logfile of trend micro hijackthis v2.0.2
scan saved at 12:13:56 ص, on 17/03/2009
platform: Windows vista (winnt 6.00.1904)
msie: Internet explorer v7.00 (7.00.6000.16386)
boot mode: Normal
running processes:
C:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\windows\system32\taskeng.exe
c:\program files\windows defender\msascui.exe
c:\program files\windows sidebar\sidebar.exe
c:\program files\avant browser\avant.exe
c:\users\mohamed\desktop\zyzoom_hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page =
r0 - hkcu\software\microsoft\internet explorer\main,start page =
r1 - hklm\software\microsoft\internet explorer\main,default_page_url =
r1 - hklm\software\microsoft\internet explorer\main,default_search_url =
r1 - hklm\software\microsoft\internet explorer\main,search page =
r0 - hklm\software\microsoft\internet explorer\main,start page =
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o1 - hosts: ::1 localhost
o2 - bho: Ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
o4 - hklm\..\run: [windows defender] %programfiles%\windows defender\msascui.exe -hide
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
o9 - extra 'tools' menuitem: Sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
o13 - gopher prefix:
O16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) -
o17 - hklm\system\ccs\services\tcpip\..\{3f6513c1-5e2d-486c-9292-9d9631148ab7}: Nameserver = 208.67.222.222,208.67.220.220
--
end of file - 2290 bytes
