|.اتمنى تحليل هذه التقارير :)

اخباركم ؟

ان شاء الله بخير


حاب بس اتطمن على جهازي وكل التقارير موجودة

طبعا انا مااعتمد على موقع الهاجيك ابدا فاأتمنى من الاعضاء الذي سيحلل التقرير لايحلله على الموقع :smile:



تقرير الهاجيك

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:13:04 ص, on 24/11/10
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
I:\(2) dell\Documents\Downloads\Programs\Zyzoom_HijackThi s.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/.../ProtectLinksVb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT2207613
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/.../ProtectLinksVb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/.../ProtectLinksVb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/.../ProtectLinksVb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/.../ProtectLinksVb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files\Softonic_English_FF\tbSoft.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\progr am files\g data\internetsecurity\avkkid\avkcks.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files\Softonic_English_FF\tbSoft.dll
O3 - Toolbar: Softonic English FF Toolbar - {ffa0793e-3980-4be4-8234-048fa665f700} - C:\Program Files\Softonic_English_FF\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\InternetSecurity\WebFilter\AvkWebIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: جاري إرسال الصفحة إلى &جهاز Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: جاري إرسال الصورة إلى &جهاز Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O13 - Gopher Prefix:
O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - Unknown owner - C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe

--
End of file - 9274 bytes

تقرير عن قائمة البرامج المثبتة

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3 - Arabic
CCleaner
Conduit Engine
D3DX10
Emsisoft Anti-Malware 5.0
FormatFactory 2.60
G Data InternetSecurity 2011
HijackThis 2.0.2
ImageShack Uploader 2.2.0
Intel(R) Graphics Media *********** Driver
Intel(R) TV Wizard
Internet Download Manager
Java(TM) 6 Update 22
Messenger Plus! Live
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Mozilla Firefox (3.6.12)
MSVC80_x86_v2
MSVCRT
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
NVIDIA PhysX
PC Connectivity Solution
QuickSet32
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Smart Install Maker
SnagIt 9
Softonic English FF Toolbar
The KMPlayer (remove only)
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
VMware Workstation
VMware Workstation
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Messenger
Windows Live Photo Common
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR archiver
WinWatermark 2.2
برنامج WIDCOMM Bluetooth
حزمة اللغة العربية لـ Microsoft .NET Framework 4
حزمة برامج تشغيل Windows - Nokia Modem (06/09/2010 4.5)
حزمة برامج تشغيل Windows - Nokia Modem (06/09/2010 7.01.0.7)
حزمة برامج تشغيل Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)


تقرير runscanner

موقع up-master مدري وش فيه مايرفع يظهر لي خطأ

على العموم رفعته على الميديا فاير ، هو اهم شي به تقرير :d:

من هنا



تقرير مالوير بايت

حملته وقام حذفه الحصان اغلقت الحصان

وحملته من جديد قام حجبه الجي داتا :d:

قلت هالملف اكيد اكتشاف خاطئ

قلت نشوف رأيكم



تحياتي :king:

أكثر...