عرض مشاركة واحدة
قديم 25-12-2009, 08:57   #3
معلومات العضو
عبدالله الجامعي
أمل مضيء
الصورة الرمزية عبدالله الجامعي







عبدالله الجامعي غير متصل

افتراضي

حياك الله اخي الكريم
بالنسبة لسابقاً لم يفصل بيني وبين الاختراق سوى مشكلة
الا وهي انتهاء مفتاح الكاسبر وتعطل الكاسبر بالكامل وماهي الا
يومين واخترقت من بعدها قمت بتركيب جميع المطلوب ولم يكن لدي
الوقت الكافي لعمل الفورمات
,
بعد فحص الجهاز ببرنامج المرفق من قبلكم واعطاءي النتيجة
عملت فحص جديد من البرنامج الآخر كما هو مدون بشرحك اخي
وهاهي النتيجة

كود PHP:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11
:53:49 صon 25/12/09
Platform
Windows Vista SP1 (WinNT 6.00.1905)
MSIEInternet Explorer v8.00 (8.00.6001.18813)
Boot modeNormal

Running processes
:
C:\Windows\system32\taskeng.exe
C
:\Windows\system32\Dwm.exe
C
:\Windows\Explorer.EXE
C
:\Windows\system32\conime.exe
C
:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C
:\Program Files\Microsoft Security Essentials\msseces.exe
C
:\Program Files\Common Files\Real\Update_OB\realsched.exe
C
:\Program Files\Windows Live\Messenger\msnmsgr.exe
C
:\Program Files\Registry Clean Expert\RCHelper.exe
C
:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C
:\Windows\system32\WerCon.exe
C
:\Program Files\Internet Explorer\iexplore.exe
C
:\Program Files\Internet Explorer\iexplore.exe
C
:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C
:\Program Files\Windows Live\Contacts\wlcomm.exe
C
:\Windows\system32\SearchProtocolHost.exe
C
:\Program Files\Internet Explorer\iexplore.exe
C
:\Windows\system32\SearchFilterHost.exe
C
:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page about:blank
R1 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL http://go.microsoft.com/fwlink/?LinkId=69157
R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL http://go.microsoft.com/fwlink/?LinkId=54896
R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page http://go.microsoft.com/fwlink/?LinkId=54896
R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page http://en.us.acer.yahoo.com
R1 HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer 46;86;28;118:80
R1 
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride local
R0 
HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName 
R3 URLSearchHookHotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O2 
BHOIE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - (no file)
O2 BHOSnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 
BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 BHOAcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 
BHOSkype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 
BHORealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 
BHOWormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 BHO: (no name) - {8e2059f1-eda8-4ce0-bbea-b51c2cc43382} - (no file)
O2 BHOمساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 
BHOAF BHO - {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} - (no file)
O2 BHOHotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O2 
BHOAsk Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 
BHOJava(tmPlug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 
BHOHotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll
O2 
BHOBS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 
ToolbarAcer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 
ToolbarAFToolbar - {1F385865-F3D4-41ff-960D-7B7D0A7A72F6} - (no file)
O3 ToolbarBS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 
Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 ToolbarSnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 
ToolbarDigsby Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 
ToolbarHotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHots.dll
O4 
HKLM\..\Run: [avgnt"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 
HKLM\..\Run: [MSSE"C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 
HKLM\..\Run: [TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 
HKCU\..\Run: [msnmsgr"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 
HKCU\..\Run: [4shared Desktop"C:\Program Files\4shared Desktop\desktop.exe" "startup"
O4 HKCU\..\Run: [RegClean Expert Scheduler"C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup
O4 
StartupDisabled
O4 
- Global StartupDisabled
O6 
HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 
Extra context menu item: &ieSpell Options res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 Extra context menu itemCheck &Spelling res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 Extra context menu itemE&xport to Microsoft Excel res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 Extra context menu itemLookup on Merriam Webster file://C:\Program Files\ieSpell\Merriam Webster.HTM
O8 Extra context menu itemLookup on Wikipedia file://C:\Program Files\ieSpell\wikipedia.HTM
O8 Extra context menu itemSend image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 
Extra context menu itemSend page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 
Extra context menu itemSothink SWF Catcher C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 
Extra context menu itemإفحص هذا الرابط للتأكد من خلوه من الفايروسات  http://www.drweb.com/online/drweb-online-en.html
O9 Extra buttonIE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - (no file)
O9 Extra 'Tools' menuitemIE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - (no file)
O9 Extra buttonIE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - (no file)
O9 Extra 'Tools' menuitemIE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - (no file)
O9 Extra buttonieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 
Extra 'Tools' menuitemieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 
Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 
Extra 'Tools' menuitemieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 
Extra buttonWeb Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 
Extra buttonPalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 
Extra buttonSkype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 
Extra buttonResearch - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 
Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 
Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 
Extra buttonSothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 
Extra 'Tools' menuitemSothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 
DPFCabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 DPFJustin.tv Publisher http://ar.justin.tv/plugins/justintv_publisher.CAB
O16 DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} (SeeTooControl Class) - http://www.seetoo.com/downloadAddon.php?platform=Win32&browser=ie&ref=justintv&c=c9c8b27eafef3e5d0&browserVersion=6.0
O16 DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6796.cab
O16 DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259513218084
O16 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 DPF: {C171FF59-8C55-4796-A398-4F5D02B4C763} (IMC_Sec Control) - http://174.36.224.246/imscp/talks3n.cab
O16 DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 Protocolskype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 
ServiceAgere Modem Call Progress Audio (AgereModemAudio) - Agere Systems C:\Windows\system32\agrsmsvc.exe
O23 
ServiceALaunch Service (ALaunchService) - Unknown owner C:\Acer\ALaunch\ALaunchSvc.exe
O23 
ServiceAvira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 
ServiceAvira AntiVir Guard (AntiVirService) - Avira GmbH C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 
ServiceKaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 
ServiceCamelApache Unknown owner C:\camel\apache\apache.exe (file missing)
O23 ServiceCamelMysql Unknown owner C:\camel\mysql\bin\mysqld-nt.exe (file missing)
O23 ServiceCapture Device Service InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 
ServiceSymantec Lic NetConnect service (CLTNetCnService) - Unknown owner C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 ServiceEasyHideIP Unknown owner C:\Program Files\Easy-Hide-IP\services\EasyHideIp.exe
O23 
ServiceeLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 
ServiceeNet Service Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 
ServiceeRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 
ServiceeSettings Service (eSettingsService) - Unknown owner C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 
ServiceHotspot Shield Service (HotspotShieldService) - Unknown owner C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 
ServiceHotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 
ServiceHotspot Shield Tray Service (HssTrayService) - Unknown owner C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 
ServiceLightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 
ServiceMBAMService Malwarebytes Corporation C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: TeamViewer 4 (TeamViewer4) - Unknown owner - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: ePower Service (WMIService) - Unknown owner - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (file missing)
O23 - Service: XoftSpyService - ParetoLogic Inc. - C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe

--
End of file - 13865 bytes 
شاكرا ومقدر



التوقيع
[flash="http://n61c3a.bay.livefilestore.com/y1p56dxXqZIuWbb5mkdwob9iokUC73QsrDliDiULBQIsWwPfXk SJKS23CyhmGpO8iavvVYPOFrvlns/ljami3i.swf"]width=500 height=200[/flash]