التقرير كما هو ::
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:26:38 م, on 09/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth
Software\bin\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\IE7-WindowsXP-x86-ara\iexplore.exe
C:\Documents and Settings\zeyad\My
Documents\Downloads\Programs\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-
835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF
-17B458C2A3A8} - C:\Program Files\Internet Download
Manager\IDMIECC.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-
080000180323} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-
4d91-82A9-A0F997BA588C} - C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03
\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-
4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CEventSink Class - {B7154C4D-87C0-4A2C-AB64-
DA132BAC2EE6} - C:\Program
Files\AnchorFree\bin\AFBho.dll
O3 - Toolbar: AFToolbar - {1F385865-F3D4-41ff-960D-
7B7D0A7A72F6} - C:\Program
Files\AnchorFree\bin\AFToolbar.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET
Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program
Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVP]
"C:\Zyzoom_Kaspersky_Internet_Security_7.0.0.125
\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet
Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN
Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download All Links with
IDM - C:\Program Files\Internet Download
Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video
with IDM - C:\Program Files\Internet Download
Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM -
C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel
- res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth -
C:\Program Files\WIDCOMM\Bluetooth
Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-
4f18-8C95-4F1CBBF9C1D8} - C:\Program
Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences -
{0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program
Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5
-00401C608501} - C:\Program Files\Java\jre1.6.0_03
\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-
070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2
\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307
-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... -
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1
\MICROS~2\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-
D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-
3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11
\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7
-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E
-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75}
(CKAVWebScan Object) -
can_unicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1}
(ewidoOnlineScan Control) -
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN
Photo Upload Tool) -
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
(DivXBrowserPlugin Object) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
sh/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-
1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: Antiwpa - C:\WINDOWS\SYSTEM32
\antiwpa.dll
O23 - Service: Ares Chatroom server (AresChatServer) -
Ares Development Group - C:\Program
Files\Ares\chatServer.exe
O23 - Service: avp - Kaspersky Lab -
C:\Zyzoom_Kaspersky_Internet_Security_7.0.0.125\avp.exe
O23 - Service:
##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##
(Bonjour Service) - Apple Computer, Inc. - C:\Program
Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM,
Inc. - C:\Program Files\WIDCOMM\Bluetooth
Software\bin\btwdins.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown
owner - C:\Program Files\ESET\ESET Smart
Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - Unknown owner -
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision
Europe Ltd. - C:\Program Files\Common Files\Macrovision
Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Hotspot Shield Service
(HotspotShieldService) - Unknown owner - C:\Program
Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R)
Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation -
C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor
(S24EventMonitor) - Intel Corporation -
C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService)
- PC Tools - C:\Program Files\Spyware
Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService)
- PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent
Service (default)) - Analog Devices, Inc. - C:\Program
Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 8597 bytes
