السلام عليكم ,, آسعد الله آوقاتكم بكل خير
عندي مشكله توقف توقف Internet Explorer عن العمل وظهور تم استعادة علامة التبويب هذه تسبب حدوث في صفحة ويب
نظام التشغيل : ويندز 7
تقرير الهايجاك :
كود PHP:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:08:32 ص, on 04/02/11
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
C:WindowsSystem32rundll32.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesHewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe
C:Program FilesSynapticsSynTPSynTPStart.exe
C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesCommon FilesJavaJava Updatejusched.exe
C:Program FilesAlwil SoftwareAvast5AvastUI.exe
C:Program FilesRealrealplayerUpdaterealsched.exe
C:Program FilesInternet Download ManagerIDMan.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462Googl eToolbarNotifier.exe
C:Program FilesCommon FilesACD SystemsENDevDetect.exe
C:UserspcAppDataLocalGoogleUpdate1.2.183.39GoogleCra shHandler.exe
C:Program FilesPaltalk Messengerpaltalk.exe
C:Program FilesStardockObjectDockObjectDock.exe
C:Windowssystem32taskhost.exe
C:Program FilesInternet Download ManagerIEMonitor.exe
C:Program FilesHewlett-PackardSharedHpqToaster.exe
C:Program FilesHotspot Shieldbinopenvpntray.exe
C:UserspcAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UserspcAppDataLocalGoogleChromeApplicationchrome.exe
C:UserspcAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32NOTEPAD.EXE
C:UserspcAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UserspcAppDataLocalGoogleChromeApplicationchrome.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:UserspcDownloadsZyzoom_HijackThis.exe
C:Windowssystem32SearchFilterHost.exe
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live Saudi Arabia Toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:Program FilesMessenger_Plus_Live_Saudi_ArabiatbMess.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O1 - Hosts: 69.175.21.202 shooq4.com
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program FilesInternet Download ManagerIDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:Program FilesTechSmithSnagit 10SnagitBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbr owserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~1MIF5BA~1Office12GR469A~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Messenger Plus Live Saudi Arabia Toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:Program FilesMessenger_Plus_Live_Saudi_ArabiatbMess.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll
O2 - BHO: D - {F770B5E8-35DC-3E98-AE2E-1519BBF1E49E} - C:Windowssystem32zp75990.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:Program FilesHotspot ShieldHssIEHssIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Messenger Plus Live Saudi Arabia Toolbar - {9d657fd4-0328-423a-b12d-9576cd92af19} - C:Program FilesMessenger_Plus_Live_Saudi_ArabiatbMess.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:Program FilesTechSmithSnagit 10SnagitIEAddin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll
O4 - HKLM..Run: [WirelessAssistant] C:Program FilesHewlett-PackardHP Wireless AssistantHPWAMain.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:Windowssystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:Windowssystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [QlbCtrl.exe] C:Program FilesHewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
O4 - HKLM..Run: [SynTPStart] C:Program FilesSynapticsSynTPSynTPStart.exe
O4 - HKLM..Run: [OnScreenDisplay] C:Program FilesHewlett-PackardHP QuickTouchHPKBDAPP.exe
O4 - HKLM..Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM..Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM..Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
O4 - HKCU..Run: [IDMan] C:Program FilesInternet Download ManagerIDMan.exe /onboot
O4 - HKCU..Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462Googl eToolbarNotifier.exe
O4 - HKCU..Run: [Google Update] "C:\Users\pc\AppData\Local\Google\Update\GoogleUpd ate.exe" /c
O4 - HKCU..Run: [Device Detector] DevDetect.exe -autorun
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:Program FilesStardockObjectDockObjectDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: PalTalk.lnk = C:Program FilesPaltalk Messengerpaltalk.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:Program FilesInternet Download ManagerIEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:Program FilesInternet Download ManagerIEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:Program FilesInternet Download ManagerIEGetVL.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MIF5BA~1Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MIF5BA~1Office12ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:Program FilesPaltalk MessengerPaltalk.exe
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MIF5BA~1OFFICE11REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLMSystemCCSServicesTcpip..{CECE38DB-CB39-4E84-A312-0BF79BC42583}: NameServer = 10.72.48.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:PROGRA~1MIF5BA~1Office12GRA32A~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:Program FilesAlwil SoftwareAvast5afwServ.exe
O23 - Service: BandLuxe Service (BandLuxe_Service) - BandRich Inc. - C:Program FilesBandRichBandLuxe HSDPA Utility R11BRService.exe
O23 - Service: Change Modem Device Service - Unknown owner - C:WindowsSystem32ChgService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:Program FilesHotspot Shieldbinopenvpnas.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:Program FilesHewlett-PackardSharedhpqWmiEx.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:Program FilesHotspot ShieldHssWPRhsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:Program FilesHotspot ShieldbinHssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:Program FilesHotspot Shieldbinhsswd.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32nvvsvc.exe
--
End of file - 13001 bytes
أكثر...