[ تم حل المشكلة ] افتراضي Boot Menu عجزت أخلي الإقلاع من CD

  • بادئ الموضوع بادئ الموضوع almfkr
  • تاريخ البدء تاريخ البدء
  • المشاهدات 3,427
الحالة
مغلق و غير مفتوح للمزيد من الردود.
A

almfkr

زيزوومي جديد
إنضم
14 نوفمبر 2008
المشاركات
29
مستوى التفاعل
3
النقاط
20
غير متصل
السلام عليكم ورحمة الله وبركاته

بركب الويندوز على الجهاز لكن الاقلاع حاليا من Boot Menu على وضع الهادرسك وبحطه على السيدروم ما قدرت اختاره ما أدري وش الأمر اللي يخليه يختار أمر cd

20090513101p.jpg


لازم يكون رمز + على CDROM وعجزت اخليه عليه حركت بالاسهم وحرف + ما تحرك ما أدري وشلون

من يفيدنا جزاه الله خير
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
تأكدت من عمل الكيبورد ؟
 
توقيع : ahmosis
تأييد 0
أإظغط على سي دي روم بـ Enter

بعدها روح على أول خيـآر وأظغط Enter

بعدها F10

لحفظ التغيير اللي حصل

موفق ,,
 
توقيع : Corporation
تأييد 0
لو الكيبورد فيها عطل كان ما شفتني اكتب هنا :)


لا حطيتها على السيدورم وضغطت انتر يعيد تشغيل الجهاز من جديد
 
تأييد 0
لندع مشكلة تغيير البوت على جنب حالياً ,,
فقط لنتأكد من أن الجهـآز سليم ,,

أدخل على الجهـآز بششكل عادي ,, وأعمل التآلي ,,

حمل هذه الاداة واحفظها على سطح المكتب
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم
 
توقيع : Corporation
تأييد 0
لو الكيبورد فيها عطل كان ما شفتني اكتب هنا :)
أنقر للتوسيع...


:smile:

حلوة !
ما اعتقدت انك تعمل فرمتة لنفس الجهاز
 
توقيع : ahmosis
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:02:43 ص, on 13/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Nitro PDF Printer Monitor] "C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8544 bytes
 
تأييد 0
أعمل الخطوآت بالترتيب ,,

عطل برنامج الحماية لديك ,,

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
-----------
بعد أستخدآم الأدآة هات تقرير هايجاك جديد ,,
 
توقيع : Corporation
تأييد 0
ComboFix 09-05-12.04 - Administrator 05/13/2009 1:16.2 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.966.1025.18.2046.1585 [GMT 3:00]
Running from: c:\documents and settings\Administrator\سطح المكتب\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 )))))))))))))))))))))))))))))))
.

2009-05-12 22:02 . 2009-05-12 22:02 -------- d-----w c:\program files\Trend Micro
2009-05-12 20:07 . 2009-05-12 20:07 -------- d-----w c:\documents and settings\Administrator\Application Data\ImgBurn
2009-05-12 19:57 . 2009-05-12 19:57 -------- d-----w c:\program files\ImgBurn
2009-05-07 18:42 . 2009-05-07 18:42 -------- d-----w c:\program files\AskBarDis
2009-05-04 18:06 . 2009-05-04 18:06 -------- d-----w c:\documents and settings\Administrator\Application Data\Nitro PDF
2009-05-04 18:06 . 2009-05-04 18:06 -------- d-----w c:\program files\Common Files\BCL Technologies
2009-05-04 18:06 . 2009-05-04 18:06 -------- d-----w c:\program files\Nitro PDF
2009-05-04 18:06 . 2009-05-04 18:06 -------- d-----w c:\documents and settings\All Users\Application Data\Nitro PDF
2009-05-04 18:06 . 2009-05-04 18:06 -------- d-----w c:\program files\Common Files\Nitro PDF
2009-05-04 18:05 . 2009-05-04 18:05 -------- d-----w c:\windows\Downloaded Installations
2009-05-01 19:16 . 2008-04-13 21:16 37888 ----a-w c:\windows\system32\dllcache\bthmodem.sys
2009-05-01 19:16 . 2008-04-13 21:16 37888 ----a-w c:\windows\system32\drivers\bthmodem.sys
2009-05-01 16:32 . 2009-05-01 16:32 -------- d-----w c:\documents and settings\All Users\Application Data\vsosdk
2009-05-01 13:19 . 2009-05-01 13:19 -------- d-----w c:\documents and settings\All Users\Application Data\Nokia
2009-05-01 13:19 . 2009-05-01 13:19 -------- d-----w c:\program files\Common Files\Nokia
2009-05-01 13:18 . 2009-05-01 13:18 -------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-05-01 13:18 . 2009-05-01 13:18 -------- d-----w c:\documents and settings\Administrator\Application Data\Nokia
2009-05-01 13:17 . 2009-05-01 13:17 -------- d-----w c:\program files\Common Files\PCSuite
2009-05-01 13:17 . 2009-05-01 13:17 -------- d-----w c:\program files\DIFX
2009-05-01 13:17 . 2009-05-01 13:17 -------- d-----w c:\documents and settings\Administrator\Application Data\PC Suite
2009-05-01 13:17 . 2009-05-01 13:17 -------- d-----w c:\program files\PC Connectivity Solution
2009-05-01 13:17 . 2007-02-22 07:15 12288 ----a-w c:\windows\system32\drivers\nmwcdcj.sys
2009-05-01 13:17 . 2007-02-22 07:15 12288 ----a-w c:\windows\system32\drivers\nmwcdcm.sys
2009-05-01 13:17 . 2007-02-22 07:15 8320 ----a-w c:\windows\system32\drivers\nmwcdc.sys
2009-05-01 13:17 . 2007-02-22 07:15 65536 ----a-w c:\windows\system32\nmwcdcocls.dll
2009-05-01 13:17 . 2007-02-22 07:15 137216 ----a-w c:\windows\system32\drivers\nmwcd.sys
2009-05-01 13:17 . 2007-02-22 07:15 90624 ----a-w c:\windows\system32\nmwcdcls.dll
2009-05-01 13:17 . 2009-05-01 13:17 -------- d-----w c:\program files\Nokia
2009-04-29 17:55 . 2009-04-29 17:55 -------- d-sh--w c:\documents and settings\Administrator\IECompatCache
2009-04-29 17:54 . 2009-04-29 17:54 -------- d-sh--w c:\documents and settings\Administrator\PrivacIE
2009-04-29 17:36 . 2009-04-29 17:36 -------- d-sh--w c:\documents and settings\NetworkService\IETldCache
2009-04-29 17:36 . 2009-04-29 17:36 -------- d-sh--w c:\documents and settings\Administrator\IETldCache
2009-04-29 17:19 . 2009-04-29 17:19 -------- d--h--w c:\windows\ie8
2009-04-29 17:06 . 2009-04-29 17:06 -------- d-----w c:\windows\SxsCaPendDel
2009-04-29 11:07 . 2006-10-26 16:56 32592 ----a-w c:\windows\system32\msonpmon.dll
2009-04-29 11:06 . 2009-04-29 11:06 -------- d-----w c:\program files\Microsoft Works
2009-04-29 11:05 . 2009-04-29 11:05 -------- d-----w c:\program files\Microsoft.NET
2009-04-29 11:02 . 2009-04-29 11:02 -------- d-----w c:\program files\Microsoft Visual Studio 8
2009-04-29 11:02 . 2009-04-29 11:02 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft Help
2009-04-29 11:02 . 2009-04-29 11:02 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-29 10:59 . 2009-04-29 10:59 -------- d--h--r C:\MSOCache
2009-04-28 18:25 . 2009-04-28 18:25 -------- d-----w c:\documents and settings\Administrator\Application Data\GRETECH
2009-04-28 13:24 . 2009-04-28 13:24 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2009-04-27 20:52 . 2009-04-27 20:52 -------- d-----w c:\program files\MSBuild
2009-04-27 20:52 . 2009-04-27 20:52 -------- d-----w c:\windows\system32\XPSViewer
2009-04-27 20:52 . 2009-04-27 20:52 -------- d-----w c:\program files\Reference Assemblies
2009-04-27 20:52 . 2006-06-29 10:07 14048 ------w c:\windows\system32\spmsg2.dll
2009-04-27 20:49 . 2009-04-27 20:49 -------- d-----w c:\documents and settings\Administrator\Application Data\COWON
2009-04-27 13:36 . 2009-04-27 13:36 -------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-04-27 11:44 . 2009-04-27 11:44 -------- d-----w c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-04-27 11:39 . 2009-04-27 11:39 -------- d-----w c:\documents and settings\Administrator\Application Data\IDM
2009-04-27 11:39 . 2009-04-27 11:39 -------- d-----w c:\documents and settings\Administrator\Application Data\DMCache
2009-04-27 11:39 . 2009-04-27 11:39 -------- d-----w c:\program files\Internet Download Manager
2009-04-27 11:16 . 2008-10-16 11:06 208744 ----a-w c:\windows\system32\muweb.dll
2009-04-27 11:16 . 2008-10-16 11:06 268648 ----a-w c:\windows\system32\mucltui.dll
2009-04-27 11:12 . 2009-04-27 11:12 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Cooliris
2009-04-27 11:00 . 2009-04-27 11:00 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-27 10:59 . 2009-04-27 10:59 -------- d-----w c:\documents and settings\Administrator\Tracing
2009-04-27 10:49 . 2009-04-27 10:49 -------- d-----w c:\program files\Microsoft
2009-04-27 10:49 . 2009-04-27 10:49 -------- d-----w c:\program files\Windows Live SkyDrive
2009-04-27 10:49 . 2009-04-27 10:49 -------- d-----w c:\program files\Windows Live
2009-04-27 10:46 . 2009-04-27 10:46 -------- d-----w c:\program files\Common Files\Windows Live
2009-04-27 05:36 . 2009-03-08 01:31 59904 ----a-w c:\windows\system32\dllcache\icardie.dll
2009-04-27 05:36 . 2009-03-08 01:32 1985024 ----a-w c:\windows\system32\dllcache\iertutil.dll
2009-04-27 05:36 . 2009-03-08 01:31 55296 ----a-w c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-27 05:36 . 2009-02-20 10:20 13824 ------w c:\windows\system32\dllcache\ieudinit.exe
2009-04-27 05:36 . 2009-03-08 01:32 594432 ----a-w c:\windows\system32\dllcache\msfeeds.dll
2009-04-27 05:36 . 2009-02-06 18:07 3698584 ----a-w c:\windows\system32\dllcache\ieapfltr.dat
2009-04-27 05:36 . 2009-03-08 01:11 445952 ----a-w c:\windows\system32\dllcache\ieapfltr.dll
2009-04-27 05:36 . 2009-03-08 01:39 11063808 ----a-w c:\windows\system32\dllcache\ieframe.dll
2009-04-26 22:00 . 2009-04-26 22:00 -------- d-----w c:\program files\MSXML 4.0
2009-04-26 21:54 . 2009-04-26 21:54 136 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\fusioncache.dat
2009-04-26 21:54 . 2009-04-26 21:54 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory
2009-04-26 21:52 . 2009-02-09 11:22 2190592 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-26 21:51 . 2009-02-09 11:22 2146816 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-26 21:51 . 2009-02-09 11:22 2025472 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-26 21:46 . 2008-10-24 11:21 455296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-26 21:42 . 2008-06-14 17:31 271616 ------w c:\windows\system32\dllcache\bthport.sys
2009-04-26 21:38 . 2009-04-26 21:38 -------- d--h--w c:\windows\$hf_mig$
2009-04-26 21:36 . 2008-10-16 11:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-04-26 21:24 . 2009-04-26 21:24 -------- d-sh--w c:\documents and settings\Administrator\UserData
2009-04-26 21:22 . 2006-07-28 22:22 51712 ----a-w c:\windows\system32\coodest.dll
2009-04-26 21:22 . 2006-11-06 12:30 262144 ----a-w c:\windows\system32\lame_enc.dll
2009-04-26 21:22 . 2005-05-19 00:17 40960 ----a-w c:\windows\system32\osenxpsuite2005.dll
2009-04-26 21:22 . 2009-04-26 21:22 -------- d-----w c:\windows\system32\RMBin
2009-04-26 21:22 . 2009-04-26 21:22 -------- d-----w c:\program files\Ozone
2009-04-26 21:17 . 2009-04-26 21:17 -------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-04-26 21:16 . 2007-04-09 10:23 28040 ----a-w c:\windows\system32\mdimon.dll
2009-04-26 21:16 . 2009-04-26 21:16 -------- d-----w c:\windows\SHELLNEW
2009-04-26 21:15 . 2009-04-26 21:15 -------- d-----w c:\program files\uTorrent
2009-04-26 21:15 . 2009-04-26 21:15 -------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent
2009-04-26 21:14 . 2009-04-26 21:14 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-26 21:13 . 2006-05-13 18:29 843 ----a-w c:\windows\ChangeWinXPKey.vbs
2009-04-26 21:13 . 2009-04-26 21:13 -------- d-----w c:\windows\system32\drivers\UMDF
2009-04-26 21:13 . 2009-04-26 21:13 -------- d-----w c:\windows\system32\LogFiles
2009-04-26 21:13 . 2009-01-07 15:20 26144 ----a-w c:\windows\system32\spupdsvc.exe
2009-04-26 21:12 . 2009-04-26 21:12 47360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2009-04-26 21:12 . 2009-04-26 21:12 47360 ----a-w c:\documents and settings\Administrator\Application Data\pcouffin.sys
2009-04-26 21:12 . 2009-04-26 21:12 -------- d-----w c:\documents and settings\Administrator\Application Data\Vso
2009-04-26 21:12 . 2006-09-29 10:24 217127 ----a-w c:\windows\system32\drv43260.dll
2009-04-26 21:12 . 2006-09-29 10:25 208935 ----a-w c:\windows\system32\drv33260.dll
2009-04-26 21:12 . 2006-09-29 10:26 176165 ----a-w c:\windows\system32\drv23260.dll
2009-04-26 21:12 . 2007-03-18 18:37 65602 ----a-w c:\windows\system32\cook3260.dll
2009-04-26 21:12 . 2006-05-11 17:21 626688 ----a-w c:\windows\system32\vp7vfw.dll
2009-04-26 21:12 . 2004-05-04 09:53 1645320 ----a-w c:\windows\gdiplus.dll
2009-04-26 21:12 . 2009-04-26 21:12 -------- d-----w c:\program files\VSO
2009-04-26 21:11 . 2009-04-26 21:11 -------- d-----w c:\program files\Common Files\xing shared
2009-04-26 21:11 . 2009-04-26 21:11 -------- d-----w c:\program files\Common Files\Real
2009-04-26 21:11 . 2009-04-26 21:11 -------- d-----w c:\program files\Real
2009-04-26 21:10 . 2009-04-26 21:10 -------- d-----w c:\documents and settings\Administrator\Local Settings\Application Data\Ahead
2009-04-26 21:10 . 2009-04-26 21:10 -------- d-----w c:\program files\NeroInstall.bak
2009-04-26 21:10 . 2009-04-26 21:10 -------- d-----w c:\documents and settings\Administrator\Application Data\Nero
2009-04-26 21:09 . 2009-04-26 21:09 -------- d-----w c:\program files\Nero
2009-04-26 21:09 . 2009-04-26 21:09 -------- d-----w c:\documents and settings\All Users\Application Data\Nero
2009-04-26 21:09 . 2009-04-26 21:09 -------- d-----w c:\program files\Common Files\Nero
2009-04-26 21:06 . 2009-04-26 21:06 -------- d-----w c:\program files\AskTBar
2009-04-26 21:05 . 2009-04-26 21:05 -------- d-sh--w C:\Recycled
2009-04-26 21:02 . 2009-04-26 21:02 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-12 22:14 . 2009-04-26 20:29 2640 ----a-w c:\windows\bthservsdp.dat
2009-05-12 22:13 . 2008-04-15 09:00 71186 ----a-w c:\windows\system32\perfc001.dat
2009-05-12 22:13 . 2008-04-15 09:00 375674 ----a-w c:\windows\system32\perfh001.dat
2009-04-30 06:51 . 2009-04-26 20:20 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-29 17:36 . 2009-04-26 20:30 859608 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-26 20:56 . 2009-04-26 20:56 -------- d-----w c:\program files\JetAudio
2009-04-26 20:56 . 2009-04-26 20:56 -------- d-----w c:\program files\Common Files\COWON
2009-04-26 20:56 . 2009-04-26 20:56 -------- d-----w c:\program files\GRETECH
2009-04-26 20:56 . 2009-04-26 20:56 0 ----a-w c:\windows\nsreg.dat
2009-04-26 20:54 . 2009-04-26 20:54 -------- d-----w c:\program files\Common Files\Adobe
2009-04-26 20:53 . 2009-04-26 20:53 -------- d-----w c:\program files\Common Files\ACD Systems
2009-04-26 20:53 . 2009-04-26 20:53 -------- d-----w c:\program files\ACD Systems
2009-04-26 20:43 . 2009-04-26 20:43 -------- d-----w c:\program files\HP
2009-04-26 20:41 . 2009-04-26 20:41 -------- d--h--w c:\program files\Avago-HP
2009-04-26 20:36 . 2009-04-26 20:36 -------- d-----w c:\program files\Motorola
2009-04-26 20:32 . 2009-04-26 20:28 16608 ----a-w c:\windows\gdrv.sys
2009-04-26 20:30 . 2009-04-26 20:30 -------- d-----w c:\program files\Realtek
2009-04-26 20:30 . 2009-04-26 20:30 315392 ----a-w c:\windows\HideWin.exe
2009-04-26 20:30 . 2009-04-26 20:30 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-26 20:30 . 2009-04-26 20:30 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-26 20:28 . 2009-04-26 20:28 -------- d-----w c:\program files\Intel
2009-04-26 20:21 . 2009-04-26 20:21 -------- d-----w c:\program files\microsoft frontpage
2009-04-26 20:20 . 2008-04-15 09:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-04-26 20:18 . 2009-04-26 20:18 22144 ----a-w c:\windows\system32\emptyregdb.dat
2009-03-26 15:35 . 2009-04-03 13:24 210352 ----a-w c:\windows\system32\idmmbc.dll
2009-03-08 01:34 . 2008-04-15 09:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 01:34 . 2008-04-15 09:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 01:33 . 2008-04-15 09:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 01:33 . 2008-04-15 09:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 01:32 . 2008-04-15 09:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 01:32 . 2008-04-15 09:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 01:31 . 2008-04-15 09:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 01:31 . 2008-04-15 09:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 01:31 . 2008-04-15 09:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 01:22 . 2008-04-15 09:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:20 . 2008-04-15 09:00 283136 ----a-w c:\windows\system32\pdh.dll
2009-03-04 13:43 . 2009-03-04 13:43 508200 ----a-w c:\windows\system32\ICCProfiles.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-05-12_22.13.38 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-15 09:00 . 2009-05-12 22:04 71196 c:\windows\system32\perfc009.dat
+ 2008-04-15 09:00 . 2009-05-12 22:13 71196 c:\windows\system32\perfc009.dat
+ 2008-04-15 09:00 . 2009-05-12 22:13 441260 c:\windows\system32\perfh009.dat
- 2008-04-15 09:00 . 2009-05-12 22:04 441260 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL" [2009-04-26 57344]

[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 09:47 333192 ----a-w c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-15 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-27 2794928]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="=" [X]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-26 185872]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2009-03-04 209216]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-15 110592]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-13 16857600]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-06-28 1626112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

c:\documents and settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ں颬نïé\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-1-14 525664]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\English\\setup.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [07/05/2009 09:42 م 234888]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\Nitro PDF Professional]
cscript //B "c:\program files\Nitro PDF\Professional\RemoveOldAddins.vbs"
.
Contents of the 'Scheduled Tasks' folder

2009-05-12 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]

2009-05-11 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 14:04]

2009-05-12 c:\windows\Tasks\User_Feed_Synchronization-{084E0A71-4664-40EF-8E18-10F7C5847612}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 01:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?o=13928&l=dis
uInternet Settings,ProxyOverride = *.local
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\e9dougnf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\e9dougnf.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-13 01:17
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1177238915-162531612-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,d8,ae,b9,92,ad,5e,49,91,2e,91,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,d8,ae,b9,92,ad,5e,49,91,2e,91,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e5,d8,ae,b9,92,ad,5e,49,91,2e,91,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2332)
c:\program files\Common Files\Nero\Lib\NeroDigitalExt.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-12 1:18
ComboFix-quarantined-files.txt 2009-05-12 22:18
ComboFix2.txt 2009-05-12 22:14

Pre-Run: 16,018,374,656 bytes free
Post-Run: 16,012,607,488 bytes free

298 --- E O F --- 2009-04-29 18:02
 
تأييد 0
هات تقرير للهايجآك جديد > تسوية الحين ,,​
 
توقيع : Corporation
تأييد 0
أخي العزيز
عند تشغيل الجهاز اضغط على f12 ستظهر لك الرساله السابقة لكن قبل الضغط ضع فلاش ميموري في الجهاز وسيتحرك معاك الكيبورد واختار CDROM

وهذه المشكلة تحصل في الكبيورد ذات توصيلة USB

جرب ورد خبر ...




20090513101p.jpg
 
تأييد 0
خلاص ضبطت الامور عند بدء التشغيل جلست اضغط على f10 ودخل على التنصيب
شكرا لكم جميعا
 
تأييد 0
بارك الله فيكم

ما قصرو الشباب

وينطيكم ألف عافيه

والحمد الله على أنتهاء المشكله

بالتوفيق
 
توقيع : أعتز بك
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى