عاشق العرب
زيزوومى مميز
- إنضم
- 26 يناير 2009
- المشاركات
- 939
- مستوى التفاعل
- 190
- النقاط
- 550
غير متصل
سلام الله عليكم
اخواني في الله ارجو مساعدتي
وانا لا اعرف هل الجهاز مصاب ام لا
مع انه اصابني بصداع
واليكم تقرير بالافاده
راجيا مساعدتي وادامكم الله بحفظه
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:53, on 1/26/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\jgok.exe
C:\WINDOWS\system32\jqtk.exe
C:\WINDOWS\system32\jwtk.exe
C:\WINDOWS\System32\Performance\smss.exe
C:\WINDOWS\system32\takax.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\program files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\Performance\csrss.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\fhiqt.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\jsbiv.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\winiaedii.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MN\Desktop\SmitfraudFix\Policies.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MN\Desktop\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\MN\Desktop\RRT.exe auto
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\program files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &تحميل الكل بويل قيت - C:\Program Files\WellGet\nxall.htm
O8 - Extra context menu item: &تحميل بويل قيت - C:\Program Files\WellGet\nxcatch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9BFAC16-A667-4EC2-9F00-6CCA097901AC}: NameServer = 196.27.0.230 196.27.0.35
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: jgok - Unknown owner - C:\WINDOWS\system32\jgok.exe
O23 - Service: jqtk - Unknown owner - C:\WINDOWS\system32\jqtk.exe
O23 - Service: jwtk - Unknown owner - C:\WINDOWS\system32\jwtk.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: NetTcp Port Sharing Service (NetSharing) - Unknown owner - C:\WINDOWS\System32\Performance\smss.exe
O23 - Service: Network Awarenes Service (Network) - Beijing Rising Information Technology Co., Ltd. - C:\WINDOWS\system32\svchosc.exe
O23 - Service: Network Connections Management (RemoteStorages) - Unknown owner - C:\WINDOWS\system32\MSN\S002.exe
O23 - Service: Seagate Sync Service. - Beijing Rising Information Technology Co., Ltd. - C:\WINDOWS\system32\WinHelp.exe
O23 - Service: takax - Unknown owner - C:\WINDOWS\system32\takax.exe
--
End of file - 5259 bytes
اخواني في الله ارجو مساعدتي
وانا لا اعرف هل الجهاز مصاب ام لا
مع انه اصابني بصداع
واليكم تقرير بالافاده
راجيا مساعدتي وادامكم الله بحفظه
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:16:53, on 1/26/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\jgok.exe
C:\WINDOWS\system32\jqtk.exe
C:\WINDOWS\system32\jwtk.exe
C:\WINDOWS\System32\Performance\smss.exe
C:\WINDOWS\system32\takax.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\program files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\System32\Performance\csrss.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\fhiqt.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\jsbiv.exe
C:\DOCUME~1\MN\LOCALS~1\Temp\winiaedii.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MN\Desktop\SmitfraudFix\Policies.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\MN\Desktop\Zyzoom_HijackThis.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\MN\Desktop\RRT.exe auto
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\program files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &تحميل الكل بويل قيت - C:\Program Files\WellGet\nxall.htm
O8 - Extra context menu item: &تحميل بويل قيت - C:\Program Files\WellGet\nxcatch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\program files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F9BFAC16-A667-4EC2-9F00-6CCA097901AC}: NameServer = 196.27.0.230 196.27.0.35
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
O23 - Service: jgok - Unknown owner - C:\WINDOWS\system32\jgok.exe
O23 - Service: jqtk - Unknown owner - C:\WINDOWS\system32\jqtk.exe
O23 - Service: jwtk - Unknown owner - C:\WINDOWS\system32\jwtk.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: NetTcp Port Sharing Service (NetSharing) - Unknown owner - C:\WINDOWS\System32\Performance\smss.exe
O23 - Service: Network Awarenes Service (Network) - Beijing Rising Information Technology Co., Ltd. - C:\WINDOWS\system32\svchosc.exe
O23 - Service: Network Connections Management (RemoteStorages) - Unknown owner - C:\WINDOWS\system32\MSN\S002.exe
O23 - Service: Seagate Sync Service. - Beijing Rising Information Technology Co., Ltd. - C:\WINDOWS\system32\WinHelp.exe
O23 - Service: takax - Unknown owner - C:\WINDOWS\system32\takax.exe
--
End of file - 5259 bytes
