أخي أنتظر سوف أرفع لك تقرير هيجاك ملاحظة أنا دخل على ويندوز عن طريق ويندوز PE وحرف السواقة الذي يعمل منه ويندوز PE هي رمز X
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:17:53 PM, on 1/10/2009
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
X:\WXPE\System32\smss.exe
X:\WXPE\system32\csrss.exe
X:\WXPE\System32\winlogon.exe
X:\WXPE\system32\services.exe
X:\WXPE\system32\lsass.exe
X:\WXPE\System32\XPELogon.exe
X:\WXPE\system32\svchost.exe
X:\WXPE\system32\svchost.exe
X:\Programs\Wb5\WbSrv.exe
X:\WXPE\system32\svchost.exe
X:\WXPE\system32\svchost.exe
X:\WXPE\System32\svchost.exe
X:\WXPE\Explorer.exe
X:\WXPE\System32\VisualTaskTips.exe
C:\Zyzoom_HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - %SystemDrive%\Programs\Java\bin\ssv.dll (file missing)
O4 - HKCU\..\Run: [VisualTaskTips] %SystemRoot%\System32\VisualTaskTips.exe
O4 - HKUS\S-1-5-18\..\Run: [VisualTaskTips] %SystemRoot%\System32\VisualTaskTips.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [VisualTaskTips] %SystemRoot%\System32\VisualTaskTips.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - %SystemDrive%\Programs\Java\bin\npjpi160_06.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - %SystemDrive%\Programs\Java\bin\npjpi160_06.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - X:\WXPE\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - X:\WXPE\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - X:\Programs\Internet\YAHOO!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - X:\Programs\Internet\YAHOO!\Messenger\YahooMessenger.exe
O9 - Extra button: Connect Windows Xpire - {FB5F1910-1111-DDDD-2222-0050045C3C96} -
(file missing)
O9 - Extra 'Tools' menuitem: Xtreme - {FB5F1910-1111-DDDD-2222-0050045C3C96} -
(file missing)
O10 - Broken Internet access because of LSP provider 'x:\wxpe\system32\rsvpsp.dll' missing
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O21 - SSODL: XpeShutdown - {DEADBEEF-BABE-BABE-BABE-DEADBEEFDEAD} - XpeShutdown.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Unknown owner - B:\AV7\sched.exe (file missing)
O23 - Service: DCOM Services (DcomLaunch) - Unknown owner - svchost.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - X:\WXPE\System32\vds.exe (file missing)
O23 - Service: Windows Blinds 5.x Loader (WbSrv) - LL Computers
- X:\Programs\Wb5\WbSrv.exe
--
End of file - 3417 bytes
