[تم حل المشكلة]مشكله في Microsoft Office 2007

الحالة
مغلق و غير مفتوح للمزيد من الردود.
L

leel

زيزوومي جديد
إنضم
21 نوفمبر 2007
المشاركات
30
مستوى التفاعل
3
النقاط
40
غير متصل
السلام عليكم اهلين اخزاني اعضاء زيزوم

انا مثبت Microsoft Office من فتره وضبط معي زي الحلاوه

والان لما اجي استخدمه ينقتح معي ويطلع لي النافذه

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



ارجوا افادي وش حل المشكله
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
اذا يمشي معاك استعادة النظام لوقت سابق فافعل
 

تأييد 0
ننتظر حل المشكله ......؟
 
تأييد 0
اخوي هل حذفت الاوفيس ؟؟

ولاهنت اعمل الاتي

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم[/B]
 
التعديل الأخير بواسطة المشرف:
توقيع : KoNaMi
تأييد 0
اهلين اخوي

حذفته كم ورجعت وثبته لكن مانفع

وانا الان مثبته هل تريد ان احذفه ام لا
 
تأييد 0
اعمل التقرير الي قلتلك عليه ^ ^
 
توقيع : KoNaMi
تأييد 0
هذا اللي طلع لي

بس تراني ماحذفت البرنامج


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:35 AM, on 11/5/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\MTHR\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Users\MTHR\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Users\MTHR\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MTHR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\MTHR\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\MTHR\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: dlbt_device - - C:\Windows\system32\dlbtcoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9010 bytes
 
تأييد 0
اعمل الاتي

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : KoNaMi
تأييد 0
ComboFix 09-11-04.02 - MTHR 11/05/2009 11:31.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1917.918 [GMT -8:00]
Running from: c:\users\MTHR\Documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091104-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1351 [VPS 091104-1] *disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2309113458-2010962160-3896015102-500
c:\windows\system32\OGACheckControl.dll

.
((((((((((((((((((((((((( Files Created from 2009-10-05 to 2009-11-05 )))))))))))))))))))))))))))))))
.

2009-11-05 19:43 . 2009-11-05 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-05 18:06 . 2009-11-05 18:06 -------- d-----w- c:\program files\Trend Micro
2009-11-05 13:22 . 2009-11-05 13:22 -------- d-----r- C:\MSOCache
2009-10-24 08:02 . 2009-10-24 08:02 680 ----a-w- c:\users\MTHR\AppData\Local\d3d9caps.dat
2009-10-22 06:02 . 2009-10-22 06:02 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-21 09:18 . 2009-10-21 09:18 -------- d-----w- c:\program files\VS Revo Group
2009-10-16 20:24 . 2009-09-10 17:38 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-16 20:24 . 2009-08-05 14:28 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-16 20:24 . 2009-08-05 14:28 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-16 20:23 . 2009-09-04 12:38 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-16 20:23 . 2009-09-14 09:50 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-16 20:22 . 2009-04-02 11:50 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 20:09 . 2009-10-13 20:09 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-05 16:33 . 2009-08-19 05:24 114400 ----a-w- c:\users\MTHR\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-05 13:46 . 2009-08-19 02:57 8192 d-----w- c:\programdata\Microsoft Help
2009-10-22 09:23 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-10-22 09:17 . 2009-08-24 02:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-10-22 06:03 . 2009-08-23 04:33 4096 d-----w- c:\program files\Common Files\Real
2009-10-22 06:02 . 2009-08-23 04:33 -------- d-----w- c:\program files\Real
2009-10-21 09:19 . 2009-08-23 02:36 4096 d-----w- c:\users\MTHR\AppData\Roaming\uTorrent
2009-10-18 09:09 . 2009-08-19 18:43 4096 d-----w- c:\users\MTHR\AppData\Roaming\Skype
2009-10-18 08:02 . 2009-08-19 18:46 -------- d-----w- c:\users\MTHR\AppData\Roaming\skypePM
2009-10-16 02:37 . 2009-08-24 02:51 -------- d-----w- c:\program files\Microsoft.NET
2009-10-16 02:37 . 2009-08-19 02:53 16384 d-----w- c:\program files\Microsoft Works
2009-10-05 23:07 . 2009-10-05 23:07 -------- d-----w- c:\program files\TMG
2009-10-01 17:29 . 2009-10-03 00:44 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-13 21:36 . 2009-09-13 21:36 -------- d-----w- c:\users\MTHR\AppData\Roaming\Apple Computer
2009-09-09 04:54 . 2009-08-23 20:49 4096 d-----w- c:\program files\Microsoft Silverlight
2009-09-08 02:34 . 2009-09-08 02:35 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-08 02:34 . 2007-08-22 20:26 -------- d-----w- c:\program files\Java
2009-09-07 07:49 . 2009-09-06 22:32 -------- d-----w- c:\users\MTHR\AppData\Roaming\PC Suite
2009-09-07 07:49 . 2009-09-06 22:32 -------- d-----w- c:\users\MTHR\AppData\Roaming\Nokia
2009-09-07 07:49 . 2009-09-06 22:32 -------- d-----w- c:\programdata\PC Suite
2009-09-06 22:36 . 2009-09-06 22:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-09-06 22:36 . 2009-09-06 22:36 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-09-06 22:31 . 2009-09-06 22:31 -------- d-----w- c:\program files\Common Files\PCSuite
2009-09-06 22:31 . 2009-09-06 22:31 -------- d-----w- c:\program files\Common Files\Nokia
2009-09-06 22:31 . 2009-09-06 22:22 -------- d-----w- c:\program files\Nokia
2009-09-06 22:30 . 2009-09-06 22:30 -------- d-----w- c:\program files\DIFX
2009-09-06 22:28 . 2009-09-06 22:28 12288 d-----w- c:\program files\PC Connectivity Solution
2009-09-06 22:21 . 2009-09-06 22:21 8192 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-09-06 22:21 . 2009-09-06 22:21 61440 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-09-06 22:21 . 2009-09-06 22:21 10240 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-09-06 22:21 . 2009-09-06 22:21 -------- d-----w- c:\programdata\Installations
2009-09-06 22:15 . 2009-09-06 22:22 33731296 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_eng_us_web.exe
2009-08-30 00:32 . 2009-08-30 00:32 81920 ----a-w- c:\users\MTHR\AppData\Roaming\ezpinst.exe
2009-08-30 00:32 . 2009-08-30 00:32 81920 ----a-w- c:\users\MTHR\AppData\Roaming\ezpinst.exe
2009-08-30 00:32 . 2009-08-30 00:32 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-08-30 00:32 . 2009-08-30 00:32 47360 ----a-w- c:\users\MTHR\AppData\Roaming\pcouffin.sys
2009-08-30 00:32 . 2009-08-30 00:32 47360 ----a-w- c:\users\MTHR\AppData\Roaming\pcouffin.sys
2009-08-27 14:02 . 2009-10-22 18:51 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 13:57 . 2009-10-22 18:51 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 13:57 . 2009-10-22 18:51 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-27 13:56 . 2009-10-22 18:51 72704 ----a-w- c:\windows\system32\admparse.dll
2009-08-27 11:24 . 2009-10-22 18:51 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-27 09:51 . 2009-10-22 18:51 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-08-23 20:53 . 2009-08-23 20:53 120088 ----a-w- c:\users\MTHR\AppData\Roaming\Mozilla\Plugins\npoctoshape.dll
2009-08-21 03:56 . 2009-08-21 03:56 268800 ----a-w- c:\windows\system32\es.dll
2009-08-20 08:03 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-20 01:36 . 2009-08-20 01:36 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-08-20 01:36 . 2009-08-20 01:36 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-08-20 01:36 . 2009-08-20 01:36 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-08-20 01:36 . 2009-08-20 01:36 272896 ----a-w- c:\windows\system32\polstore.dll
2009-08-20 01:34 . 2009-08-20 01:34 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-08-20 01:34 . 2009-08-20 01:34 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-08-20 01:33 . 2009-08-20 01:33 2028032 ----a-w- c:\windows\system32\win32k.sys
2009-08-20 01:32 . 2009-08-20 01:32 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-08-20 01:32 . 2009-08-20 01:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-08-20 01:32 . 2009-08-20 01:32 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-08-20 01:32 . 2009-08-20 01:32 24064 ----a-w- c:\windows\system32\lpk.dll
2009-08-20 01:32 . 2009-08-20 01:32 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-08-20 01:32 . 2009-08-20 01:32 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-08-20 01:29 . 2009-08-20 01:29 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-08-20 01:28 . 2009-08-20 01:28 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-20 01:27 . 2009-08-20 01:27 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-08-20 01:25 . 2009-08-20 01:25 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-08-20 01:24 . 2009-08-20 01:24 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-08-20 01:24 . 2009-08-20 01:24 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-08-20 01:23 . 2009-08-20 01:23 156160 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-20 01:21 . 2009-08-20 01:21 36352 ----a-w- c:\windows\system32\tsgqec.dll
2009-08-20 01:21 . 2009-08-20 01:21 1871872 ----a-w- c:\windows\system32\mstscax.dll
2009-08-20 01:21 . 2009-08-20 01:21 116736 ----a-w- c:\windows\system32\aaclient.dll
2009-08-20 01:20 . 2009-08-20 01:20 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-20 01:20 . 2009-08-20 01:20 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-20 01:20 . 2009-08-20 01:20 1687040 ----a-w- c:\windows\system32\gameux.dll
2009-08-20 01:19 . 2009-08-20 01:19 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-08-20 01:17 . 2009-08-20 01:17 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-08-20 01:17 . 2009-08-20 01:17 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-08-20 01:16 . 2009-08-20 01:16 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-08-20 01:16 . 2009-08-20 01:16 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-08-20 01:16 . 2009-08-20 01:16 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-08-20 01:16 . 2009-08-20 01:16 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-08-20 01:16 . 2009-08-20 01:16 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-08-20 01:16 . 2009-08-20 01:16 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-08-20 01:16 . 2009-08-20 01:16 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-08-20 01:16 . 2009-08-20 01:16 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-08-20 01:16 . 2009-08-20 01:16 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-08-20 01:10 . 2009-08-20 01:10 696832 ----a-w- c:\windows\system32\localspl.dll
2009-08-20 01:08 . 2009-08-20 01:08 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-08-20 01:08 . 2009-08-20 01:08 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-08-20 01:08 . 2009-08-20 01:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-08-20 01:08 . 2009-08-20 01:08 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-08-20 01:08 . 2009-08-20 01:08 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-08-20 01:08 . 2009-08-20 01:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-08-20 01:07 . 2009-08-20 01:07 2923520 ----a-w- c:\windows\explorer.exe
2009-08-20 01:04 . 2009-08-20 01:04 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-08-20 01:01 . 2009-08-20 01:01 6917120 ----a-w- c:\windows\system32\NlsLexicons0c1a.dll
2009-08-20 01:01 . 2009-08-20 01:01 1963520 ----a-w- c:\windows\system32\NlsData081a.dll
2009-08-20 01:01 . 2009-08-20 01:01 1963520 ----a-w- c:\windows\system32\NlsData0c1a.dll
2009-08-20 00:57 . 2009-08-20 00:57 1585664 ----a-w- c:\windows\system32\setupapi.dll
2009-08-20 00:52 . 2009-08-20 00:52 549888 ----a-w- c:\windows\system32\rpcss.dll
2009-08-20 00:52 . 2009-08-20 00:52 24576 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-08-20 00:52 . 2009-08-20 00:52 654336 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-05-18 430080]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Octoshape Streaming Services"="c:\users\MTHR\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]
"Google Update"="c:\users\MTHR\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-08-20 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-08-22 1006264]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-15 102400]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-08 149280]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-22 198160]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-08-10 4702208]
"NDSTray.exe"="NDSTray.exe" [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [8/19/2009 6:36 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [8/19/2009 6:36 AM 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [8/19/2009 6:35 AM 53328]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [8/22/2007 11:53 AM 7168]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\System32\drivers\rtl8187B.sys [8/18/2009 7:09 PM 252416]
S3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [3/28/2007 6:51 AM 43008]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBR
*NewlyCreated* - PROCEXP113
*Deregistered* - mbr
*Deregistered* - PROCEXP113
.
Contents of the 'Scheduled Tasks' folder

2009-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2309113458-2010962160-3896015102-1000Core.job
- c:\users\MTHR\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-20 08:24]

2009-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2309113458-2010962160-3896015102-1000UA.job
- c:\users\MTHR\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-20 08:24]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\MTHR\AppData\Roaming\Mozilla\Firefox\Profiles\t721p3qq.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\users\MTHR\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\MTHR\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
AddRemove-ffdshow_is1 - c:\program files\Video Convert Master\codec\unins000.exe
AddRemove-RealAlt_is1 - c:\program files\Video Convert Master\codec\real\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-11-05 11:43
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????w?<? h??? [???[?@?[?X?[?p?

scanning hidden files ...


c:\windows\TEMP\TMP0000007B1584A66EE5CA267D 524288 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-11-05 11:47
ComboFix-quarantined-files.txt 2009-11-05 19:47

Pre-Run: 91,879,981,056 bytes free
Post-Run: 93,841,108,992 bytes free
 
تأييد 0
تم حل المشكله وذلك بطريقه الاخ اكس فايرقوكس

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي



يعطيكم العافيه
 
تأييد 0
ايش الباقي من المشكلة اخي
 
تأييد 0
شاكر لك اخوي ماكس على مرورك واهتمامك

وابشرك حليت المشكله
 
تأييد 0
الله يبشرك بالخير
 
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى