08-07-2011
|
 |
ناقل الأخبار
|
|
تاريخ التسجيل: 11 - 2 - 10
المشاركات: 664,995
|
|
تقريري هايجاك ورن سكنر
بسم الله الرحمن الرحيم
السلام عليكم ورحمه الله وبركاته
كل عام وانتم بخير
جزاكم الله خيرا
القاء نظره على التقارير المرفقه
لانني اصبت بشكوك حيال الجهاز
بارك الله فيكم
تقرير الهايجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:26:45 AM, on 8/7/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application
Data\DatacardService\HWDeviceService.exe
C:\Program Files\Malwarebytes' Anti-
Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Zain
Broadband\OnlineUpdate\ouc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web
Printing\hpswp_clipbook.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = local
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-
17B458C2A3A8} - C:\Program Files\Internet Download
Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09
-768834316C61} - C:\Program Files\HP\Digital
Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596
-FA578C2EBDC3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for
Internet Explorer - {3049C3E9-B461-4BC5-8870-
4C09146192CA} - C:\Documents and Settings\All
Users\Application
Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrec
ordplugin.dll
O2 - BHO: ????? ????? ?????? ??? Windows Live - {9030D464-
4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-
BDC2-0E72E116A856} - C:\Program Files\HP\Digital
Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart
Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program
Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows
Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: تحميل الكل بواسطة Internet
Download Manager - C:\Program Files\Internet Download
Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download
Manager - C:\Program Files\Internet Download
Manager\IEExt.htm
O9 - Extra button: Show or hide HP Smart Web Printing -
{DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program
Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C6F4B4F-
2C83-49BE-84C2-18AFF6088D87}: NameServer =
208.67.220.220,204.74.101.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{39D901E5-
FE39-4EEB-A72B-3223D20DFA65}: NameServer =
208.67.220.220,204.74.101.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6226212F-
48F3-4B73-9650-619F82CEBC23}: NameServer =
208.67.220.220,204.74.101.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{82210903-
74DC-4E13-80DE-1CC6F843BF20}: NameServer =
196.27.0.53 196.27.0.230
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1B1A6C8-
737B-4370-BA69-E740B8297E80}: NameServer =
208.67.220.220,204.74.101.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C6F4B4F-
2C83-49BE-84C2-18AFF6088D87}: NameServer =
208.67.220.220,204.74.101.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C6F4B4F-
2C83-49BE-84C2-18AFF6088D87}: NameServer =
208.67.220.220,204.74.101.1
O23 - Service: Eset Trial Reset (.EsetTrialReset) - Unknown
owner - C:\WINDOWS\reset.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET -
C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program
Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HWDeviceService.exe - Unknown owner -
C:\Documents and Settings\All Users\Application
Data\DatacardService\HWDeviceService.exe
O23 - Service: MBAMService - Malwarebytes Corporation -
C:\Program Files\Malwarebytes' Anti-
Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Zain Broadband. OUC (Zain Broadband.
RunOuc) - Unknown owner - C:\Program Files\Zain
Broadband\UpdateDog\ouc.exe
--
End of file - 5611 bytes
وتقرير رن سكنر
تحميل الملف run.rar من هنا
الموضوع الأساسي: تقريري هايجاك ورن سكنر
المصدر: زيزوووم للأمن والحماية
أكثر...
|