|
مساعدة تقرير هاجيك السلام عليكم كيفكم ودي اتأكد انو جاهزي فيه ملفات تجسس والا وهذا تقرير الهاجيك إقتباس: logfile of trend micro hijackthis v2.0.2 إقتباس: scan saved at 02:33:15 م, on 02/05/2010 platform: Windows xp sp2 (winnt 5.01.2600) msie: Internet explorer v6.00 sp2 (6.00.2900.2180) boot mode: Normal running processes: C:\windows\system32\smss.exe c:\windows\system32\winlogon.exe c:\windows\system32\services.exe c:\windows\system32\lsass.exe c:\windows\system32\svchost.exe c:\windows\system32\svchost.exe c:\program files\intel\wireless\bin\evteng.exe c:\program files\intel\wireless\bin\s24evmon.exe c:\program files\intel\wireless\bin\wlkeeper.exe c:\windows\system32\wltrysvc.exe c:\windows\system32\bcmwltry.exe c:\program files\avg\avg9\avgchsvx.exe c:\program files\avg\avg9\avgrsx.exe c:\windows\system32\spoolsv.exe c:\program files\avg\avg9\avgcsrvx.exe c:\program files\avg\avg9\avgwdsvc.exe c:\program files\widcomm\bluetooth software\bin\btwdins.exe c:\program files\common files\microsoft shared\vs7debug\mdm.exe c:\program files\intel\wireless\bin\regsrvc.exe c:\program files\microsoft\search enhancement pack\seaport\seaport.exe c:\program files\avg\avg9\avgnsx.exe c:\windows\explorer.exe c:\program files\common files\real\update_ob\realsched.exe c:\program files\google\google desktop search\googledesktop.exe c:\progra~1\avg\avg9\avgtray.exe c:\windows\system32\ctfmon.exe c:\program files\windows live\messenger\msnmsgr.exe c:\program files\google\google desktop search\googledesktop.exe c:\program files\widcomm\bluetooth software\bttray.exe c:\program files\winzip\wzqkpick.exe c:\progra~1\widcomm\blueto~1\btstac~1.ex e c:\windows\system32\cnab4rpk.exe c:\windows\system32\wuauclt.exe c:\progra~1\mobily~1\modem.exe c:\program files\internet explorer\iexplore.exe c:\program files\windows live\toolbar\wltuser.exe c:\program files\trend micro\hijackthis\hijackthis.exe r1 - hkcu\software\microsoft\internet explorer\main,search bar = http://search.live.com/sphome.aspx r1 - hkcu\software\microsoft\internet explorer\main,search page = http://search.live.com r0 - hklm\software\microsoft\internet explorer\search,searchassistant = http://search.live.com/sphome.aspx r3 - urlsearchhook: Avg security toolbar bho - {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\ietoolbar.dll r3 - urlsearchhook: (no name) - {bc4ffe41-de9f-46fa-b455-aad49b9f9938} - (no file) r3 - urlsearchhook: Sweetim toolbarurlsearchhook class - {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mghelper.dll r3 - urlsearchhook: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sh1.dll r3 - urlsearchhook: Messenger plus live saudi arabia toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - c:\program files\messenger_plus_live_saudi_arabia\t bmess.dll o2 - bho: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sh1.dll o2 - bho: Realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplu gin.dll o2 - bho: Wormradar.com iesiteblocker.navfilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll o2 - bho: Search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll o2 - bho: مساعد تسجيل الدخول إلى windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll o2 - bho: Messenger plus live saudi arabia toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - c:\program files\messenger_plus_live_saudi_arabia\t bmess.dll o2 - bho: Avg security toolbar bho - {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\ietoolbar.dll o2 - bho: Google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll o2 - bho: Google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4 525.1752\swg.dll o2 - bho: Google dictionary compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_b7c5ac24219 3bb3e.dll o2 - bho: Windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll o2 - bho: Sweetie - {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgtoolbarie.dll o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll o3 - toolbar: Google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll o3 - toolbar: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sh1.dll o3 - toolbar: Avg security toolbar - {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\ietoolbar.dll o3 - toolbar: Messenger plus live saudi arabia toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - c:\program files\messenger_plus_live_saudi_arabia\t bmess.dll o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot o4 - hklm\..\run: [google desktop search] "c:\program files\google\google desktop search\googledesktop.exe" /startup o4 - hklm\..\run: [malwarebytes anti-malware (reboot)] "c:\documents and settings\dell user\desktop\malwarebytesportable\app\ma lwarebytes\mbam.exe" /runcleanupscript o4 - hklm\..\run: [avg9_tray] c:\progra~1\avg\avg9\avgtray.exe o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe o4 - hkcu\..\run: [swg] "c:\program files\google\googletoolbarnotifier\googl etoolbarnotifier.exe" o4 - hkcu\..\run: [messengerplus3] "c:\program files\messengerplus! 3\msgplus.exe" /winstart o4 - hkcu\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system') o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user') o4 - global startup: Adobe gamma loader.lnk = c:\program files\common files\adobe\calibration\adobe gamma loader.exe o4 - global startup: Bluetooth.lnk = ? O4 - global startup: Winzip quick pick.lnk = c:\program files\winzip\wzqkpick.exe o8 - extra context menu item: &download all 4shared files - c:\program files\4shared desktop\down_all.htm o8 - extra context menu item: &download using 4shared desktop - c:\program files\4shared desktop\down_link.htm o8 - extra context menu item: E&xport to microsoft excel - res://c:\progra~1\micros~2\office11\excel.exe/3000 o8 - extra context menu item: Send to &bluetooth device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm o9 - extra button: تدوين هذا في المدونة - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll o9 - extra 'tools' menuitem: &تدوين هذا في windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll o9 - extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.d ll o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe o16 - dpf: {6924091f-cd97-41e1-b1d4-d9079409d413} (imcv1 control) - http://209.11.247.130/talk.cab o17 - hklm\system\ccs\services\tcpip\..\{366f9 1b8-b2c5-41ad-91f2-36c3ee036df5}: Nameserver = 84.23.101.84 84.23.101.85 o18 - protocol: Linkscanner - {f274614c-63f8-47d5-a4d1-fbdde494f8d1} - c:\program files\avg\avg9\avgpp.dll o20 - appinit_dlls: C:\progra~1\google\google~2\goec62~1.dll o20 - winlogon notify: Avgrsstarter - c:\windows\system32\avgrsstx.dll o23 - service: Avg free watchdog (avg9wd) - avg technologies cz, s.r.o. - c:\program files\avg\avg9\avgwdsvc.exe o23 - service: Bluetooth service (btwdins) - broadcom corporation. - c:\program files\widcomm\bluetooth software\bin\btwdins.exe o23 - service: Intel(r) proset/wireless event log (evteng) - intel corporation - c:\program files\intel\wireless\bin\evteng.exe o23 - service: Google desktop manager 5.9.911.3589 (googledesktopmanager-110309-193829) - google - c:\program files\google\google desktop search\googledesktop.exe o23 - service: خدمة تحديث google (gupdate1c9b8d02e4efb6a) (gupdate1c9b8d02e4efb6a) - google inc. - c:\program files\google\update\googleupdate.exe o23 - service: Google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe o23 - service: Intel(r) proset/wireless registry service (regsrvc) - intel corporation - c:\program files\intel\wireless\bin\regsrvc.exe o23 - service: Intel(r) proset/wireless service (s24eventmonitor) - intel corporation - c:\program files\intel\wireless\bin\s24evmon.exe o23 - service: Messenger sharing folders usn journal reader service (usnjsvc) - unknown owner - c:\program files\windows live messenger khalid edition v5.5 arabic\usnsvc.exe (file missing) o23 - service: Intel(r) proset/wireless sso service (wlankeeper) - intel(r) corporation - c:\program files\intel\wireless\bin\wlkeeper.exe o23 - service: Dell wireless wlan tray service (wltrysvc) - unknown owner - c:\windows\system32\wltrysvc.exe -- end of file - 9600 bytes ومشكورين مقدماً |
| الساعة الآن 07:44 AM |
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.5.2 TranZ By
Almuhajir