بشوشة
زيزوومى مميز
- إنضم
- 7 مايو 2011
- المشاركات
- 398
- مستوى التفاعل
- 20
- النقاط
- 480
غير متصل
واحد عطاني ملف تجسس اسمه
Love murderer.scr
حاولت احذفه وابي اتأكد من سلامة جهازي
هذا تقرير هايجاك
....................................................................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:22:22 م, on 15/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINXP\System32\smss.exe
D:\WINXP\system32\winlogon.exe
D:\WINXP\system32\services.exe
D:\WINXP\system32\lsass.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\svchost.exe
D:\WINXP\System32\svchost.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\spoolsv.exe
D:\WINXP\Explorer.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINXP\RTHDCPL.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Real\RealPlayer\update\realsched.exe
D:\Program Files\Quick net\ModemListener.exe
D:\Program Files\Ask.com\Updater\Updater.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\WINXP\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Quick net\HSPA USB MODEM.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
D:\Program Files\Comodo\Dragon\dragon_updater.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Hotspot Shield\bin\hsswd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINXP\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Hotspot Shield\bin\openvpntray.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Real\RealPlayer\RecordingManager.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINXP\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ModemListener] D:\Program Files\Quick net\ModemListener.exe start
O4 - HKLM\..\Run: [ApnUpdater] "D:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Facemoi] c:\Facemoi\facemoi.exe
O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facemoi] C:\Facemoi\facemoi.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: فحص &عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EEE7C6-113D-42FF-AFC4-CC2B2D38B848}: NameServer = 84.235.6.55 84.235.57.230
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINXP\system32\Ati2evxx.exe
O23 - Service: خدمة Kaspersky لمكافحة الفيروسات (AVP) - Kaspersky Lab ZAO - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: DeviceManager - Unknown owner - D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - D:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - D:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 11742 bytes
Love murderer.scr
حاولت احذفه وابي اتأكد من سلامة جهازي
هذا تقرير هايجاك
....................................................................
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 05:22:22 م, on 15/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINXP\System32\smss.exe
D:\WINXP\system32\winlogon.exe
D:\WINXP\system32\services.exe
D:\WINXP\system32\lsass.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\svchost.exe
D:\WINXP\System32\svchost.exe
D:\WINXP\system32\Ati2evxx.exe
D:\WINXP\system32\spoolsv.exe
D:\WINXP\Explorer.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINXP\RTHDCPL.EXE
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Real\RealPlayer\update\realsched.exe
D:\Program Files\Quick net\ModemListener.exe
D:\Program Files\Ask.com\Updater\Updater.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\WINXP\system32\ctfmon.exe
D:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Facemoi\facemoi.exe
D:\Program Files\Quick net\HSPA USB MODEM.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
D:\Program Files\Comodo\Dragon\dragon_updater.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Hotspot Shield\bin\hsswd.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINXP\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Windows Live\Contacts\wlcomm.exe
D:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Hotspot Shield\bin\openvpntray.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtblfs.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Real\RealPlayer\RecordingManager.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Comodo\Dragon\dragon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: 65.54.239.80 messenger.hotmail.com
O1 - Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINXP\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ModemListener] D:\Program Files\Quick net\ModemListener.exe start
O4 - HKLM\..\Run: [ApnUpdater] "D:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Facemoi] c:\Facemoi\facemoi.exe
O4 - HKLM\..\Run: [AVP] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\New XP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facemoi] C:\Facemoi\facemoi.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &لوحة المفاتيح الظاهرية - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: فحص &عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{23EEE7C6-113D-42FF-AFC4-CC2B2D38B848}: NameServer = 84.235.6.55 84.235.57.230
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINXP\system32\Ati2evxx.exe
O23 - Service: خدمة Kaspersky لمكافحة الفيروسات (AVP) - Kaspersky Lab ZAO - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: DeviceManager - Unknown owner - D:\Program Files\Common Files\DeviceHelper\DeviceManager.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - D:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - D:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 11742 bytes
