-
تصميم إيهــاب مصطفى
حصري برنامج AVG Internet Security v25.4.10068.933 نسخة اوفلاين مفعلة مسبقا تنصيب وتفعيل صامت لغاية 2028 تصميم إيهــاب مصطفى
Windows 11 23H2 24H2 (22631.5409)(26100.4188) Aio Multi Update May 2025 تصميم Ramy Badraan
WinRAR - أداة متكاملة لتحميل وتثبيت وتفعيل WinRAR7.11 اخر اصدار تلقائيًا وبثلاث لغات) تصميم Ramy Badraan
متصفح القوة والسرعة Google Chrome 116.0.5845.97 Stable تصميم Ramy Badraan
الأسطوانة العربية** Ar Windows 10-11 (2019-2021-2024) IoT Enterprise LTSC (x64) Update April 2025 تصميم Ramy Badraan
Windows Video Converter 2025 v9.9.9.17 برنامج تحويل وتحرير الفيديو الكل في واحد تصميم Ramy Badraan
27.00.0300 XYplorer Pro لإدارة الملفات والمجلدات والبحث عنها بسرعة تصميم Ramy Badraan
ويندوز 11 اندكس برو -عربي إنكليزي فرنسي من غير متطلبات ومفعلWindows11PRO_24H2(Ar-En-Fr)26100.3909-Activ_NO TPM تصميم Ramy Badraan
Foxit PDF Editor 2025 .1.0.27937 تصميم Ramy Badraan
CoolUtils Total Doc Converter 5.1.0.364 Repack & Portable لتحويل الملفات الكتابية إلى عدة صيغ تصميم Ramy Badraan
Cisdem Video Compressor 2.2.0 برنامج لضغط الفيديوهات مع المحافظة على الجودة قدر الإمكان - مع التفعيل تصميم Ramy Badraan
تعال سجل Internet Download Manager باسمك -تفعيل تحديث مع IDM Activation Assistant v1.0 تصميم Ramy Badraan
PDF-XChange Editor Plus+PRO v10.6.0.396 تصميم Ramy Badraan
Office 2013-2024 C2R Install + Lite v7.7.7.7 r26 | Install Office and Activate لتحميل وتفعيل الأوفيس تصميم Ramy Badraan
برنامج الحماية الرهيب Webroot Secure Anywhere CE 25.2 والتفعيل بسيريال لمدة 700 يوم تصميم Ramy Badraan
العملاق الأندونيسي Smadav Pro 2025 v15.4 كامل ومحدث مع التفعيل الحصري تصميم Ramy Badraan
Zyzoom Driver Booster Tool - عملاق جلب التعريفات Iobit Driver Booster فى اصداره النهائى مفعل - تنصيب صامت) تصميم Ramy Badraan
Zyzoom Process Lasso Tool - Wise Care 365 Pro 7.2.4.697 RePack & Portable البرنامج الشامل للصيانة وإصلاح النظام) تصميم Ramy Badraan
TechsmithSnagit 25.1.0.6239 x64 Silent Install عملاق تصوير الشاشة وعمل الشروحات تصميم Ramy Badraan
Glary Utilities Pro 6.24.0.28 RePack & Portable لصيانة النظام وتنظيفه من الملفات التالفة تصميم Ramy Badraan
Zyzoom Process Lasso Tool - عملاق تسريع المعالج وتنظيم العمليات فى اصداره الاخير - تنصيب صامت) 
- بادئ الموضوع Natalya
- تاريخ البدء
KoNaMi
زيزوومى فضى
غير متصلحياكي خيتي
لاهنتي اعملي الاتي
حمل هذا البرنامج
www.zyzoom.net/shswelh/Zyzoom_HijackThis.exe
بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادمالتعديل الأخير بواسطة المشرف:توقيع : KoNaMi
تأييد 0
Natalya
زيزوومى مبدع
- إنضم
- 4 سبتمبر 2009
- المشاركات
- 1,894
- مستوى التفاعل
- 36
- النقاط
- 680
غير متصلLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:59, on 12/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\AGI\core\3.1\AGCoreService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\سنن\آذان\pf\Salaty.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\program files\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\IBRAHIM\Bureau\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: agcore.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
O1 - Hosts: 209.85.225.99 msnfix.changelog.fr
O1 - Hosts: 209.85.225.99 www.incodesolutions.com
O1 - Hosts: 209.85.225.99 virusinfo.prevx.com
O1 - Hosts: 209.85.225.99 download.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.dazhizhu.cn
O1 - Hosts: 209.85.225.99 foro.noticias3d.com
O1 - Hosts: 209.85.225.99 www.spybotupdates.com
O1 - Hosts: 209.85.225.99 www.nabble.com
O1 - Hosts: 209.85.225.99 lurker.clamav.net
O1 - Hosts: 209.85.225.99 lexikon.ikarus.at
O1 - Hosts: 209.85.225.99 research.sunbelt-software.com
O1 - Hosts: 209.85.225.99 www.virusdoctor.jp
O1 - Hosts: 209.85.225.99 www.elitepvpers.de
O1 - Hosts: 209.85.225.99 guru.avg.com
O1 - Hosts: 209.85.225.99 downloads.sophos.com
O1 - Hosts: 209.85.225.99 www.superuser.co.kr
O1 - Hosts: 209.85.225.99 ntfaq.co.kr
O1 - Hosts: 209.85.225.99 v.dreamwiz.com
O1 - Hosts: 209.85.225.99 cit.kookmin.ac.kr
O1 - Hosts: 209.85.225.99 forums.whatthetech.com
O1 - Hosts: 209.85.225.99 forum.hijackthis.de
O1 - Hosts: 209.85.225.99 avg.vo.llnwd.net
O1 - Hosts: 209.85.225.99 ftp.drweb.com
O1 - Hosts: 209.85.225.99 www.zonealarm.com
O1 - Hosts: 209.85.225.99 www.huaifai.go.th
O1 - Hosts: 209.85.225.99 www.mostz.com
O1 - Hosts: 209.85.225.99 www.krupunmai.com
O1 - Hosts: 209.85.225.99 www.cddchiangmai.net
O1 - Hosts: 209.85.225.99 forum.malekal.com
O1 - Hosts: 209.85.225.99 tech.pantip.com
O1 - Hosts: 209.85.225.99 sapcupgrades.com
O1 - Hosts: 209.85.225.99 www.elguruinformatico.com
O1 - Hosts: 209.85.225.99 www.247fixes.com
O1 - Hosts: 209.85.225.99 forum.sysinternals.com
O1 - Hosts: 209.85.225.99 forum.telecharger.01net.com
O1 - Hosts: 209.85.225.99 sophos.com
O1 - Hosts: 209.85.225.99 foros.softonic.com
O1 - Hosts: 209.85.225.99 avast-home.uptodown.com
O1 - Hosts: 209.85.225.99 dr-web-cureit.softonic.com
O1 - Hosts: 209.85.225.99 www.f-secure.com
O1 - Hosts: 209.85.225.99 www.chkrootkit.org
O1 - Hosts: 209.85.225.99 diamondcs.com.au
O1 - Hosts: 209.85.225.99 www.rootkit.nl
O1 - Hosts: 209.85.225.99 www.sysinternals.com
O1 - Hosts: 209.85.225.99 z-oleg.com
O1 - Hosts: 209.85.225.99 espanol.dir.groups.yahoo.com
O1 - Hosts: 209.85.225.99 ftp01net.telechargement.fr
O1 - Hosts: 209.85.225.99 www.castlecrops.com
O1 - Hosts: 209.85.225.99 www.misec.net
O1 - Hosts: 209.85.225.99 safecomputing.umn.edu
O1 - Hosts: 209.85.225.99 www.antirootkit.com
O1 - Hosts: 209.85.225.99 www.greatis.com
O1 - Hosts: 209.85.225.99 ar.answers.yahoo.com
O1 - Hosts: 209.85.225.99 www.elhacker.org
O1 - Hosts: 209.85.225.99 research.pandasecurity.com
O1 - Hosts: 209.85.225.99 www.rootkit.com
O1 - Hosts: 209.85.225.99 www.pctools.com
O1 - Hosts: 209.85.225.99 www.pcsupportadvisor.com
O1 - Hosts: 209.85.225.99 www.resplendence.com
O1 - Hosts: 209.85.225.99 www.personal.psu.edu
O1 - Hosts: 209.85.225.99 foro.ethek.com
O1 - Hosts: 209.85.225.99 foro.elhacker.net
O1 - Hosts: 209.85.225.99 download.zonealarm.com
O1 - Hosts: 209.85.225.99 vil.nail.com
O1 - Hosts: 209.85.225.99 search.mcafee.com
O1 - Hosts: 209.85.225.99 wwww.mcafee.com
O1 - Hosts: 209.85.225.99 download.nai.com
O1 - Hosts: 209.85.225.99 wwww.experts-exchange.com
O1 - Hosts: 209.85.225.99 www.bakunos.com
O1 - Hosts: 209.85.225.99 www.darkclockers.com
O1 - Hosts: 209.85.225.99 www2.gmer.net
O1 - Hosts: 209.85.225.99 ariefew.com
O1 - Hosts: 209.85.225.99 www.Merijn.org
O1 - Hosts: 209.85.225.99 www.spywareinfo.com
O1 - Hosts: 209.85.225.99 www.spybot.info
O1 - Hosts: 209.85.225.99 www.viruslist.com
O1 - Hosts: 209.85.225.99 www.hijackthis.de
O1 - Hosts: 209.85.225.99 ftp.f-secure.com
O1 - Hosts: 209.85.225.99 forum.kaspersky.com
O1 - Hosts: 209.85.225.99 es.trendmicro-europe.com
O1 - Hosts: 209.85.225.99 www.hvaonline.net
O1 - Hosts: 209.85.225.99 majorgeeks.com
O1 - Hosts: 209.85.225.99 www.avp.com
O1 - Hosts: 209.85.225.99 www.virustotal.com
O1 - Hosts: 209.85.225.99 www.sophos.com
O1 - Hosts: 209.85.225.99 linhadefensiva.uol.com.br
O1 - Hosts: 209.85.225.99 cmmings.cn
O1 - Hosts: 209.85.225.99 www.sergiwa.com
O1 - Hosts: 209.85.225.99 www.el-hacker.com
O1 - Hosts: 209.85.225.99 dl2.agnitum.com
O1 - Hosts: 209.85.225.99 forum.smadav.net
O1 - Hosts: 209.85.225.99 www.avg-antivirus.net
O1 - Hosts: 209.85.225.99 www.kaspersky-labs.com
O1 - Hosts: 209.85.225.99 www.kaspersky.com
O1 - Hosts: 209.85.225.99 www.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.free.grisoft.com
O1 - Hosts: 209.85.225.99 alerta-antivirus.inteco.es
O1 - Hosts: 209.85.225.99 greatis.com
O1 - Hosts: 209.85.225.99 www.oprekpc.com
O1 - Hosts: 209.85.225.99 securityresponse.symantec.com
O1 - Hosts: 209.85.225.99 www.analysis.seclab.tuwien.ac.at
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = ?
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\program files\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Block This Image (Adblock Pro) - D:\program files\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - D:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\program files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{800B6DAE-ADA7-42AC-A91A-BCDB5D8EE6B4}: NameServer = 41.221.20.4 66.28.0.45
O20 - Winlogon Notify: tuvVNEuu - tuvVNEuu.dll (file missing)
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing)
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files\AGI\core\3.1\AGCoreService.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12694 bytesتوقيع : Natalya
تأييد 0
Natalya
زيزوومى مبدع
- إنضم
- 4 سبتمبر 2009
- المشاركات
- 1,894
- مستوى التفاعل
- 36
- النقاط
- 680
غير متصلالله يحفظكم
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:00:21, on 12/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\AGI\core\3.1\AGCoreService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\سنن\آذان\pf\Salaty.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\IBRAHIM\Bureau\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: agcore.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
O1 - Hosts: 209.85.225.99 msnfix.changelog.fr
O1 - Hosts: 209.85.225.99 www.incodesolutions.com
O1 - Hosts: 209.85.225.99 virusinfo.prevx.com
O1 - Hosts: 209.85.225.99 download.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.dazhizhu.cn
O1 - Hosts: 209.85.225.99 foro.noticias3d.com
O1 - Hosts: 209.85.225.99 www.spybotupdates.com
O1 - Hosts: 209.85.225.99 www.nabble.com
O1 - Hosts: 209.85.225.99 lurker.clamav.net
O1 - Hosts: 209.85.225.99 lexikon.ikarus.at
O1 - Hosts: 209.85.225.99 research.sunbelt-software.com
O1 - Hosts: 209.85.225.99 www.virusdoctor.jp
O1 - Hosts: 209.85.225.99 www.elitepvpers.de
O1 - Hosts: 209.85.225.99 guru.avg.com
O1 - Hosts: 209.85.225.99 downloads.sophos.com
O1 - Hosts: 209.85.225.99 www.superuser.co.kr
O1 - Hosts: 209.85.225.99 ntfaq.co.kr
O1 - Hosts: 209.85.225.99 v.dreamwiz.com
O1 - Hosts: 209.85.225.99 cit.kookmin.ac.kr
O1 - Hosts: 209.85.225.99 forums.whatthetech.com
O1 - Hosts: 209.85.225.99 forum.hijackthis.de
O1 - Hosts: 209.85.225.99 avg.vo.llnwd.net
O1 - Hosts: 209.85.225.99 ftp.drweb.com
O1 - Hosts: 209.85.225.99 www.zonealarm.com
O1 - Hosts: 209.85.225.99 www.huaifai.go.th
O1 - Hosts: 209.85.225.99 www.mostz.com
O1 - Hosts: 209.85.225.99 www.krupunmai.com
O1 - Hosts: 209.85.225.99 www.cddchiangmai.net
O1 - Hosts: 209.85.225.99 forum.malekal.com
O1 - Hosts: 209.85.225.99 tech.pantip.com
O1 - Hosts: 209.85.225.99 sapcupgrades.com
O1 - Hosts: 209.85.225.99 www.elguruinformatico.com
O1 - Hosts: 209.85.225.99 www.247fixes.com
O1 - Hosts: 209.85.225.99 forum.sysinternals.com
O1 - Hosts: 209.85.225.99 forum.telecharger.01net.com
O1 - Hosts: 209.85.225.99 sophos.com
O1 - Hosts: 209.85.225.99 foros.softonic.com
O1 - Hosts: 209.85.225.99 avast-home.uptodown.com
O1 - Hosts: 209.85.225.99 dr-web-cureit.softonic.com
O1 - Hosts: 209.85.225.99 www.f-secure.com
O1 - Hosts: 209.85.225.99 www.chkrootkit.org
O1 - Hosts: 209.85.225.99 diamondcs.com.au
O1 - Hosts: 209.85.225.99 www.rootkit.nl
O1 - Hosts: 209.85.225.99 www.sysinternals.com
O1 - Hosts: 209.85.225.99 z-oleg.com
O1 - Hosts: 209.85.225.99 espanol.dir.groups.yahoo.com
O1 - Hosts: 209.85.225.99 ftp01net.telechargement.fr
O1 - Hosts: 209.85.225.99 www.castlecrops.com
O1 - Hosts: 209.85.225.99 www.misec.net
O1 - Hosts: 209.85.225.99 safecomputing.umn.edu
O1 - Hosts: 209.85.225.99 www.antirootkit.com
O1 - Hosts: 209.85.225.99 www.greatis.com
O1 - Hosts: 209.85.225.99 ar.answers.yahoo.com
O1 - Hosts: 209.85.225.99 www.elhacker.org
O1 - Hosts: 209.85.225.99 research.pandasecurity.com
O1 - Hosts: 209.85.225.99 www.rootkit.com
O1 - Hosts: 209.85.225.99 www.pctools.com
O1 - Hosts: 209.85.225.99 www.pcsupportadvisor.com
O1 - Hosts: 209.85.225.99 www.resplendence.com
O1 - Hosts: 209.85.225.99 www.personal.psu.edu
O1 - Hosts: 209.85.225.99 foro.ethek.com
O1 - Hosts: 209.85.225.99 foro.elhacker.net
O1 - Hosts: 209.85.225.99 download.zonealarm.com
O1 - Hosts: 209.85.225.99 vil.nail.com
O1 - Hosts: 209.85.225.99 search.mcafee.com
O1 - Hosts: 209.85.225.99 wwww.mcafee.com
O1 - Hosts: 209.85.225.99 download.nai.com
O1 - Hosts: 209.85.225.99 wwww.experts-exchange.com
O1 - Hosts: 209.85.225.99 www.bakunos.com
O1 - Hosts: 209.85.225.99 www.darkclockers.com
O1 - Hosts: 209.85.225.99 www2.gmer.net
O1 - Hosts: 209.85.225.99 ariefew.com
O1 - Hosts: 209.85.225.99 www.Merijn.org
O1 - Hosts: 209.85.225.99 www.spywareinfo.com
O1 - Hosts: 209.85.225.99 www.spybot.info
O1 - Hosts: 209.85.225.99 www.viruslist.com
O1 - Hosts: 209.85.225.99 www.hijackthis.de
O1 - Hosts: 209.85.225.99 ftp.f-secure.com
O1 - Hosts: 209.85.225.99 forum.kaspersky.com
O1 - Hosts: 209.85.225.99 es.trendmicro-europe.com
O1 - Hosts: 209.85.225.99 www.hvaonline.net
O1 - Hosts: 209.85.225.99 majorgeeks.com
O1 - Hosts: 209.85.225.99 www.avp.com
O1 - Hosts: 209.85.225.99 www.virustotal.com
O1 - Hosts: 209.85.225.99 www.sophos.com
O1 - Hosts: 209.85.225.99 linhadefensiva.uol.com.br
O1 - Hosts: 209.85.225.99 cmmings.cn
O1 - Hosts: 209.85.225.99 www.sergiwa.com
O1 - Hosts: 209.85.225.99 www.el-hacker.com
O1 - Hosts: 209.85.225.99 dl2.agnitum.com
O1 - Hosts: 209.85.225.99 forum.smadav.net
O1 - Hosts: 209.85.225.99 www.avg-antivirus.net
O1 - Hosts: 209.85.225.99 www.kaspersky-labs.com
O1 - Hosts: 209.85.225.99 www.kaspersky.com
O1 - Hosts: 209.85.225.99 www.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.free.grisoft.com
O1 - Hosts: 209.85.225.99 alerta-antivirus.inteco.es
O1 - Hosts: 209.85.225.99 greatis.com
O1 - Hosts: 209.85.225.99 www.oprekpc.com
O1 - Hosts: 209.85.225.99 securityresponse.symantec.com
O1 - Hosts: 209.85.225.99 www.analysis.seclab.tuwien.ac.at
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = ?
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\program files\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Block This Image (Adblock Pro) - D:\program files\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - D:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\program files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O20 - Winlogon Notify: tuvVNEuu - tuvVNEuu.dll (file missing)
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing)
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files\AGI\core\3.1\AGCoreService.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12510 bytesتوقيع : Natalya
تأييد 0
KoNaMi
زيزوومى فضى
غير متصلالمعذرة على التأخير
خيتي اعملي الاتي
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمةتوقيع : KoNaMi
تأييد 0
Natalya
زيزوومى مبدع
- إنضم
- 4 سبتمبر 2009
- المشاركات
- 1,894
- مستوى التفاعل
- 36
- النقاط
- 680
غير متصلشكرا لك
ولكن لم تظهر رسالة لكي اضغط يس
بل شريط اخضر ليبين التثبيت كومبوفيكس ثم لا رسائل ظهرت
وهذا تقري جديد للهايجك عملتو
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:43, on 12/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AGI\core\3.1\AGCoreService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
E:\سنن\آذان\pf\Salaty.exe
C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
D:\program files\Widgets\YahooWidgetEngine.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\IBRAHIM\Bureau\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: agcore.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
O1 - Hosts: 209.85.225.99 msnfix.changelog.fr
O1 - Hosts: 209.85.225.99 www.incodesolutions.com
O1 - Hosts: 209.85.225.99 virusinfo.prevx.com
O1 - Hosts: 209.85.225.99 download.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.dazhizhu.cn
O1 - Hosts: 209.85.225.99 foro.noticias3d.com
O1 - Hosts: 209.85.225.99 www.spybotupdates.com
O1 - Hosts: 209.85.225.99 www.nabble.com
O1 - Hosts: 209.85.225.99 lurker.clamav.net
O1 - Hosts: 209.85.225.99 lexikon.ikarus.at
O1 - Hosts: 209.85.225.99 research.sunbelt-software.com
O1 - Hosts: 209.85.225.99 www.virusdoctor.jp
O1 - Hosts: 209.85.225.99 www.elitepvpers.de
O1 - Hosts: 209.85.225.99 guru.avg.com
O1 - Hosts: 209.85.225.99 downloads.sophos.com
O1 - Hosts: 209.85.225.99 www.superuser.co.kr
O1 - Hosts: 209.85.225.99 ntfaq.co.kr
O1 - Hosts: 209.85.225.99 v.dreamwiz.com
O1 - Hosts: 209.85.225.99 cit.kookmin.ac.kr
O1 - Hosts: 209.85.225.99 forums.whatthetech.com
O1 - Hosts: 209.85.225.99 forum.hijackthis.de
O1 - Hosts: 209.85.225.99 avg.vo.llnwd.net
O1 - Hosts: 209.85.225.99 ftp.drweb.com
O1 - Hosts: 209.85.225.99 www.zonealarm.com
O1 - Hosts: 209.85.225.99 www.huaifai.go.th
O1 - Hosts: 209.85.225.99 www.mostz.com
O1 - Hosts: 209.85.225.99 www.krupunmai.com
O1 - Hosts: 209.85.225.99 www.cddchiangmai.net
O1 - Hosts: 209.85.225.99 forum.malekal.com
O1 - Hosts: 209.85.225.99 tech.pantip.com
O1 - Hosts: 209.85.225.99 sapcupgrades.com
O1 - Hosts: 209.85.225.99 www.elguruinformatico.com
O1 - Hosts: 209.85.225.99 www.247fixes.com
O1 - Hosts: 209.85.225.99 forum.sysinternals.com
O1 - Hosts: 209.85.225.99 forum.telecharger.01net.com
O1 - Hosts: 209.85.225.99 sophos.com
O1 - Hosts: 209.85.225.99 foros.softonic.com
O1 - Hosts: 209.85.225.99 avast-home.uptodown.com
O1 - Hosts: 209.85.225.99 dr-web-cureit.softonic.com
O1 - Hosts: 209.85.225.99 www.f-secure.com
O1 - Hosts: 209.85.225.99 www.chkrootkit.org
O1 - Hosts: 209.85.225.99 diamondcs.com.au
O1 - Hosts: 209.85.225.99 www.rootkit.nl
O1 - Hosts: 209.85.225.99 www.sysinternals.com
O1 - Hosts: 209.85.225.99 z-oleg.com
O1 - Hosts: 209.85.225.99 espanol.dir.groups.yahoo.com
O1 - Hosts: 209.85.225.99 ftp01net.telechargement.fr
O1 - Hosts: 209.85.225.99 www.castlecrops.com
O1 - Hosts: 209.85.225.99 www.misec.net
O1 - Hosts: 209.85.225.99 safecomputing.umn.edu
O1 - Hosts: 209.85.225.99 www.antirootkit.com
O1 - Hosts: 209.85.225.99 www.greatis.com
O1 - Hosts: 209.85.225.99 ar.answers.yahoo.com
O1 - Hosts: 209.85.225.99 www.elhacker.org
O1 - Hosts: 209.85.225.99 research.pandasecurity.com
O1 - Hosts: 209.85.225.99 www.rootkit.com
O1 - Hosts: 209.85.225.99 www.pctools.com
O1 - Hosts: 209.85.225.99 www.pcsupportadvisor.com
O1 - Hosts: 209.85.225.99 www.resplendence.com
O1 - Hosts: 209.85.225.99 www.personal.psu.edu
O1 - Hosts: 209.85.225.99 foro.ethek.com
O1 - Hosts: 209.85.225.99 foro.elhacker.net
O1 - Hosts: 209.85.225.99 download.zonealarm.com
O1 - Hosts: 209.85.225.99 vil.nail.com
O1 - Hosts: 209.85.225.99 search.mcafee.com
O1 - Hosts: 209.85.225.99 wwww.mcafee.com
O1 - Hosts: 209.85.225.99 download.nai.com
O1 - Hosts: 209.85.225.99 wwww.experts-exchange.com
O1 - Hosts: 209.85.225.99 www.bakunos.com
O1 - Hosts: 209.85.225.99 www.darkclockers.com
O1 - Hosts: 209.85.225.99 www2.gmer.net
O1 - Hosts: 209.85.225.99 ariefew.com
O1 - Hosts: 209.85.225.99 www.Merijn.org
O1 - Hosts: 209.85.225.99 www.spywareinfo.com
O1 - Hosts: 209.85.225.99 www.spybot.info
O1 - Hosts: 209.85.225.99 www.viruslist.com
O1 - Hosts: 209.85.225.99 www.hijackthis.de
O1 - Hosts: 209.85.225.99 ftp.f-secure.com
O1 - Hosts: 209.85.225.99 forum.kaspersky.com
O1 - Hosts: 209.85.225.99 es.trendmicro-europe.com
O1 - Hosts: 209.85.225.99 www.hvaonline.net
O1 - Hosts: 209.85.225.99 majorgeeks.com
O1 - Hosts: 209.85.225.99 www.avp.com
O1 - Hosts: 209.85.225.99 www.virustotal.com
O1 - Hosts: 209.85.225.99 www.sophos.com
O1 - Hosts: 209.85.225.99 linhadefensiva.uol.com.br
O1 - Hosts: 209.85.225.99 cmmings.cn
O1 - Hosts: 209.85.225.99 www.sergiwa.com
O1 - Hosts: 209.85.225.99 www.el-hacker.com
O1 - Hosts: 209.85.225.99 dl2.agnitum.com
O1 - Hosts: 209.85.225.99 forum.smadav.net
O1 - Hosts: 209.85.225.99 www.avg-antivirus.net
O1 - Hosts: 209.85.225.99 www.kaspersky-labs.com
O1 - Hosts: 209.85.225.99 www.kaspersky.com
O1 - Hosts: 209.85.225.99 www.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.free.grisoft.com
O1 - Hosts: 209.85.225.99 alerta-antivirus.inteco.es
O1 - Hosts: 209.85.225.99 greatis.com
O1 - Hosts: 209.85.225.99 www.oprekpc.com
O1 - Hosts: 209.85.225.99 securityresponse.symantec.com
O1 - Hosts: 209.85.225.99 www.analysis.seclab.tuwien.ac.at
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = ?
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\program files\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Block This Image (Adblock Pro) - D:\program files\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - D:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\program files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O20 - Winlogon Notify: tuvVNEuu - tuvVNEuu.dll (file missing)
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing)
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files\AGI\core\3.1\AGCoreService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12121 bytesتوقيع : Natalya
تأييد 0
Natalya
زيزوومى مبدع
- إنضم
- 4 سبتمبر 2009
- المشاركات
- 1,894
- مستوى التفاعل
- 36
- النقاط
- 680
غير متصلالمشكل الخطير الآن انني لا استطيع عمل تحديث لبرامج الحماية ولا حتى الدخول لمواقعها
برامج الحماية مستهدفة
ثانيا لو رأيتم موضوعي الثاني في القسم هناك مشكل عدم ظهور مركز الأمان للويندوز
لا اعرف ما اعمل....................
فيروسات انا ادخل موقع زيزووم فقط اي شئ آخر ....... عالم الحاسوب عجيب
هذا التقرير الذي طلبت
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32:24, on 12/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AGI\core\3.1\AGCoreService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
E:\سنن\آذان\pf\Salaty.exe
C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
D:\program files\Widgets\YahooWidgetEngine.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Documents and Settings\IBRAHIM\Bureau\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: agcore.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
O1 - Hosts: 209.85.225.99 msnfix.changelog.fr
O1 - Hosts: 209.85.225.99 www.incodesolutions.com
O1 - Hosts: 209.85.225.99 virusinfo.prevx.com
O1 - Hosts: 209.85.225.99 download.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.dazhizhu.cn
O1 - Hosts: 209.85.225.99 foro.noticias3d.com
O1 - Hosts: 209.85.225.99 www.spybotupdates.com
O1 - Hosts: 209.85.225.99 www.nabble.com
O1 - Hosts: 209.85.225.99 lurker.clamav.net
O1 - Hosts: 209.85.225.99 lexikon.ikarus.at
O1 - Hosts: 209.85.225.99 research.sunbelt-software.com
O1 - Hosts: 209.85.225.99 www.virusdoctor.jp
O1 - Hosts: 209.85.225.99 www.elitepvpers.de
O1 - Hosts: 209.85.225.99 guru.avg.com
O1 - Hosts: 209.85.225.99 downloads.sophos.com
O1 - Hosts: 209.85.225.99 www.superuser.co.kr
O1 - Hosts: 209.85.225.99 ntfaq.co.kr
O1 - Hosts: 209.85.225.99 v.dreamwiz.com
O1 - Hosts: 209.85.225.99 cit.kookmin.ac.kr
O1 - Hosts: 209.85.225.99 forums.whatthetech.com
O1 - Hosts: 209.85.225.99 forum.hijackthis.de
O1 - Hosts: 209.85.225.99 avg.vo.llnwd.net
O1 - Hosts: 209.85.225.99 ftp.drweb.com
O1 - Hosts: 209.85.225.99 www.zonealarm.com
O1 - Hosts: 209.85.225.99 www.huaifai.go.th
O1 - Hosts: 209.85.225.99 www.mostz.com
O1 - Hosts: 209.85.225.99 www.krupunmai.com
O1 - Hosts: 209.85.225.99 www.cddchiangmai.net
O1 - Hosts: 209.85.225.99 forum.malekal.com
O1 - Hosts: 209.85.225.99 tech.pantip.com
O1 - Hosts: 209.85.225.99 sapcupgrades.com
O1 - Hosts: 209.85.225.99 www.elguruinformatico.com
O1 - Hosts: 209.85.225.99 www.247fixes.com
O1 - Hosts: 209.85.225.99 forum.sysinternals.com
O1 - Hosts: 209.85.225.99 forum.telecharger.01net.com
O1 - Hosts: 209.85.225.99 sophos.com
O1 - Hosts: 209.85.225.99 foros.softonic.com
O1 - Hosts: 209.85.225.99 avast-home.uptodown.com
O1 - Hosts: 209.85.225.99 dr-web-cureit.softonic.com
O1 - Hosts: 209.85.225.99 www.f-secure.com
O1 - Hosts: 209.85.225.99 www.chkrootkit.org
O1 - Hosts: 209.85.225.99 diamondcs.com.au
O1 - Hosts: 209.85.225.99 www.rootkit.nl
O1 - Hosts: 209.85.225.99 www.sysinternals.com
O1 - Hosts: 209.85.225.99 z-oleg.com
O1 - Hosts: 209.85.225.99 espanol.dir.groups.yahoo.com
O1 - Hosts: 209.85.225.99 ftp01net.telechargement.fr
O1 - Hosts: 209.85.225.99 www.castlecrops.com
O1 - Hosts: 209.85.225.99 www.misec.net
O1 - Hosts: 209.85.225.99 safecomputing.umn.edu
O1 - Hosts: 209.85.225.99 www.antirootkit.com
O1 - Hosts: 209.85.225.99 www.greatis.com
O1 - Hosts: 209.85.225.99 ar.answers.yahoo.com
O1 - Hosts: 209.85.225.99 www.elhacker.org
O1 - Hosts: 209.85.225.99 research.pandasecurity.com
O1 - Hosts: 209.85.225.99 www.rootkit.com
O1 - Hosts: 209.85.225.99 www.pctools.com
O1 - Hosts: 209.85.225.99 www.pcsupportadvisor.com
O1 - Hosts: 209.85.225.99 www.resplendence.com
O1 - Hosts: 209.85.225.99 www.personal.psu.edu
O1 - Hosts: 209.85.225.99 foro.ethek.com
O1 - Hosts: 209.85.225.99 foro.elhacker.net
O1 - Hosts: 209.85.225.99 download.zonealarm.com
O1 - Hosts: 209.85.225.99 vil.nail.com
O1 - Hosts: 209.85.225.99 search.mcafee.com
O1 - Hosts: 209.85.225.99 wwww.mcafee.com
O1 - Hosts: 209.85.225.99 download.nai.com
O1 - Hosts: 209.85.225.99 wwww.experts-exchange.com
O1 - Hosts: 209.85.225.99 www.bakunos.com
O1 - Hosts: 209.85.225.99 www.darkclockers.com
O1 - Hosts: 209.85.225.99 www2.gmer.net
O1 - Hosts: 209.85.225.99 ariefew.com
O1 - Hosts: 209.85.225.99 www.Merijn.org
O1 - Hosts: 209.85.225.99 www.spywareinfo.com
O1 - Hosts: 209.85.225.99 www.spybot.info
O1 - Hosts: 209.85.225.99 www.viruslist.com
O1 - Hosts: 209.85.225.99 www.hijackthis.de
O1 - Hosts: 209.85.225.99 ftp.f-secure.com
O1 - Hosts: 209.85.225.99 forum.kaspersky.com
O1 - Hosts: 209.85.225.99 es.trendmicro-europe.com
O1 - Hosts: 209.85.225.99 www.hvaonline.net
O1 - Hosts: 209.85.225.99 majorgeeks.com
O1 - Hosts: 209.85.225.99 www.avp.com
O1 - Hosts: 209.85.225.99 www.virustotal.com
O1 - Hosts: 209.85.225.99 www.sophos.com
O1 - Hosts: 209.85.225.99 linhadefensiva.uol.com.br
O1 - Hosts: 209.85.225.99 cmmings.cn
O1 - Hosts: 209.85.225.99 www.sergiwa.com
O1 - Hosts: 209.85.225.99 www.el-hacker.com
O1 - Hosts: 209.85.225.99 dl2.agnitum.com
O1 - Hosts: 209.85.225.99 forum.smadav.net
O1 - Hosts: 209.85.225.99 www.avg-antivirus.net
O1 - Hosts: 209.85.225.99 www.kaspersky-labs.com
O1 - Hosts: 209.85.225.99 www.kaspersky.com
O1 - Hosts: 209.85.225.99 www.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.free.grisoft.com
O1 - Hosts: 209.85.225.99 alerta-antivirus.inteco.es
O1 - Hosts: 209.85.225.99 greatis.com
O1 - Hosts: 209.85.225.99 www.oprekpc.com
O1 - Hosts: 209.85.225.99 securityresponse.symantec.com
O1 - Hosts: 209.85.225.99 www.analysis.seclab.tuwien.ac.at
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = ?
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\program files\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Block This Image (Adblock Pro) - D:\program files\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - D:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\program files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O20 - Winlogon Notify: tuvVNEuu - tuvVNEuu.dll (file missing)
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing)
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files\AGI\core\3.1\AGCoreService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12193 bytesتوقيع : Natalya
تأييد 0
اختي حملي هالملف وطبقي الشرح
http://www.funkytoad.com/download/HostsXpert.zip
وبعدها عطينا تقرير هايجاك جديد
تأييد 0
Natalya
زيزوومى مبدع
- إنضم
- 4 سبتمبر 2009
- المشاركات
- 1,894
- مستوى التفاعل
- 36
- النقاط
- 680
غير متصلتفضل اخي انتظركم
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:30, on 12/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AGI\core\3.1\AGCoreService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
E:\سنن\آذان\pf\Salaty.exe
D:\program files\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\Webshots\315~1.761\Webshots.scr
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
D:\program files\Widgets\YahooWidgetEngine.exe
D:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtblfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\IBRAHIM\Bureau\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.6006.cc/?error
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.6006.cc/?error
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.6006.cc/?error
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: agcore.AGUtils - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - mscoree.dll (file missing)
O1 - Hosts: 209.85.225.99 msnfix.changelog.fr
O1 - Hosts: 209.85.225.99 www.incodesolutions.com
O1 - Hosts: 209.85.225.99 virusinfo.prevx.com
O1 - Hosts: 209.85.225.99 download.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.dazhizhu.cn
O1 - Hosts: 209.85.225.99 foro.noticias3d.com
O1 - Hosts: 209.85.225.99 www.spybotupdates.com
O1 - Hosts: 209.85.225.99 club.myce.com
O1 - Hosts: 209.85.225.99 www.nabble.com
O1 - Hosts: 209.85.225.99 lurker.clamav.net
O1 - Hosts: 209.85.225.99 lexikon.ikarus.at
O1 - Hosts: 209.85.225.99 research.sunbelt-software.com
O1 - Hosts: 209.85.225.99 www.virusdoctor.jp
O1 - Hosts: 209.85.225.99 www.elitepvpers.de
O1 - Hosts: 209.85.225.99 guru.avg.com
O1 - Hosts: 209.85.225.99 downloads.sophos.com
O1 - Hosts: 209.85.225.99 forum.softpedia.com
O1 - Hosts: 209.85.225.99 www.superuser.co.kr
O1 - Hosts: 209.85.225.99 ntfaq.co.kr
O1 - Hosts: 209.85.225.99 v.dreamwiz.com
O1 - Hosts: 209.85.225.99 cit.kookmin.ac.kr
O1 - Hosts: 209.85.225.99 forums.whatthetech.com
O1 - Hosts: 209.85.225.99 forum.hijackthis.de
O1 - Hosts: 209.85.225.99 avg.vo.llnwd.net
O1 - Hosts: 209.85.225.99 ftp.drweb.com
O1 - Hosts: 209.85.225.99 www.zonealarm.com
O1 - Hosts: 209.85.225.99 www.huaifai.go.th
O1 - Hosts: 209.85.225.99 www.mostz.com
O1 - Hosts: 209.85.225.99 www.krupunmai.com
O1 - Hosts: 209.85.225.99 www.cddchiangmai.net
O1 - Hosts: 209.85.225.99 forum.malekal.com
O1 - Hosts: 209.85.225.99 tech.pantip.com
O1 - Hosts: 209.85.225.99 sapcupgrades.com
O1 - Hosts: 209.85.225.99 www.elguruinformatico.com
O1 - Hosts: 209.85.225.99 social.microsoft.com
O1 - Hosts: 209.85.225.99 www.247fixes.com
O1 - Hosts: 209.85.225.99 forum.sysinternals.com
O1 - Hosts: 209.85.225.99 forum.telecharger.01net.com
O1 - Hosts: 209.85.225.99 sophos.com
O1 - Hosts: 209.85.225.99 foros.softonic.com
O1 - Hosts: 209.85.225.99 avast-home.uptodown.com
O1 - Hosts: 209.85.225.99 dr-web-cureit.softonic.com
O1 - Hosts: 209.85.225.99 heavenward.ru
O1 - Hosts: 209.85.225.99 www.f-secure.com
O1 - Hosts: 209.85.225.99 www.chkrootkit.org
O1 - Hosts: 209.85.225.99 diamondcs.com.au
O1 - Hosts: 209.85.225.99 www.rootkit.nl
O1 - Hosts: 209.85.225.99 www.sysinternals.com
O1 - Hosts: 209.85.225.99 z-oleg.com
O1 - Hosts: 209.85.225.99 espanol.dir.groups.yahoo.com
O1 - Hosts: 209.85.225.99 ftp01net.telechargement.fr
O1 - Hosts: 209.85.225.99 www.castlecrops.com
O1 - Hosts: 209.85.225.99 www.misec.net
O1 - Hosts: 209.85.225.99 safecomputing.umn.edu
O1 - Hosts: 209.85.225.99 www.antirootkit.com
O1 - Hosts: 209.85.225.99 www.greatis.com
O1 - Hosts: 209.85.225.99 ar.answers.yahoo.com
O1 - Hosts: 209.85.225.99 www.elhacker.org
O1 - Hosts: 209.85.225.99 research.pandasecurity.com
O1 - Hosts: 209.85.225.99 www.rootkit.com
O1 - Hosts: 209.85.225.99 www.pctools.com
O1 - Hosts: 209.85.225.99 www.pcsupportadvisor.com
O1 - Hosts: 209.85.225.99 www.resplendence.com
O1 - Hosts: 209.85.225.99 www.personal.psu.edu
O1 - Hosts: 209.85.225.99 foro.ethek.com
O1 - Hosts: 209.85.225.99 foro.elhacker.net
O1 - Hosts: 209.85.225.99 download.zonealarm.com
O1 - Hosts: 209.85.225.99 vil.nail.com
O1 - Hosts: 209.85.225.99 search.mcafee.com
O1 - Hosts: 209.85.225.99 wwww.mcafee.com
O1 - Hosts: 209.85.225.99 download.nai.com
O1 - Hosts: 209.85.225.99 wwww.experts-exchange.com
O1 - Hosts: 209.85.225.99 www.bakunos.com
O1 - Hosts: 209.85.225.99 www.darkclockers.com
O1 - Hosts: 209.85.225.99 www2.gmer.net
O1 - Hosts: 209.85.225.99 ariefew.com
O1 - Hosts: 209.85.225.99 www.Merijn.org
O1 - Hosts: 209.85.225.99 www.spywareinfo.com
O1 - Hosts: 209.85.225.99 www.spybot.info
O1 - Hosts: 209.85.225.99 www.viruslist.com
O1 - Hosts: 209.85.225.99 www.hijackthis.de
O1 - Hosts: 209.85.225.99 ftp.f-secure.com
O1 - Hosts: 209.85.225.99 forum.kaspersky.com
O1 - Hosts: 209.85.225.99 es.trendmicro-europe.com
O1 - Hosts: 209.85.225.99 www.hvaonline.net
O1 - Hosts: 209.85.225.99 majorgeeks.com
O1 - Hosts: 209.85.225.99 www.avp.com
O1 - Hosts: 209.85.225.99 www.virustotal.com
O1 - Hosts: 209.85.225.99 www.sophos.com
O1 - Hosts: 209.85.225.99 linhadefensiva.uol.com.br
O1 - Hosts: 209.85.225.99 cmmings.cn
O1 - Hosts: 209.85.225.99 www.sergiwa.com
O1 - Hosts: 209.85.225.99 www.el-hacker.com
O1 - Hosts: 209.85.225.99 dl2.agnitum.com
O1 - Hosts: 209.85.225.99 forum.smadav.net
O1 - Hosts: 209.85.225.99 www.avg-antivirus.net
O1 - Hosts: 209.85.225.99 www.kaspersky-labs.com
O1 - Hosts: 209.85.225.99 www.kaspersky.com
O1 - Hosts: 209.85.225.99 www.bleepingcomputer.com
O1 - Hosts: 209.85.225.99 www.free.grisoft.com
O1 - Hosts: 209.85.225.99 alerta-antivirus.inteco.es
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\program files\Internet Download Manager\IDMIECC.dll
O2 - BHO: agcore.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = ?
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe
O4 - Startup: Yahoo! Widget Engine.lnk = D:\program files\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\program files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Block This Image (Adblock Pro) - D:\program files\Adblock Pro\blockimg.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec IDM - D:\program files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - D:\program files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - D:\program files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{800B6DAE-ADA7-42AC-A91A-BCDB5D8EE6B4}: NameServer = 41.221.20.4 66.28.0.45
O20 - Winlogon Notify: tuvVNEuu - tuvVNEuu.dll (file missing)
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Norton\Norton2009Reset.exe (file missing)
O23 - Service: AG Core Services (AGCoreService) - AG Interactive - C:\Program Files\AGI\core\3.1\AGCoreService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 13257 bytesتوقيع : Natalya
تأييد 0
