|
إنضمامك إلي منتديات استراحات زايد يحقق لك معرفة كل ماهو جديد في عالم الانترنت ...
انضم الينا
#1
| ||
| ||
السلام عليكم اخواني انا حاب احد يفحص هذا التقرير ويقولي احذف ايش انا حولت ادخل الموقع السابق لاكن الظاهر انو مو شغال اتمنى احد يساعدني عشاني في ورطة Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 06:31:52 ص, on 29/08/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hotspot Shield\bin\openvpnas.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files\GIGABYTE\VGA Utility Manager\G-VGA.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\program files\oovoo\oovoo.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\SmartCam\SmartCam.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe C:\Program Files\Hotspot Shield\bin\openvpntray.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\BADER\سطح المكتب\مشكلة فتح ال c او d\Hijack+This.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll R3 - URLSearchHook: tv6600 Toolbar - {2eebbe84-5716-4f3f-9677-d8b04e8bb1d3} - C:\Program Files\tv6600\tbtv66.dll R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot0.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll O2 - BHO: tv6600 Toolbar - {2eebbe84-5716-4f3f-9677-d8b04e8bb1d3} - C:\Program Files\tv6600\tbtv66.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll O2 - BHO: Street-Ads Browser Enhancer mmx - {493983FE-007A-456B-97CE-75001032B083} - C:\WINDOWS\$NtUninstallMTF1011$\mmx.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Sky-Banners Browser Enhancer mmduch - {AEF8BEEA-F434-4DA2-8249-0DD659E8F11F} - C:\WINDOWS\$NtUninstallMTF1011$\mmduch.dll O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot0.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInsta nce.dll O2 - BHO: Hotspot Shield Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O3 - Toolbar: Hotspot Shield Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_0.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot0.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GIGABYTE\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKLM\..\Run: [nmeocarxsw.tmp] "C:\DOCUME~1\BADER\LOCALS~1\Temp\nmeocarxsw.tm p" O4 - HKLM\..\Run: [bipro] rundll32 "C:\WINDOWS\$NtUninstallMTF1011$\mmduch.dll",, Run O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [********] "C:\Program Files\********.com\********\********.exe" -nosplash -minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ooVoo.exe] C:\program files\oovoo\oovoo.exe /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Program Files\Nokia\Ovi\Suite\RunLauncher.exe O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk = C:\Program Files\REALTEK RTL8187 Wireless LAN Driver and Utility\RtWLan.exe O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\jrtg.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{B1847FF1-2ECB-4AD8-8DE9-8974FF659E02}: NameServer = 8.8.8.8 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: خدمة تحديث Google (gupdate1caabd4c3767afe) (gupdate1caabd4c3767afe) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe O24 - Desktop Component 0: (no name) - http://www.uquni.com/vb/uquni_al-d3m/index_02.jpg -- End of file - 15899 bytes __DEFINE_LIKE_SHARE__ |
مواقع النشر (المفضلة) |
| |