الموضوع: هل جهازك مصاب بفايروس او برامج خبيثه ؟ ( فيديو ) + ادوات معالجه الجهاز من الفيروسات
عرض مشاركة واحدة
قديم 06-03-2010, 06:16 PM   #103

عاشق العنابي
اولمبوي
 
الصورة الرمزية عاشق العنابي

رقَمْ آلع’َـضويـہ: 6251
التسِجيلٌ : May 2009
مشَارَڪاتْي : 180
 نُقآطِيْ » عاشق العنابي is on a distinguished road
افتراضي
اقتباس:
المشاركة الأصلية كتبت بواسطة عاشق العنابي مشاهدة المشاركة
اخوي انا جاني برنامج اسمهmy security engine يقولون فيرس مخرب عندي الانترنت اكس بلور

وهذا شوف شنهو الخرب
logfile of trend micro hijackthis v2.0.2
scan saved at 12:53:24 م, on 31/03/2010
platform: Windows xp sp3 (winnt 5.01.2600)
msie: Internet explorer v8.00 (8.00.6001.18702)
boot mode: Normal

running processes:
C:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\windows\explorer.exe
c:\windows\system32\rundll32.exe
c:\program files\athan\athan.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\common files\real\update_ob\realsched.exe
c:\program files\microsoft office\office12\groovemonitor.exe
c:\windows\system32\rundll32.exe
c:\program files\iminent\imbooster\imbooster.exe
c:\program files\iminent\searchtheweb\iminent.notifier.exe
c:\program files\common files\ahead\lib\nmbgmonitor.exe
c:\program files\messenger\msmsgs.exe
c:\progra~1\window~4\messen~1\msnmsgr.exe
c:\program files\google\googletoolbarnotifier\googletoolbarno tifier.exe
c:\windows\system32\ctfmon.exe
c:\program files\winzip\wzqkpick.exe
c:\program files\microsoft office\office12\onenotem.exe
c:\progra~1\yahoo!\messen~1\ymsgr_tray.exe
c:\program files\bonjour\mdnsresponder.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\tuneup utilities 2010\tuneuputilitiesservice32.exe
c:\program files\common files\ahead\lib\nmindexingservice.exe
c:\program files\tuneup utilities 2010\tuneuputilitiesapp32.exe
c:\program files\common files\ahead\lib\nmindexstoresvr.exe
c:\program files\opera\opera.exe
c:\documents and settings\all users\application data\c53716c\msc537.exe
c:\documents and settings\one\سطح المكتب\hijackthis.exe

r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet explorer\main,start page = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hkcu\software\microsoft\internet connection wizard,shellnext = http://go.divx.com/postinstall/win/en
r1 - hkcu\software\microsoft\windows\currentversion\int ernet settings,proxyoverride = *.local
r3 - urlsearchhook: Urlsearchhook class - {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\genericasktoolbar.dll
r3 - urlsearchhook: Imbooster4web-en toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - c:\program files\imbooster4web-en\tbimbo.dll
r3 - urlsearchhook: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
o1 - hosts: 74.125.45.100 4-open-davinci.com
o1 - hosts: 74.125.45.100 securitysoftwarepayments.com
o1 - hosts: 74.125.45.100 privatesecuredpayments.com
o1 - hosts: 74.125.45.100 secure.privatesecuredpayments.com
o1 - hosts: 74.125.45.100 getantivirusplusnow.com
o1 - hosts: 74.125.45.100 secure-plus-payments.com
o1 - hosts: 74.125.45.100 www.getantivirusplusnow.com
o1 - hosts: 74.125.45.100 www.secure-plus-payments.com
o1 - hosts: 74.125.45.100 www.getavplusnow.com
o1 - hosts: 74.125.45.100 safebrowsing-cache.google.com
o1 - hosts: 74.125.45.100 urs.microsoft.com
o1 - hosts: 74.125.45.100 www.securesoftwarebill.com
o1 - hosts: 74.125.45.100 secure.paysecuresystem.com
o1 - hosts: 74.125.45.100 paysoftbillsolution.com
o1 - hosts: 74.125.45.100 protected.maxisoftwaremart.com
o1 - hosts: 209.212.147.138 www.google.com
o1 - hosts: 209.212.147.138 google.com
o1 - hosts: 209.212.147.138 google.com.au
o1 - hosts: 209.212.147.138 www.google.com.au
o1 - hosts: 209.212.147.138 google.be
o1 - hosts: 209.212.147.138 www.google.be
o1 - hosts: 209.212.147.138 google.com.br
o1 - hosts: 209.212.147.138 www.google.com.br
o1 - hosts: 209.212.147.138 google.ca
o1 - hosts: 209.212.147.138 www.google.ca
o1 - hosts: 209.212.147.138 google.ch
o1 - hosts: 209.212.147.138 www.google.ch
o1 - hosts: 209.212.147.138 google.de
o1 - hosts: 209.212.147.138 www.google.de
o1 - hosts: 209.212.147.138 google.dk
o1 - hosts: 209.212.147.138 www.google.dk
o1 - hosts: 209.212.147.138 google.fr
o1 - hosts: 209.212.147.138 www.google.fr
o1 - hosts: 209.212.147.138 google.ie
o1 - hosts: 209.212.147.138 www.google.ie
o1 - hosts: 209.212.147.138 google.it
o1 - hosts: 209.212.147.138 www.google.it
o1 - hosts: 209.212.147.138 google.co.jp
o1 - hosts: 209.212.147.138 www.google.co.jp
o1 - hosts: 209.212.147.138 google.nl
o1 - hosts: 209.212.147.138 www.google.nl
o1 - hosts: 209.212.147.138 google.no
o1 - hosts: 209.212.147.138 www.google.no
o1 - hosts: 209.212.147.138 google.co.nz
o1 - hosts: 209.212.147.138 www.google.co.nz
o1 - hosts: 209.212.147.138 google.pl
o1 - hosts: 209.212.147.138 www.google.pl
o1 - hosts: 209.212.147.138 google.se
o1 - hosts: 209.212.147.138 www.google.se
o1 - hosts: 209.212.147.138 google.co.uk
o1 - hosts: 209.212.147.138 www.google.co.uk
o1 - hosts: 209.212.147.138 google.co.za
o1 - hosts: 209.212.147.138 www.google.co.za
o1 - hosts: 209.212.147.138 www.google-analytics.com
o1 - hosts: 209.212.147.138 www.bing.com
o1 - hosts: 209.212.147.138 search.yahoo.com
o1 - hosts: 209.212.147.138 www.search.yahoo.com
o1 - hosts: 209.212.147.138 uk.search.yahoo.com
o1 - hosts: 209.212.147.138 ca.search.yahoo.com
o1 - hosts: 209.212.147.138 de.search.yahoo.com
o1 - hosts: 209.212.147.138 fr.search.yahoo.com
o1 - hosts: 209.212.147.138 au.search.yahoo.com
o2 - bho: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
o2 - bho: Acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: Skype add-on (mastermind) - {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
o2 - bho: Realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
o2 - bho: Imbooster4web-en toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - c:\program files\imbooster4web-en\tbimbo.dll
o2 - bho: Groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\grooveshellextensions.dll
o2 - bho: Chelperbho - {84ff7bd6-b47f-46f8-9130-01b2696b36cb} - c:\program files\iminent\searchtheweb\iminent.bho.navigatione rror.dll
o2 - bho: مساعد تسجيل الدخول إلى windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Iminent webbooster - {a09ab6eb-31b5-454c-97ec-9b294d92ee2a} - c:\program files\iminent\imbooster4web\iminent.webbooster.dll
o2 - bho: Iminent.linktocontent - {a6e9baaf-53cd-4575-967b-2af710a7d21f} - c:\program files\iminent\imbooster\iminent.linktocontent.dll
o2 - bho: Google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: Google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\s wg.dll
o2 - bho: Ask toolbar bho - {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\genericasktoolbar.dll
o2 - bho: Java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: Jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: Google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: Imbooster4web-en toolbar - {346de098-61f9-4b42-89da-6dfba7091bb6} - c:\program files\imbooster4web-en\tbimbo.dll
o3 - toolbar: Ask toolbar - {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\genericasktoolbar.dll
o3 - toolbar: 4shared.com toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\tb4sha.dll
o4 - hklm\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hklm\..\run: [athan] c:\program files\athan\athan.exe
o4 - hklm\..\run: [sunjavaupdatesched] "c:\program files\java\jre6\bin\jusched.exe"
o4 - hklm\..\run: [tkbellexe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [groovemonitor] "c:\program files\microsoft office\office12\groovemonitor.exe"
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [4shared update] "c:\documents and settings\one\سطح المكتب\4shared desktop\checkupdate.exe"
o4 - hklm\..\run: [imbooster] c:\program files\iminent\imbooster\imbooster.exe /warmup
o4 - hklm\..\run: [iminent.notifier] c:\program files\iminent\searchtheweb\iminent.notifier.exe
o4 - hkcu\..\run: [flashget 3] "c:\program files\flashget network\flashget 3\flashget3.exe" -minimize
o4 - hkcu\..\run: [bgmonitor_{79662e04-7c6c-4d9f-84c7-88d8a56b10aa}] "c:\program files\common files\ahead\lib\nmbgmonitor.exe"
o4 - hkcu\..\run: [msmsgs] "c:\program files\messenger\msmsgs.exe" /background
o4 - hkcu\..\run: [msnmsgr] "c:\progra~1\window~4\messen~1\msnmsgr.exe" /background
o4 - hkcu\..\run: [yahoo! Pager] "c:\progra~1\yahoo!\messen~1\yahoom~1.exe" -quiet
o4 - hkcu\..\run: [swg] "c:\program files\google\googletoolbarnotifier\googletoolbarno tifier.exe"
o4 - hkcu\..\run: [bitcomet] "c:\program files\bitcomet\bitcomet.exe" /tray
o4 - hkcu\..\run: [4shared desktop] "c:\documents and settings\one\سطح المكتب\4shared desktop\desktop.exe" "startup"
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [my security engine] "c:\documents and settings\all users\application data\c53716c\msc537.exe" /s /d
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [_nltide_3] rundll32 advpack.dll,launchinfsectionex nlite.inf,c,,4,n (user 'local service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [_nltide_3] rundll32 advpack.dll,launchinfsectionex nlite.inf,c,,4,n (user 'network service')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\s-1-5-18\..\runonce: [_nltide_3] rundll32 advpack.dll,launchinfsectionex nlite.inf,c,,4,n (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - hkus\.default\..\runonce: [_nltide_3] rundll32 advpack.dll,launchinfsectionex nlite.inf,c,,4,n (user 'default user')
o4 - startup: Onenote 2007 screen clipper and launcher.lnk = c:\program files\microsoft office\office12\onenotem.exe
o4 - global startup: Winzip quick pick.lnk = c:\program files\winzip\wzqkpick.exe
o8 - extra context menu item: &download all using 4shared desktop - c:\documents and settings\one\سطح المكتب\4shared desktop\down_all.htm
o8 - extra context menu item: &download using 4shared desktop - c:\documents and settings\one\سطح المكتب\4shared desktop\down_link.htm
o8 - extra context menu item: Google sidewiki... - res://c:\program files\google\google toolbar\component\googletoolbardynamic_mui_en_60d6 097707281e79.dll/cmsidewiki.html
o8 - extra context menu item: Save flash with flash catcher - res://c:\program files\common files\justdo\iecatcher.dll/flashcatcher.htm
o8 - extra context menu item: ت&صدير إلى microsoft excel - res://c:\progra~1\micros~2\office12\excel.exe/3000
o9 - extra button: إرسال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra 'tools' menuitem: إر&سال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra button: Paltalk - {4eafef58-eefa-4116-983d-03b49bcbfffe} - c:\program files\paltalk messenger\paltalk.exe
o9 - extra button: Skype - {77bf5300-1474-4ec7-9980-d32b190e9b07} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra button: Flash catcher - {90bae0ef-f4bf-4fac-b2ec-2c725c34af12} - c:\program files\common files\justdo\iecatcher.dll
o9 - extra 'tools' menuitem: Flash catcher - {90bae0ef-f4bf-4fac-b2ec-2c725c34af12} - c:\program files\common files\justdo\iecatcher.dll
o9 - extra button: Research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office12\refiebar.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o18 - protocol: Groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd} - c:\program files\microsoft office\office12\groovesystemservices.dll
o23 - service: ##id_string1.6844f930_1628_4223_b5cc_5bb94b879762# # (bonjour service) - apple computer, inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: Flexnet licensing service - macrovision europe ltd. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: Google update service (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: Google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: Java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: Nbservice - nero ag - c:\program files\nero\nero 7\nero backitup\nbservice.exe
o23 - service: Nmindexingservice - nero ag - c:\program files\common files\ahead\lib\nmindexingservice.exe
o23 - service: Nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o23 - service: Tuneup drive defrag service (tuneup.defrag) - tuneup software - c:\program files\tuneup utilities 2010\tuneupdefragservice.exe
o23 - service: Tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files\tuneup utilities 2010\tuneuputilitiesservice32.exe

--
end of file - 14724 bytes
طيب وانا ماشفت حل لي
عاشق العنابي غير متصل   رد مع اقتباس