من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفي
السلام عليكم و رحمة الله و بركاته
أريد نصيحة الخبراء هل جهازى مصاب أم لا
لأنى عندى الماوس تتحرك لوحدها؟؟؟
و هذا تقرير الهاى جاك
أريد نصيحة الخبراء هل جهازى مصاب أم لا
لأنى عندى الماوس تتحرك لوحدها؟؟؟
و هذا تقرير الهاى جاك
و شكرااااااlogfile of trend micro hijackthis v2.0.2
scan saved at 06:14:46 م, on 04/05/2009
platform: Windows xp sp3 (winnt 5.01.2600)
msie: Internet explorer v7.00 (7.00.6000.16827)
boot mode: Normal
running processes:
C:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\wgatray.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\ctsvccda.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\program files\microsoft\search enhancement pack\seaport\seaport.exe
c:\windows\system32\svchost.exe
c:\program files\common files\acd systems\en\devdetect.exe
c:\program files\common files\real\update_ob\realsched.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\program files\hp\hpcoretech\hpcmpmgr.exe
c:\windows\system32\ctfmon.exe
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
c:\program files\messenger\msmsgs.exe
c:\program files\nokia\nokia pc suite 7\pcsuite.exe
c:\documents and settings\l\local settings\application data\google\update\googleupdate.exe
c:\program files\hp\digital imaging\bin\hpqtra08.exe
c:\program files\hp\digital imaging\bin\hpqgalry.exe
c:\program files\pc connectivity solution\servicelayer.exe
c:\program files\pc connectivity solution\transports\nclusbsrv.exe
c:\program files\pc connectivity solution\transports\nclrssrv.exe
c:\windows\system32\svchost.exe
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\taskmgr.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page =يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
r0 - hkcu\software\microsoft\internet explorer\main,start page = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_page_url =يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
r1 - hklm\software\microsoft\internet explorer\main,default_search_url =يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
r1 - hklm\software\microsoft\internet explorer\main,search page =يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
r0 - hklm\software\microsoft\internet explorer\main,start page = about:blank
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\main,local page =
o2 - bho: مساعد رابط adobe pdf reader - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: Skype add-on (mastermind) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
o2 - bho: Realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
o2 - bho: Ievkbdbho - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
o2 - bho: Search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll
o2 - bho: مساعد تسجيل الدخول إلى windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar.dll
o2 - bho: Google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
o2 - bho: Google dictionary compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_a8904fb862bd9564.dll
o2 - bho: Windows live toolbar helper - {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
o3 - toolbar: &windows live toolbar - {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
o3 - toolbar: Google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar.dll
o4 - hklm\..\run: [nerofiltercheck] c:\windows\system32\nerocheck.exe
o4 - hklm\..\run: [device detector] devdetect.exe -autorun
o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
o4 - hklm\..\run: [hp software update] "c:\program files\hp\hp software update\hpwuschd2.exe"
o4 - hklm\..\run: [hp component manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
o4 - hklm\..\run: [avp] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
o4 - hklm\..\run: [adobe reader speed launcher] "c:\program files\adobe\reader 8.0\reader\reader_sl.exe"
o4 - hklm\..\run: [updreg] c:\windows\updreg.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
o4 - hkcu\..\run: [msmsgs] "c:\program files\messenger\msmsgs.exe" /background
o4 - hkcu\..\run: [yahoo! Pager] "c:\program files\yahoo!\messenger\yahoomessenger.exe" -quiet
o4 - hkcu\..\run: [pc suite tray] "c:\program files\nokia\nokia pc suite 7\pcsuite.exe" -onlytray
o4 - hkcu\..\run: [google update] "c:\documents and settings\l\local settings\application data\google\update\googleupdate.exe" /c
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'network service')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - global startup: Adobe gamma loader.lnk = c:\program files\common files\adobe\calibration\adobe gamma loader.exe
o4 - global startup: Hp digital imaging monitor.lnk = c:\program files\hp\digital imaging\bin\hpqtra08.exe
o4 - global startup: Hp image zone fast start.lnk = c:\program files\hp\digital imaging\bin\hpqthb08.exe
o8 - extra context menu item: Add to banner ad blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
o9 - extra button: Web traffic protection statistics - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - c:\program files\kaspersky lab\kaspersky internet security 2009\scieplgn.dll
o9 - extra button: تدوين هذا في المدونة - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: &تدوين هذا في windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: Skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra button: بحث - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (installation support) - c:\program files\yahoo!\common\yinsthelper.dll
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) -يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) -يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
o18 - protocol: Skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o18 - filter: X-sdch - {b1759355-3eec-4c1e-b0f1-b719fe26e377} - c:\program files\google\google toolbar\component\fastsearch_a8904fb862bd9564.dll
o20 - appinit_dlls: C:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
o23 - service: Kaspersky internet security (avp) - kaspersky lab - c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe
o23 - service: Creative service for cdrom access - creative technology ltd - c:\windows\system32\ctsvccda.exe
o23 - service: Google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: Pml driver hpz12 - hp - c:\windows\system32\hpzipm12.exe
o23 - service: Servicelayer - nokia. - c:\program files\pc connectivity solution\servicelayer.exe
--
end of file - 9220 bytes
