06-09-2009, 05:29 PM
|
| |
رد: اطرح مشكلتك او طلبك لأي شيء هنا وسنجيبك
تفضل اسير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:29:48 م, on 11/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013 )
Boot mode: Normal
Running processes:
C:\WINDOWS\Syst em32\smss.exe
C:\WINDOWS\syst em32\winlogon.e xe
C:\WINDOWS\syst em32\services.e xe
C:\WINDOWS\syst em32\lsass.exe
C:\WINDOWS\syst em32\Ati2evxx.e xe
C:\WINDOWS\syst em32\svchost.ex e
C:\WINDOWS\Syst em32\svchost.ex e
C:\WINDOWS\syst em32\spoolsv.ex e
C:\WINDOWS\syst em32\Ati2evxx.e xe
C:\WINDOWS\Expl orer.EXE
C:\Program Files\ATI Technologies\AT I.ACE\cli.exe
C:\Program Files\Synaptics \SynTP\SynTPEnh .exe
C:\WINDOWS\RTHD CPL.EXE
C:\Program Files\Synaptics \SynTP\Toshiba. exe
C:\WINDOWS\AGRS MMSG.exe
C:\Program Files\Toshiba\T oshiba Applet\thotkey. exe
C:\WINDOWS\syst em32\TPSMain.ex e
C:\Program Files\TOSHIBA\C onfigFree\NDSTr ay.exe
C:\Program Files\TOSHIBA\T OSHIBA Zooming Utility\SmoothV iew.exe
C:\Program Files\TOSHIBA\T ME3\TMERzCtl.EX E
C:\WINDOWS\Syst em32\DLA\DLACTR LW.EXE
C:\WINDOWS\syst em32\thpsrv.exe
C:\Program Files\TOSHIBA\T OSHIBA Controls\TFncKy .exe
C:\Program Files\QuickTime \qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd 2.exe
C:\Program Files\Java\jre6 \bin\jusched.ex e
C:\Program Files\Common Files\Real\Upda te_OB\realsched .exe
C:\Program Files\TOSHIBA\T OSCDSPD\toscdsp d.exe
C:\WINDOWS\syst em32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\ MsnMsgr.Exe
C:\Program Files\Google\Go ogleToolbarNoti fier\GoogleTool barNotifier.exe
C:\Program Files\DoubleD\G amingHarbor Toolbar\4.2.4.2 3050\stbapp.exe
C:\Program Files\Toshiba\B luetooth Toshiba Stack\TosBtMng. exe
C:\Program Files\HP\Digita l Imaging\bin\hpq tra08.exe
C:\Program Files\Microsoft Office\OFFICE11 \ONENOTEM.EXE
C:\Program Files\Toshiba\B luetooth Toshiba Stack\TosA2dp.e xe
C:\WINDOWS\syst em32\TPSBattM.e xe
C:\Program Files\Toshiba\B luetooth Toshiba Stack\TosBtHsp. exe
C:\Program Files\Toshiba\B luetooth Toshiba Stack\TosAVRC.e xe
C:\Program Files\Toshiba\B luetooth Toshiba Stack\tosOBEX.e xe
C:\Program Files\Toshiba\B luetooth Toshiba Stack\tosBtProc .exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\TOSHIBA\C onfigFree\CFSvc s.exe
C:\WINDOWS\syst em32\svchost.ex e
C:\Program Files\Java\jre6 \bin\jqs.exe
C:\WINDOWS\Syst em32\svchost.ex e
C:\WINDOWS\Syst em32\svchost.ex e
C:\Program Files\Microsoft \Search Enhancement Pack\SeaPort\Se aPort.exe
C:\WINDOWS\syst em32\svchost.ex e
C:\Program Files\Toshiba\T OSHIBA Applet\TAPPSRV. exe
C:\WINDOWS\syst em32\ThpSrv.exe
C:\Program Files\TOSHIBA\T ME3\Tmesrv31.ex e
C:\Program Files\TOSHIBA\T ME3\TMEEJME.EXE
C:\WINDOWS\syst em32\wscntfy.ex e
C:\Program Files\DoubleD\G amingHarbor Toolbar\4.2.4.2 3050\stbappHelp er.exe
C:\Program Files\Windows Live\Contacts\w lcomm.exe
C:\Program Files\HP\Digita l Imaging\bin\hpq STE08.exe
C:\Program Files\ATI Technologies\AT I.ACE\cli.exe
C:\Program Files\ATI Technologies\AT I.ACE\cli.exe
C:\WINDOWS\syst em32\wuauclt.ex e
C:\Program Files\Internet Explorer\IEXPLO RE.EXE
C:\Program Files\Windows Live\Toolbar\wl tuser.exe
C:\WINDOWS\syst em32\mspaint.ex e
C:\WINDOWS\syst em32\mspaint.ex e
C:\WINDOWS\syst em32\mspaint.ex e
C:\Documents and Settings\alshaa m\My Documents\برامج \HiJackThis.exe
R0 - HKCU\Software\M icrosoft\Intern et Explorer\Main,S tart Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\M icrosoft\Intern et Explorer\Main,D efault_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\M icrosoft\Intern et Explorer\Main,D efault_Search_U RL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\M icrosoft\Intern et Explorer\Main,S earch Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\M icrosoft\Intern et Explorer\Main,S tart Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.c om\tb4sh0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acr obat 7.0\ActiveX\Acr oIEHelper.dll
O2 - BHO: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.c om\tb4sh0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\Real Player\rpbrowse rrecordplugin.d ll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.7.1 .4630\NPIEAddOn .dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: DriveLetterAcce ss - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\Syst em32\DLA\DLASHX _W.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft \Search Enhancement Pack\Search Helper\SearchHe lper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6 \bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiv eLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Go ogle Toolbar\GoogleT oolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\Go ogleToolbarNoti fier\5.1.1309.1 5642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Go ogle Toolbar\Compone nt\fastsearch_2 19B3E1547538286 .dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6 \bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wl tcore.dll
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProt ect\MSIE\wrs.dl l
O2 - BHO: JQSIEStartDetec torImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6 \lib\deploy\jqs \ie\jqs_plugin. dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Go ogle Toolbar\GoogleT oolbar.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.c om\tb4sh0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wl tcore.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProt ect\MSIE\wrs.dl l
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - C:\Program Files\DoubleD\G amingHarbor Toolbar\4.2.4.2 3050\stb0.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\AT I.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics \SynTP\SynTPEnh .exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\T oshiba Applet\thotkey. exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\T OSHIBA Zooming Utility\SmoothV iew.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\T ME3\TMESRV31.EX E /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\T ME3\TMERzCtl.EX E /Service
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\Syst em32\DLA\DLACTR LW.EXE
O4 - HKLM\..\Run: [ThpSrv] c:\WINDOWS\syst em32\thpsrv /logon
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime \qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd 2.exe
O4 - HKLM\..\Run: [4shared Update] "C:\Program Files\4shared Desktop\checkUp date.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSc hed] "C:\Program Files\Java\jre6 \bin\jusched.ex e"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Upda te_OB\realsched .exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\T OSCDSPD\toscdsp d.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\syst em32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\ MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\Go ogleToolbarNoti fier\GoogleTool barNotifier.exe
O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\G amingHarbor Toolbar\4.2.4.2 3050\stbapp.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\syst em32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\. .\Run: [CTFMON.EXE] C:\WINDOWS\syst em32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11 \ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Cal ibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acr obat 7.0\Reader\read er_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digita l Imaging\bin\hpq tra08.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MIC ROS~2\OFFICE11\ EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.d ll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\Wri terBrowserExten sion.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\Wri terBrowserExten sion.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC ROS~2\OFFICE11\ REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger \msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger \msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProt ect\MSIE\wrs.dl l
O20 - AppInit_DLLs: C:\PROGRA~1\KAS PER~1\KASPER~1\ mzvkbd.dll,C:\P ROGRA~1\KASPER~ 1\KASPER~1\mzvk bd3.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\syst em32\Ati2evxx.e xe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\C onfigFree\CFSvc s.exe
O23 - Service: خدمة تحديث Google (gupdate1c9ff02 7618d088) (gupdate1c9ff02 7618d088) - Google Inc. - C:\Program Files\Google\Up date\GoogleUpda te.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Co mmon\Google Updater\GoogleU pdaterService.e xe
O23 - Service: Java Quick Starter (JavaQuickStart erService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6 \bin\jqs.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\T OSHIBA Applet\TAPPSRV. exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\syst em32\ThpSrv.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\T ME3\Tmesrv31.ex e
--
End of file - 11812 bytes
|