السلام عليكم
هذه الصورة تظهر كتير
والمتصفح تبعى هو
Google Chrome
وهذا تقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:43 ص, on 27/05/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\RavMonD.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RsTray.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\qraan\Internet Download Manager\IDMan.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Documents and Settings\lala\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Movie Maker\moviemk.exe
C:\Documents and Settings\lala\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\lala\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\qraan\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\lala\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\lala\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\porogram1\hijackthis\Alshhb_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\qraan\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [RavTray] "C:\Program Files\Rising\Rav\RsTray.exe" -system
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] D:\Program Files\qraan\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download all links with IDM - D:\Program Files\qraan\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - D:\Program Files\qraan\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - D:\Program Files\qraan\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://67.222.158.38:1999/talk.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B627378-8685-418A-AAC5-4937B3F65008}: NameServer = 213.131.65.20,213.131.66.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{2B627378-8685-418A-AAC5-4937B3F65008}: NameServer = 213.131.65.20,213.131.66.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{2B627378-8685-418A-AAC5-4937B3F65008}: NameServer = 213.131.65.20,213.131.66.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Rav Service (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavMonD.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 5960 bytes
الروابط المفضلة