logfile of trend micro hijackthis v2.0.4
scan saved at 12:12:27 ص, on 08/06/11
platform: Windows 7 (winnt 6.00.3504)
msie: Internet explorer v9.00 (9.00.8112.16421)
boot mode: Normal
running processes:
C:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\alwil software\avast5\avastui.exe
c:\program files\internet download manager\idman.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\utorrent\utorrent.exe
c:\program files\windows sidebar\sidebar.exe
c:\windows\system32\taskhost.exe
c:\program files\tuneup utilities 2010\tuneuputilitiesapp32.exe
c:\program files\internet download manager\iemonitor.exe
c:\program files\hotspot shield\bin\openvpntray.exe
c:\users\ll_abady_ll\appdata\local\google\chrome\application\chrome.exe
c:\windows\system32\rundll32.exe
c:\users\ll_abady_ll\appdata\local\google\chrome\application\chrome.exe
c:\users\ll_abady_ll\appdata\local\google\chrome\application\chrome.exe
c:\users\ll_abady_ll\downloads\programs\speccy.exe
c:\windows\system32\mspaint.exe
c:\zyzoom_forum_tools\zyzoom.exe
c:\zyzoom_forum_tools\zhijak.com
r1 - hkcu\software\microsoft\internet explorer\main,search page =
r0 - hkcu\software\microsoft\internet explorer\main,start page =
r1 - hklm\software\microsoft\internet explorer\main,default_page_url =
r1 - hklm\software\microsoft\internet explorer\main,default_search_url =
r1 - hklm\software\microsoft\internet explorer\main,search page =
r0 - hklm\software\microsoft\internet explorer\main,start page =
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o2 - bho: Idm helper - {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\idmiecc.dll
o2 - bho: Windows live id sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Hotspot shield class - {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\hssie.dll
o4 - hklm\..\run: [avast5] "c:\program files\alwil software\avast5\avastui.exe" /nogui
o4 - hkcu\..\run: [idman] c:\program files\internet download manager\idman.exe /onboot
o4 - hkcu\..\run: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
o4 - hkcu\..\run: [utorrent] "c:\program files\utorrent\utorrent.exe"
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o8 - extra context menu item: تحميل الكل بواسطة internet download manager - c:\program files\internet download manager\iegetall.htm
o8 - extra context menu item: تحميل بواسطة internet download manager - c:\program files\internet download manager\ieext.htm
o10 - unknown file in winsock lsp: C:\program files\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: C:\program files\common files\microsoft shared\windows live\wlidnsp.dll
o11 - options group: [accelerated_graphics] accelerated graphics
o17 - hklm\system\ccs\services\tcpip\..\{df52f6b0-7e76-4f30-a9d7-939de825253e}: Nameserver = 10.65.96.1
o23 - service: Ati external event utility - ati technologies inc. - c:\windows\system32\ati2evxx.exe
o23 - service: Avast! Antivirus - avast software - c:\program files\alwil software\avast5\avastsvc.exe
o23 - service: Avast! Firewall - avast software - c:\program files\alwil software\avast5\afwserv.exe
o23 - service: Hotspot shield service (hshld) - unknown owner - c:\program files\hotspot shield\bin\openvpnas.exe
o23 - service: Hotspot shield routing service (hsssrv) - anchorfree inc. - c:\program files\hotspot shield\hsswpr\hsssrv.exe
o23 - service: Hotspot shield tray service (hsstrayservice) - unknown owner - c:\program files\hotspot shield\bin\hsstrayservice.exe
o23 - service: Hotspot shield monitoring service (hsswd) - unknown owner - c:\program files\hotspot shield\bin\hsswd.exe
o23 - service: @c:\program files\tuneup utilities 2010\tuneupdefragservice.exe,-1 (tuneup.defrag) - tuneup software - c:\program files\tuneup utilities 2010\tuneupdefragservice.exe
o23 - service: Tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files\tuneup utilities 2010\tuneuputilitiesservice32.exe
--
end of file - 5109 bytes
