لتخلص من جميع الفيروسات وفحص جهازك وتخلص من مشاكل الكمبيوتر
Logfile of HijackThis v1.99.1
Scan saved at 09:09:46 ص, on 07/06/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32ibmpmsvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSymantec AntiVirusSmc.exe
C:Program FilesIntelWiFibinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe
C:Program FilesThinkPadBluetooth Softwarebinbtwdins.exe
C:Program FilesCommon FilesSymantec SharedccSvcHst.exe
C:Program FilesIntelWiFibinEvtEng.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32TPHDEXLG.EXE
C:WINDOWSsystem32TpKmpSVC.exe
C:WINDOWSSystem32TUProgSt.exe
C:Program FilesWireless AutoSwitchWrlsAutoSW.exs
C:Program FilesIntelWiFibinWLKeeper.exe
C:Program FilesThinkPadConnectUtilitiesAcSvc.exe
C:Program FilesSymantec AntiVirusRtvscan.exe
C:Program FilesThinkPadConnectUtilitiesSvcGuiHlpr.exe
C:WINDOWSExplorer.EXE
C:Program FilesSymantec AntiVirusSmcGui.exe
C:Program FilesAnalog DevicesCoresmax4pnp.exe
C:Program FilesThinkPadConnectUtilitiesACTray.exe
C:Program FilesThinkPadConnectUtilitiesACWLIcon.exe
C:PROGRA~1ThinkPadUTILIT~1EzEjMnAp.Exe
C:PROGRA~1LenovoPkgMgrHOTKEYTPHKMGR.exe
C:WINDOWSsystem32rundll32.exe
C:Program FilesSynapticsSynTPSynTPLpr.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesLenovoPkgMgrHOTKEYTPONSCR.exe
C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe
C:Program FilesLenovoPkgMgrHOTKEY_1TpScrex.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboTaskBarIcon.exeC:WINDOWSsystem32ctfmon.exe
C:Program FilesNokiaNokia PC Suite 7PCSuite.exe
C:Program FilesThinkPadBluetooth SoftwareBTTray.exe
C:WINDOWSsystem32wbemunsecapp.exe
C:PROGRA~1ThinkPadBLUETO~1BTSTAC~1.EXE
C:Program FilesPC Connectivity SolutionServiceLayer.exe
C:Program FilesPC Connectivity SolutionTransportsNclUSBSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclIrSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclRSSrv.exe
C:Program FilesPC Connectivity SolutionTransportsNclBCBTSrv.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:WINDOWSsystem32svchost.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesAvant Browseravant.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
D:PROGRA~1MICROS~1Office12OUTLOOK.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesHijackthisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.yahoomail.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://phbtf
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = srvjirbisad01:8080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 10.*.*.*;172.*.*.*;192.168.*.*;128.127.*.*;*.hbtf.com.jo;*.hbtf.com;hbtf;*.jordan.housingbank.corp;<local>
R3 - URLSearchHook: LiveTV_ Toolbar - {59385f95-c52f-4a84-b674-4a4206b17218} - C:Program FilesLiveTV_tbLive.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: LiveTV_ Toolbar - {59385f95-c52f-4a84-b674-4a4206b17218} - C:Program FilesLiveTV_tbLive.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C
ocuments and Settingsa2526My DocumentsMy RoboForm Dataroboform.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:PROGRA~1MICROS~1Office12GRA8E1~1.DLL
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C
ocuments and Settingsa2526My DocumentsMy RoboForm Dataroboform.dllO3 - Toolbar: LiveTV_ Toolbar - {59385f95-c52f-4a84-b674-4a4206b17218} - C:Program FilesLiveTV_tbLive.dll
O4 - HKLM..Run: [SoundMAXPnP] C:Program FilesAnalog DevicesCoresmax4pnp.exe
O4 - HKLM..Run: [SoundMAX] C:Program FilesAnalog DevicesSoundMAXSmax4.exe /tray
O4 - HKLM..Run: [ACTray] C:Program FilesThinkPadConnectUtilitiesACTray.exe
O4 - HKLM..Run: [ACWLIcon] C:Program FilesThinkPadConnectUtilitiesACWLIcon.exe
O4 - HKLM..Run: [EZEJMNAP] C:PROGRA~1ThinkPadUTILIT~1EzEjMnAp.Exe
O4 - HKLM..Run: [TPHOTKEY] C:PROGRA~1LenovoPkgMgrHOTKEYTPHKMGR.exe
O4 - HKLM..Run: [TpShocks] TpShocks.exe
O4 - HKLM..Run: [TPKMAPHELPER] C:Program FilesThinkPadUtilitiesTpKmapAp.exe -helper
O4 - HKLM..Run: [PWRMGRTR] rundll32 C:PROGRA~1ThinkPadUTILIT~1PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM..Run: [SynTPLpr] C:Program FilesSynapticsSynTPSynTPLpr.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [IntelWireless] "C:Program FilesCommon FilesIntelWirelessCommoniFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..RunOnce: [KB926239] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKCU..Run: [histkill] "C:Program FilesHistoryKill 2006histkill.exe" /STARTUP
O4 - HKCU..Run: [RoboForm] "C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboTaskBarIcon.exe"O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [PC Suite Tray] "C:Program FilesNokiaNokia PC Suite 7PCSuite.exe" -onlytray
O4 - HKCU..RunOnce: [RegistryDefrag Success Message] "C:Program FilesTuneUp Utilities 2009TUMessages.exe" /RegDefrag_Success
O4 - HKCU..RunOnce: [PCSuite.exe] C:Program FilesNokiaNokia PC Suite 7PCSuite.exe -onlytray -install -startgcw
O4 - HKCU..RunOnce: [PcSync2.exe] C:Program FilesNokiaNokia PC Suite 7PcSync2.exe /NoDialog
O4 - Startup: necsys32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: Customize Menu - file://C
![:D](file://C<img src="look/images/smiles/biggrin2.gif" border="0" alt=":D" />ocuments)
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComCustomizeIEMenu.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://D:PROGRA~1MICROS~1Office12EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComFillForms.htmlO8 - Extra context menu item: RoboForm Toolbar - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComShowToolbar.htmlO8 - Extra context menu item: Save Forms - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComSavePass.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavaj2re1.4.2binnpjpi142.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:PROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:PROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComFillForms.htmlO9 - Extra Tools menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComFillForms.htmlO9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComSavePass.htmlO9 - Extra Tools menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComSavePass.htmlO9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComShowToolbar.htmlO9 - Extra Tools menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C
ocuments and Settingsa2526My DocumentsMy RoboForm DataRoboFormComShowToolbar.htmlO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:WINDOWSsystem32shdocvw.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesThinkPadBluetooth Softwarebtsendto_ie.htm
O9 - Extra Tools menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:Program FilesThinkPadBluetooth Softwarebtsendto_ie.htm
O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:Program FilesLenovoPkgMgrPkgMgr.exe
O14 - IERESET.INF: START_PAGE_URL=http://phbtf
O16 - DPF: {CBBD6FA7-2384-11D1-A8C9-0040C7116154} (BlueZone Access Server ActiveX Display) - http://192.168.150.82/HFAccess/HFDSP.CAB
O17 - HKLMSystemCCSServicesTcpipParameters: Domain = jordan.housingbank.corp
O17 - HKLMSoftware..Telephony: DomainName = jordan.housingbank.corp
O17 - HKLMSystemCS1ServicesTcpipParameters: Domain = jordan.housingbank.corp
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:PROGRA~1MICROS~1Office12GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:Program FilesCommon FilesMicrosoft SharedHelphxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:PROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:WINDOWSsystem32NavLogon.dll
O20 - Winlogon Notify: psfus - C:WINDOWSSYSTEM32psqlpwd.dll
O20 - Winlogon Notify: tpfnf2 - C:WINDOWSSYSTEM32notifyf2.dll
O20 - Winlogon Notify: tphotkey - C:WINDOWSSYSTEM32tphklock.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:Program FilesThinkPadConnectUtilitiesAcPrfMgrSvc.exe
O23 - Service: ACU Configuration Service (ACS) - Unknown owner - C:WINDOWSsystem32acs.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:Program FilesThinkPadConnectUtilitiesAcSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:Program FilesThinkPadBluetooth Softwarebinbtwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:Program FilesIntelWiFibinEvtEng.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:WINDOWSsystem32ibmpmsvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:Program FilesCommon FilesIntelWirelessCommonRegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f "%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:Program FilesIntelWiFibinS24EvMon.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:Program FilesSpyware DoctorpctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:Program FilesSpyware DoctorpctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:Program FilesSymantec AntiVirusSmc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:Program FilesSymantec AntiVirusSNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:Program FilesSymantec AntiVirusRtvscan.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:WINDOWSSystem32TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:WINDOWSsystem32TpKmpSVC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:WINDOWSSystem32TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:WINDOWSSystem32TUProgSt.exe
O23 - Service: Wireless AutoSwitch - Unknown owner - C:Program.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:Program FilesIntelWiFibinWLKeeper.exe