#1
|
||||
|
||||
![]() السلام عليكم ورحمة الله وبركاته كما هو موضح من العنوان الجهاز من فتره صار بطئ ويعلق.. ومن ثلاث أيام صار الكيبورد عندي يعلق على حرف معين ..يعني صرت ماأقدر بسهولة أكتب أي تعليق أو أكتب في الوورد لأن الحرف بس يتكرر وكأنه أحد ضاغط على الحرف أرجو تحليل التقارير اللي ارفقتها و التأكد من سلامة جهازي من الفايروس أو ملفات التجسس وجزاكم الله كل خير تقرير الهايجاك Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:47:05 م, on 27/01/2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\program files\real\realplayer\update\realsched.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\VIP\Local Settings\Temp\zxq1\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE D:\Downloads\Programs\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 10.0.0.138; O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrow serrecordplugin.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [WindowsLivePhone] C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe /AutoRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WindowsLivePhone] "C:\Program Files\Windows Live\Device Manager\msgrdvmn.exe" /AutoRun O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing) O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll, C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: خدمة تحديث Google (gupdate1c9e87c7103646a) (gupdate1c9e87c7103646a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe -- End of file - 10692 bytes تقرير قائمة البرامج المثبتة ====== معلومات نظام التشغيل ====== X86 WIN_XP 2600 Service Pack 2 ====== قائمة البرامج المثبتة ====== ACDSee 9 Photo Manager Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop CS Adobe Reader 8.2.5 Apple Application Support Apple Software Update Ask.com Search Assistant 1.0.2 Camtasia Studio 7 CCleaner Corel VideoStudio 12 COWON Media Center - jetAudio Basic Golden Al-Wafi Translator Google Chrome Google Earth Google Update Helper HDAUDIO SoftV92 Data Fax Modem with SmartCP HijackThis 2.0.2 Intel(R) Graphics Media *********** Driver InterVideo DeviceService Jasc Paint Shop Pro 8 Java Auto Updater Java(TM) 6 Update 2 Java(TM) 6 Update 23 Java(TM) 6 Update 7 Junk Mail filter update Kaspersky Internet Security 2011 Kaspersky Internet Security 2011 K-Lite Codec Pack 3.2.0 Full luxor 3 Macromedia Extension Manager Macromedia Flash 8 Macromedia Flash 8 Video Encoder Messenger Plus! Live Microsoft .NET Framework 2.0 Microsoft .NET Framework 2.0 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Kernel-Mode Driver Framework 1.0 Microsoft Office Access MUI (Arabic) 2007 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Arabic) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (Arabic) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (Arabic) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Language Pack 2007 - Arabic العربية Microsoft Office O MUI (Arabic) 2007 Microsoft Office OneNote MUI (Arabic) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (Arabic) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (Arabic) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Arabic) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (Arabic) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (Arabic) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office SharePoint Designer MUI (Arabic) 2007 Microsoft Office Word MUI (Arabic) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office X MUI (Arabic) 2007 Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs Microsoft Silverlight Microsoft Software Update for Web Folders (Arabic) 12 Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Text-to-Speech Engine 4.0 (English) Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.6.13) MSVCRT Nero 8 Lite 8.3.2.1 OpenOffice.org Installer 1.0 PowerDVD QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Rhapsody Player Engine Segoe UI Skype™ 3.8 SmartSound Quicktracks Plugin SmartSound Quicktracks Plugin Synaptics Pointing Device Driver VC80CRTRedist - 8.0.50727.762 Video Convert Master Trial Version (English) 7.9.0.6 VideoStudio Vimicro USB PC Camera WebFldrs XP WIDCOMM Bluetooth Software Windows Driver Package - Intel (NETw4x32) net (04/30/2007 11.1.1.11) Windows Driver Package - Intel (w29n51) net (04/04/2007 9.0.4.36) Windows Driver Package - Intel net (04/30/2007 11.1.1.11) Windows Driver Package - Intel net (04/30/2007 11.1.1.11) Windows Imaging Component Windows Installer 3.1 (KB893803) Windows Live Communications Platform Windows Live Device Manager Windows Live Essentials Windows Live Essentials Windows Live Messenger Windows Live Writer Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 WinRAR archiver Xilisoft Video Converter Ultimate أداة التحميل Windows Live Upload Tool أمان العائلة في Windows Live بريد Windows Live محول الصوتيات 5.9 مساعد تسجيل الدخول إلى Windows Live معرض صور Windows Live تقرير مالوير بايت ************' Anti-Malware 1.50.1.1100 www.************.org Database version: 5599 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 27/01/2011 11:39:27 م mbam-log-2011-01-27 (23-39-27).txt Scan type: Full scan (C:\|D:\|E:\|) Objects scanned: 238251 Time elapsed: 45 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Bifrost (Bifrose.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\WINDOWS\mui\FALLBACK\0401\calc.exe.mui (Trojan.FakeAlert) -> Quarantined and deleted successfully. بقي تقرير run scanner بس ما رضي يترفع معايا أكثر... |
مواقع النشر (المفضلة) |
|
|
![]() |
||||
الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
مشكلة الاكسبلورر وتعليق الجهاز (يوجد تقرير للجهاز ) | RSS | Arabic Rss | 0 | 11-24-2010 03:03 PM |
بطء في جهازي وتعليق دائم >>> | RSS | Arabic Rss | 0 | 10-31-2010 12:01 AM |
مشكلة تجميد وتعليق الجهاز كل دقيقة هتجنن ياناس | RSS | Arabic Rss | 0 | 10-23-2010 06:00 AM |
تهنيق وتعليق في جهازي (( تعبت من الفورمات ^-^ )) | RSS | Arabic Rss | 0 | 09-24-2010 04:51 PM |
شكوك في اختراق | RSS | Arabic Rss | 0 | 09-12-2010 01:31 PM |
|