|
لدي مشكلة خطأ في استعادة النظام بسبب ان ملف الإستعادة تالف
ارجو الحل ودا الهاي جاك Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:20:34 م, on 05/11/10 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TechSmith\Snagit 10\Snagit32.exe C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\TuneUp Utilities 2011\integrator.exe C:\Program Files\TuneUp Utilities 2011\WinStyler.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\dell\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Users\dell\AppData\Local\Google\Chrome\Applicat ion\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\TuneUp Utilities 2011\ShortcutCleaner.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchcanvas.com/?ot=6 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sh1.dll R3 - URLSearchHook: (no name) - {ce3e3947-a80e-4e82-919a-4923c3744b10} - (no file) R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll O2 - BHO: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sh1.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sh1.dll O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll O4 - HKLM\..\Run: [************ Anti-Malware (reboot)] "C:\Program Files\************' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Global Startup: Snagit 10.lnk = C:\Program Files\TechSmith\Snagit 10\Snagit32.exe O8 - Extra context menu item: Internet Download Manager تحميل بواسطة - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab...ri_4.3.1.0.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing) -- End of file - 8445 bytes ودا Runscanner logfile http://www.runscanner.net * = signed file - = file not found General info ------------ Computer name : AHMAD-PC Creation time : 22/12/10 07:31:15 م Hosts 127.0.0.1 : 0 Hosts file location : %SystemRoot%\System32\drivers\etc IE version : 8.0.7600.16385 OS : Windows 7 Ultimate OS Build : 7600 OS SP : RunScanner Version : 2.0.0.50 User Language : العربية (السعودية) User rights : Administrator Windows folder : C:\Windows Running processes ----------------- * C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) * C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH) * C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) * C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) * C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) * C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Windows\System32\conhost.exe (Microsoft Corporation) * C:\Windows\System32\dwm.exe (Microsoft Corporation) * C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\taskhost.exe (Microsoft Corporation) * C:\Program Files\Intel\AMT\LMS.exe (Intel Corporation) * C:\Windows\System32\lsass.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) * C:\Program Files\************' Anti-Malware\mbam.exe (************ Corporation) * C:\Program Files\************' Anti-Malware\mbamservice.exe (************ Corporation) * C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation) * C:\Windows\System32\SearchProtocolHost.exe (Microsoft Corporation) * C:\Windows\System32\VSSVC.exe (Microsoft Corporation) * C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) * C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) * C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) * C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) * C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) * C:\Program Files\Online Armor\oacat.exe (Emsi Software GmbH) * C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) * C:\Windows\System32\PnkBstrA.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe * C:\Users\dell\Downloads\runscanner.exe (Runscanner.net) * C:\Windows\System32\services.exe (Microsoft Corporation) * C:\Windows\System32\spoolsv.exe (Microsoft Corporation) * C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) * C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation) * C:\Windows\System32\audiodg.exe (Microsoft Corporation) * C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) * C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) * C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation) * C:\Windows\System32\smss.exe (Microsoft Corporation) * C:\Windows\System32\wuauclt.exe (Microsoft Corporation) * C:\Windows\System32\wuauclt.exe (Microsoft Corporation) * C:\Windows\System32\msiexec.exe (Microsoft Corporation) * C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation) * C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation) * C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) * C:\Windows\System32\wininit.exe (Microsoft Corporation) * C:\Windows\System32\winlogon.exe (Microsoft Corporation) * C:\Windows\System32\lsm.exe (Microsoft Corporation) * C:\Windows\explorer.exe (Microsoft Corporation) * C:\Windows\explorer.exe (Microsoft Corporation) Unrated items ------------- 010 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Machine Debug Manager) 010 C:\Windows\system32\GameMon.des (nProtect Game Monitor Rev 1641) 010 C:\Program Files\CyberLink\Shared files\RichVideo.exe (RichVideo Module) 010 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard Server (32 bit)) 010 C:\Windows\system32\Wat\WatUX.exe (WatUX.exe) 011 C:\Windows\system32\DRIVERS\vcsvad.sys (Avnex Ltd. Virtual Audio Device (WDM)) 011 C:\Windows\system32\drivers\SCDEmu.sys (SCDEmu) 042 GUID / CLSID not found {08B0E5C0-4FCB-11CF-AAA5-00401C608501} 061 C:\Program Files\JetAudio\JetFlExt.dll (JetAudio, Inc.) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} 061 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 061 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} 061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 064 C:\Windows\system32\user32.dll (Microsoft Corporation) 100 Start Page HKCU : http://www.google.com.sa/ 104 * C:\Windows\Downloaded Program Files\BFHUpdater.dll (EA Digital Illusions CE AB) {784797A8-342D-4072-9486-03C8D0F2F0A1} 104 * C:\Windows\Downloaded Program Files\BP4FUpdater.dll (EA Digital Illusions CE AB) {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} 104 C:\Program Files\SystemRequirementsLab\srldetect_cyri_4.3.1.0 .dll (Husdawg, LLC) {E6F480FC-BD44-4CBA-B74A-89AF7842937D} 105 Google Sidewiki... : res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E117 12C84EA7E12B.dll/cmsidewiki.html 173 C:\Program Files\Notepad++\NppShell_03.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} 173 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 173 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} 173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 221 C:\Program Files\Notepad++\NppShell_03.dll {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} 221 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 221 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} 221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 225 C:\Program Files\JetAudio\JetFlExt.dll (JetAudio, Inc.) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} 225 C:\Program Files\JetAudio\JetFlExt.dll (JetAudio, Inc.) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} 225 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 225 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 225 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} 225 C:\Program Files\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A} 225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 227 C:\Program Files\JetAudio\JetFlExt.dll (JetAudio, Inc.) {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} 227 C:\Program Files\PowerISO\PWRISOSH.DLL (PowerISO Computing, Inc.) {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} 227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} 229 GUID / CLSID not found {1984D045-52CF-49cd-DB77-08F378FEA4DB} 251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA} Missing files ------------- 010 C:\Program Files\Online Armor\oasrv.exe 011 C:\Users\dell\AppData\Local\Temp\catchme.sys 011 C:\Windows\system32\drivers\EagleNT.sys 063 aswBoot.exe 063 autocheck 176 Drwtsn32 أكثر... |
| الساعة الآن 07:11 AM |
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
منتديات بلاك بيري
mjawshy.net
المجاوشي للتقنية المتقدمة