . 2009-02-22 13:21 -------- d-----w c:\program files\Boot Camp
2009-02-22 13:21 . 2009-02-22 13:21 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-02-22 13:21 . 2009-02-22 13:21 -------- d-----w c:\program files\Motorola
2009-02-22 13:21 . 2009-02-22 13:20 1655 ----a-w C:\RHDSetup.log
2009-02-22 13:20 . 2009-02-22 13:20 -------- d-----w c:\program files\Realtek
2009-02-22 13:20 . 2009-02-22 13:20 319488 ----a-w c:\windows\HideWin.exe
2009-02-22 13:20 . 2009-02-22 13:20 -------- d--h--w c:\program files\InstallShield Installation Information
2009-02-22 13:20 . 2009-02-22 13:19 -------- d-----w c:\program files\Common Files\InstallShield
2009-02-22 13:20 . 2009-02-22 13:20 -------- d-----w c:\program files\SigmaTel
2009-02-22 13:18 . 2009-02-22 13:18 -------- d-----w c:\program files\DIFX
2009-02-22 13:18 . 2009-02-22 13:18 -------- d-----w c:\program files\Apple Software Update
2009-02-22 13:18 . 2009-02-22 13:18 -------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-02-22 13:04 . 2009-02-22 13:04 -------- d-----w c:\program files\microsoft frontpage
2009-02-22 13:01 . 2009-02-22 13:01 22144 ----a-w c:\windows\system32\emptyregdb.dat
2009-02-09 14:15 . 2004-08-04 12:00 1846144 ----a-w c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-03 932864]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-03 1830128]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-13 13545472]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-13 86016]
"Apple_KbdMgr"="c:\program files\Boot Camp\KbdMgr.exe" [2008-10-13 431408]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-03 110592]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-13 1630208]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-10-13 16864768]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-4-11 394856]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 09:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@="Driver Group"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
S1 aswSP;avast! Self Protection; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-03-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-03-23 72944]
S2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe [2008-10-13 136496]
S2 AppleTimeSrv;Apple Time Service;c:\windows\system32\AppleTimeSrv.exe [2008-10-13 99632]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys [2008-10-13 5760]
S2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys [2008-10-13 6784]
S3 applemtm;Apple Multitouch Mouse;c:\windows\system32\DRIVERS\applemtm.sys [2008-12-16 10496]
S3 applemtp;Apple Multitouch;c:\windows\system32\DRIVERS\applemtp.sys [2008-12-16 28544]
S3 IRRemoteFlt;IR Receiver Filter Driver;c:\windows\system32\DRIVERS\IRFilter.sys [2008-10-13 16512]
S3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\DRIVERS\KeyMagic.sys [2008-10-13 22528]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{94773427-28a4-11de-a7a1-00236cb524e9}]
\Shell\AutoRun\command - e:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{95b29928-2079-11de-a79b-00236cb524e9}]
\Shell\AutoRun\command - E:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{adfe1e0a-2548-11de-a7a0-00236cb524e9}]
\Shell\AutoRun\command - v.cmd
\Shell\explore\Command - v.cmd
\Shell\open\Command - v.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4a8f9c8-2488-11de-a79c-00236cb524e9}]
\Shell\AutoRun\command - E:\AutoRun.exe
.
Contents of the 'Scheduled Tasks' folder
2009-04-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 09:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\MacBook\Application Data\Mozilla\Firefox\Profiles\fp398t4v.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - component: c:\documents and settings\MacBook\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-04-16 20:21
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(764)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\MacBook\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
.
Completion time: 2009-04-16 20:22
ComboFix-quarantined-files.txt 2009-04-16 17:22
Pre-Run: 86,394,347,520 bytes free
Post-Run: 86,452,948,992 bytes free
225 --- E O F --- 2009-04-09 00:01
 
تأييد 0
وهذا تقرير الأداه الثانيه

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:24:02 م, on 16/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\AppleOSSMgr.exe
C:\WINDOWS\system32\AppleTimeSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Boot Camp\KbdMgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\MacBook\My Documents\Downloads\Programs\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\WINDOWS\system32\AppleOSSMgr.exe
O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\WINDOWS\system32\AppleTimeSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6304 bytes
 
تأييد 0
الحل الله لايريكم مكروه
 
تأييد 0
يارب أحد يسعفن لأن جهازي طفشن كل شوي شاشه زرقاء وعايد التشغيل
 
تأييد 0
شباب تكفون بإنتظاركم
 
تأييد 0
بإنتظار فزعه
 
تأييد 0
توقيع : KoNaMi
تأييد 0
شكراً على اهتمامك يالغالي , أبا أسوي تحليل وأرجعلك
 
تأييد 0
هذاالسبب و أنتظر الحل
se !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000090, bac8150e, bacd3b08, 0}
*** WARNING: Unable to verify timestamp for Wdf01000.sys
*** ERROR: Module load completed but symbols could not be loaded for Wdf01000.sys
Probably caused by : applemtp.sys ( applemtp+150e )
Followup: MachineOwner
 
تأييد 0
ياخوي والله السالفه متلعوزه شوي

لكن بحـاول معك
عطل استعادة النظام حسب الشرح التالي

dis_sys_xp.jpg

ثم
احذف هالبرامج (طبعا مؤقتا لين تنحل المشكله وبعدين ردهـ )

SUPERAntiSpyware.exe

واذهب الى اضافة وازالة البرامج وحدد الاوفيس2007 واختر تعديل وشيل الخيار من قدام GrooveMonitor
وخله ينفذ التثبيت

يعني هذا GrooveMonitor ما نبيه لانه يستهلك الرام

بعد كذا
حمل هذي الاداه ونظف جهازك بها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


واعد تشغيل الجهاز وخبرنا بالنتيجه

بالتوفيق
 
توقيع : SUL6AN
تأييد 0
كتبت السبب كما في التحليل بجوجل
وحصلت مشكلتي بكذا موقع أجنبي
هذا واحد منهن
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


PS
ما أدري هل هذا حل كافي أو لا
شكرا على اهتمامكم
 
تأييد 0
الله يجزاك خير اخوي sul6an إذا مانفع الحل اللي فوق أجرب حلك
 
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى