- إنضم
- 15 أغسطس 2010
- المشاركات
- 294
- الإعجابات
- 47
- النقاط
- 0
السلام عليكم ورحمة الله وبركاته
ياشباب فرمت جهازي 3 مرات ماهو ظلم !
والسبب : اشتغل على الجهاز وفجاه تطلع لي شاشه زرقاء + تسوي ريستارت
طبعاً ماعرفت كيف اصور الشاشه الزرقاء بس الي قريته مكتوب 600×800
وهذا تقرير هاي جاك
ياشباب بانتظاركم
ياشباب فرمت جهازي 3 مرات ماهو ظلم !
والسبب : اشتغل على الجهاز وفجاه تطلع لي شاشه زرقاء + تسوي ريستارت
طبعاً ماعرفت كيف اصور الشاشه الزرقاء بس الي قريته مكتوب 600×800
وهذا تقرير هاي جاك
logfile of trend micro hijackthis v2.0.4
scan saved at 03:06:18 م, on 18/12/2010
platform: Windows xp sp3 (winnt 5.01.2600)
msie: Internet explorer v6.00 sp3 (6.00.2900.5512)
boot mode: Normal
running processes:
D:\windows\system32\smss.exe
d:\windows\system32\winlogon.exe
d:\windows\system32\services.exe
d:\windows\system32\savedump.exe
d:\windows\system32\lsass.exe
d:\program files\faronics\deep freeze\install d-0\dfserv.exe
d:\windows\system32\svchost.exe
d:\windows\system32\svchost.exe
d:\program files\intel\wireless\bin\evteng.exe
d:\program files\intel\wireless\bin\s24evmon.exe
d:\windows\system32\spoolsv.exe
d:\program files\intel\wireless\bin\regsrvc.exe
d:\windows\system32\wuauclt.exe
d:\windows\explorer.exe
d:\windows\system32\wscntfy.exe
d:\windows\rthdcpl.exe
d:\program files\intel\wireless\bin\zcfgsvc.exe
d:\program files\intel\wireless\bin\ifrmewrk.exe
d:\program files\intel\wireless\bin\eouwiz.exe
d:\program files\keyscrambler\keyscrambler.exe
d:\windows\system32\ctfmon.exe
d:\program files\windows live\messenger\msnmsgr.exe
c:\wamp\wampmanager.exe
d:\program files\no-ip\duc20.exe
d:\docume~1\me\locals~1\temp\rtkbtmnt.exe
d:\progra~1\intel\wireless\bin\dot1xcfg.exe
c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
d:\program files\faronics\deep freeze\install d-0\_$df\frzstate2k.exe
c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
d:\program files\internet explorer\iexplore.exe
d:\program files\windows live\contacts\wlcomm.exe
d:\windows\system32\wuauclt.exe
d:\program files\internet explorer\iexplore.exe
\?\d:\windows\system32\wbem\wmiadap.exe
d:\documents and settings\me\سطح المكتب\hijackthis.exe
r3 - urlsearchhook: Messengerpluslive saudi arabia tb toolbar - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o2 - bho: Conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\conduitengine.dll
o2 - bho: مساعد تسجيل الدخول إلى windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Messengerpluslive saudi arabia tb - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o3 - toolbar: Messengerpluslive saudi arabia tb toolbar - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o3 - toolbar: Conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\conduitengine.dll
o4 - hklm\..\run: [rthdcpl] rthdcpl.exe
o4 - hklm\..\run: [skytel] skytel.exe
o4 - hklm\..\run: [alcmtr] alcmtr.exe
o4 - hklm\..\run: [azmixersel] d:\program files\realtek\installshield\azmixersel.exe
o4 - hklm\..\run: [intelzeroconfig] "d:\program files\intel\wireless\bin\zcfgsvc.exe"
o4 - hklm\..\run: [intelwireless] "d:\program files\intel\wireless\bin\ifrmewrk.exe" /tf intel proset/wireless
o4 - hklm\..\run: [eouapp] "d:\program files\intel\wireless\bin\eouwiz.exe"
o4 - hklm\..\run: [keyscrambler] d:\program files\keyscrambler\keyscrambler.exe /a
o4 - hkcu\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [msnmsgr] "d:\program files\windows live\messenger\msnmsgr.exe" /background
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'network service')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'default user')
o4 - startup: No-ip duc.lnk = d:\program files\no-ip\duc20.exe
o4 - global startup: Start wampserver.lnk = c:\wamp\wampmanager.exe
o9 - extra button: (no name) - {5c106a59-cc3c-4caa-81a4-6d909b5ace23} - d:\program files\keyscrambler\keyscramblerie.dll
o9 - extra 'tools' menuitem: &keyscrambler options - {5c106a59-cc3c-4caa-81a4-6d909b5ace23} - d:\program files\keyscrambler\keyscramblerie.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - d:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - d:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - d:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - d:\program files\messenger\msmsgs.exe
o16 - dpf: {6924091f-cd97-41e1-b1d4-d9079409d413} (imcv1 control) - http://chatplus.server4flood.com:1999/talk.cab
o16 - dpf: {b7fdb0c3-4724-46d2-b8db-6fa1dc63f7ca} (readuid.usercontrolmacentry) - http://chatplus.server4flood.com:1999/readuid.cab
o17 - hklm\system\ccs\services\tcpip\..\{af7fd890-e2ad-4baa-869d-c80057582339}: Nameserver = 192.168.1.1
o20 - winlogon notify: Dflogon - logondll.dll (file missing)
o22 - sharedtaskscheduler: Browseui preloader - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - d:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8c7461ef-2b13-11d2-be35-3078302c2030} - d:\windows\system32\browseui.dll
o23 - service: Dfserv - faronics corporation - d:\program files\faronics\deep freeze\install d-0\dfserv.exe
o23 - service: Intel(r) proset/wireless event log (evteng) - intel corporation - d:\program files\intel\wireless\bin\evteng.exe
o23 - service: خدمة تحديث google (gupdate) (gupdate) - google inc. - d:\program files\google\update\googleupdate.exe
o23 - service: Intel(r) proset/wireless registry service (regsrvc) - intel corporation - d:\program files\intel\wireless\bin\regsrvc.exe
o23 - service: Intel(r) proset/wireless service (s24eventmonitor) - intel corporation - d:\program files\intel\wireless\bin\s24evmon.exe
o23 - service: Wampapache - apache software foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
--
end of file - 6025 bytes
scan saved at 03:06:18 م, on 18/12/2010
platform: Windows xp sp3 (winnt 5.01.2600)
msie: Internet explorer v6.00 sp3 (6.00.2900.5512)
boot mode: Normal
running processes:
D:\windows\system32\smss.exe
d:\windows\system32\winlogon.exe
d:\windows\system32\services.exe
d:\windows\system32\savedump.exe
d:\windows\system32\lsass.exe
d:\program files\faronics\deep freeze\install d-0\dfserv.exe
d:\windows\system32\svchost.exe
d:\windows\system32\svchost.exe
d:\program files\intel\wireless\bin\evteng.exe
d:\program files\intel\wireless\bin\s24evmon.exe
d:\windows\system32\spoolsv.exe
d:\program files\intel\wireless\bin\regsrvc.exe
d:\windows\system32\wuauclt.exe
d:\windows\explorer.exe
d:\windows\system32\wscntfy.exe
d:\windows\rthdcpl.exe
d:\program files\intel\wireless\bin\zcfgsvc.exe
d:\program files\intel\wireless\bin\ifrmewrk.exe
d:\program files\intel\wireless\bin\eouwiz.exe
d:\program files\keyscrambler\keyscrambler.exe
d:\windows\system32\ctfmon.exe
d:\program files\windows live\messenger\msnmsgr.exe
c:\wamp\wampmanager.exe
d:\program files\no-ip\duc20.exe
d:\docume~1\me\locals~1\temp\rtkbtmnt.exe
d:\progra~1\intel\wireless\bin\dot1xcfg.exe
c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
d:\program files\faronics\deep freeze\install d-0\_$df\frzstate2k.exe
c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
d:\program files\internet explorer\iexplore.exe
d:\program files\windows live\contacts\wlcomm.exe
d:\windows\system32\wuauclt.exe
d:\program files\internet explorer\iexplore.exe
\?\d:\windows\system32\wbem\wmiadap.exe
d:\documents and settings\me\سطح المكتب\hijackthis.exe
r3 - urlsearchhook: Messengerpluslive saudi arabia tb toolbar - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o2 - bho: Conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\conduitengine.dll
o2 - bho: مساعد تسجيل الدخول إلى windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Messengerpluslive saudi arabia tb - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o3 - toolbar: Messengerpluslive saudi arabia tb toolbar - {f78a8f02-19ee-4de8-8ea7-6138e8b524f4} - d:\program files\messengerpluslive_saudi_arabia_tb\tbmess.dll
o3 - toolbar: Conduit engine - {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\conduitengine.dll
o4 - hklm\..\run: [rthdcpl] rthdcpl.exe
o4 - hklm\..\run: [skytel] skytel.exe
o4 - hklm\..\run: [alcmtr] alcmtr.exe
o4 - hklm\..\run: [azmixersel] d:\program files\realtek\installshield\azmixersel.exe
o4 - hklm\..\run: [intelzeroconfig] "d:\program files\intel\wireless\bin\zcfgsvc.exe"
o4 - hklm\..\run: [intelwireless] "d:\program files\intel\wireless\bin\ifrmewrk.exe" /tf intel proset/wireless
o4 - hklm\..\run: [eouapp] "d:\program files\intel\wireless\bin\eouwiz.exe"
o4 - hklm\..\run: [keyscrambler] d:\program files\keyscrambler\keyscrambler.exe /a
o4 - hkcu\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [msnmsgr] "d:\program files\windows live\messenger\msnmsgr.exe" /background
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'network service')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] d:\windows\system32\ctfmon.exe (user 'default user')
o4 - startup: No-ip duc.lnk = d:\program files\no-ip\duc20.exe
o4 - global startup: Start wampserver.lnk = c:\wamp\wampmanager.exe
o9 - extra button: (no name) - {5c106a59-cc3c-4caa-81a4-6d909b5ace23} - d:\program files\keyscrambler\keyscramblerie.dll
o9 - extra 'tools' menuitem: &keyscrambler options - {5c106a59-cc3c-4caa-81a4-6d909b5ace23} - d:\program files\keyscrambler\keyscramblerie.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - d:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - d:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - d:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: Windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - d:\program files\messenger\msmsgs.exe
o16 - dpf: {6924091f-cd97-41e1-b1d4-d9079409d413} (imcv1 control) - http://chatplus.server4flood.com:1999/talk.cab
o16 - dpf: {b7fdb0c3-4724-46d2-b8db-6fa1dc63f7ca} (readuid.usercontrolmacentry) - http://chatplus.server4flood.com:1999/readuid.cab
o17 - hklm\system\ccs\services\tcpip\..\{af7fd890-e2ad-4baa-869d-c80057582339}: Nameserver = 192.168.1.1
o20 - winlogon notify: Dflogon - logondll.dll (file missing)
o22 - sharedtaskscheduler: Browseui preloader - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - d:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8c7461ef-2b13-11d2-be35-3078302c2030} - d:\windows\system32\browseui.dll
o23 - service: Dfserv - faronics corporation - d:\program files\faronics\deep freeze\install d-0\dfserv.exe
o23 - service: Intel(r) proset/wireless event log (evteng) - intel corporation - d:\program files\intel\wireless\bin\evteng.exe
o23 - service: خدمة تحديث google (gupdate) (gupdate) - google inc. - d:\program files\google\update\googleupdate.exe
o23 - service: Intel(r) proset/wireless registry service (regsrvc) - intel corporation - d:\program files\intel\wireless\bin\regsrvc.exe
o23 - service: Intel(r) proset/wireless service (s24eventmonitor) - intel corporation - d:\program files\intel\wireless\bin\s24evmon.exe
o23 - service: Wampapache - apache software foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
--
end of file - 6025 bytes
ياشباب بانتظاركم
