אז ככה הרצתי ועברתי על הלוג ומצאתי כמה דברים שניראים לי שאני צריך להעיף אותם ואמרתי אם כבר יש כמה דברים שאני רוצה את דעתכם נעלה כבר את הכול

.נ.ב

אני חושב....(כה אני יודע שזה נדיר אז מה!?) אולי כדאי שיהיה דביק על התוצאות הרגילות כאילו מה בדר"כ אמור להיות עם פירוט וזה? זה יכול לחסוך הרבה זמן!

בכול מיקרה תודה מראש

עידו

חחחחחחחחחחחחחחח רק אני מסוגל לבקש עזרה עם הלוג בלי באמת לשים אותו חחחחחחחחחחחחחחחחחחחחחחחחחח הנה

Logfile of HijackThis v1.99.0

Scan saved at 19:54:07, on 13/02/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Sygate\SPF\smc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\inetsrv\inetinfo.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Winamp\winamp.exe

C:\PROGRA~1\NORTON~1\navapw32.exe

C:\Program Files\ABIT\ABIT uGuru\uGuru.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe

c:\progra~1\intern~1\iexplore.exe

C:\PROGRA~1\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\SpyCQ\SpyCQ.exe

C:\Program Files\ICQ\icq.exe

C:\Program Files\MSN Apps\Updater\01.02.3000.1001\he-il\msnappau.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Documents and Settings\ido\My Documents\firefox\hijackthis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://xbdihprtcwgic.net/YHSYrvBzu9fnEEr4E2fIroTry3qiJub4ZDEJP9WDdM3equzvSfFbbVE3TET8y8Mt.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll

O2 - BHO: (no name) - {AAD27F0F-5FF2-2CF2-20F8-2632DBEFCABD} - blank (file missing)

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\he-il\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: list bird - {D7624DC6-C046-B471-DCBF-75E2DC5B0B22} - (no file)

O2 - BHO: (no name) - {F1118AA9-C22C-28AA-76C1-3DD41F3A5271} - blank (file missing)

O3 - Toolbar: Fourburndrive - {3E746F58-3045-3BDD-DA04-E4D63998592F} - (no file)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\he-il\msntb.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SymNetDrv\SNDMon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [mpeg test] C:\DOCUME~1\ido\APPLIC~1\one active\bodyboretons.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: SATARaid.lnk = ?

O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe

O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {346685E3-C383-11CF-A5A4-00AA00A45705} (ActiveX Control) - http://imd.gonext.co.il/gonext/zazabox/pc/SISActiveX.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.napster.com/client/setup.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {51C98AC0-31D3-4049-B659-24389E0D94E3} (TCM3Control Control) - http://video.icellcom.co.il/TCM3Viewer.cab

O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web8.cab

O16 - DPF: {AD8D3C68-0C60-4B53-8A9E-BC654BBB36FE} (download_35mb_com.applet) - http://www.35mb.com/downloadapplet.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktanks/BTDownloadCtrl.cab

O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab

O16 - DPF: {F59AB0C4-3443-4551-A78F-C101F9DE0215} (LauncherV1 Class) - http://irc.nana.co.il/Cabs/launcher39.cab

O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E835FEAB-BD4E-429A-8A92-AF9EB4DF8ED1}: NameServer = 192.115.106.35 62.219.186.7

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll

O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Bluetooth Service - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe

O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Sygate Personal Firewall - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

אגב אם אני יודע על תהליך מסויים כמו ה

icq video service

או משו כזה אני יכול לעצור אותו בלי שתיהיה לי שום בעיה אח"כ נכון?

בסיום הסריקה תסמן ב-V את הדברים שרשמתי לך , אחרי שסימנת את הדברים שצריך תעשה Fix Checked.

כמובן שתעשה את ההסרה בזמן שאתה נמצא במצב בטוח.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://xbdihprtcwgic.net/YHSYrvBzu9fnEEr4E2fIroTry3qiJub4ZDEJP9WDdM3equzvSfFbbVE3TET8y8Mt.html

O2 - BHO: (no name) - {AAD27F0F-5FF2-2CF2-20F8-2632DBEFCABD} - blank (file missing)

O2 - BHO: list bird - {D7624DC6-C046-B471-DCBF-75E2DC5B0B22} - (no file)

O2 - BHO: (no name) - {F1118AA9-C22C-28AA-76C1-3DD41F3A5271} - blank (file missing)

O3 - Toolbar: Fourburndrive - {3E746F58-3045-3BDD-DA04-E4D63998592F} - (no file)

O4 - HKCU\..\Run: [mpeg test] C:\DOCUME~1\ido\APPLIC~1\one active\bodyboretons.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -

O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll