התגובות שלי בפורום
-
תגובות
-
הנה הלוג מההייג'ק
Logfile of HijackThis v1.99.1
Scan saved at 01:55:17, on 28/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Documents and Settings\סתיו\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Documents and Settings\סתיו\תפריט התחלה\תוכניות\הפעלה\hebrew.exe
E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Documents and Settings\סתיו\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
e:\program files\grasssoft\mouse recorder\MacroService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
e:\program files\grasssoft\mouse recorder\MacroServiceWnd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\windows-kb8 90830-v2.13-delta.exe
h:\8197446284c903c0e1df\mrtstub.exe
C:\WINDOWS\system32\MRT.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\סתיו\שולחן העבודה\דודי\HijackThis.exeR1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.il/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R3 – URLSearchHook: ICQ Toolbar – {855F3B16-6D32-4fe6-8A56-BBB695989046} – (no file)
O1 – Hosts: 69.89.69.16 atlantica.ndoorsgames.com
O2 – BHO: XTTBPos00 – {055FD26D-3A88-4e15-963D-DC8493744B1D} – (no file)
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 – BHO: Windows Live Family Safety Browser Helper – {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} – C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 – BHO: Spybot-S&D IE Protection – {53707962-6F74-2D53-2644-206D7942484F} – E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 – BHO: Click-to-Call BHO – {5C255C8A-E604-49b4-9D64-90988571CECB} – C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Mega Manager IE Click Monitor – {bf00e119-21a3-4fd1-b178-3b8537e75c92} – E:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 – BHO: Hotspot Shield Class – {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} – E:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 – Toolbar: Babylon – {965B54B0-71E0-4611-8DE7-F73FA0B20E26} – C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O3 – Toolbar: ICQ Toolbar – {855F3B16-6D32-4fe6-8A56-BBB695989046} – (no file)
O3 – Toolbar: donkeymails.com – {0C2DE3EC-DB84-4eeb-9FC1-69B5153C4239} – C:\Program Files\Internet Explorer\PLUGINS\toolbar4198185.dll
O3 – Toolbar: Veoh Web Player Video Finder – {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} – C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 – HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 – HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 – HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 – HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 – HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 – HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot – Search & Destroy\TeaTimer.exe
O4 – HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 – HKCU\..\Run: [UberIcon] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe"
O4 – HKCU\..\Run: [Google Update] "C:\Documents and Settings\סתיו\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 – Startup: hebrew.exe
O4 – Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 – Startup: Seagate 2GH13YLF Product Registration.lnk = ?
O4 – Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 – Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 – Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O8 – Extra context menu item: &Clean Traces – E:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 – Extra context menu item: &Download with &DAP – E:\Program Files\DAP\dapextie.htm
O8 – Extra context menu item: &Search – ?p=ZJfox000
O8 – Extra context menu item: Download &all with DAP – E:\Program Files\DAP\dapextie2.htm
O8 – Extra context menu item: Download Link Using Mega Manager… – E:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 – Extra context menu item: Translate with &Babylon – res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.ht m
O9 – Extra button: Blog This – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra 'Tools' menuitem: &Blog This in Windows Live Writer – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra button: donkeymails.com – {3B1BD330-82D0-4a56-AE53-C9EF12F6093D} – C:\Program Files\Internet Explorer\PLUGINS\toolbar4198185.dll
O9 – Extra 'Tools' menuitem: donkeymails.com – {3B1BD330-82D0-4a56-AE53-C9EF12F6093D} – C:\Program Files\Internet Explorer\PLUGINS\toolbar4198185.dll
O9 – Extra button: ICQ Lite – {B863453A-26C3-4e1f-A54D-A2CD196348E9} – E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 – Extra 'Tools' menuitem: ICQ Lite – {B863453A-26C3-4e1f-A54D-A2CD196348E9} – E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 – Extra button: (no name) – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 – Extra 'Tools' menuitem: Spybot – Search & Destroy Configuration – {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} – E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra 'Tools' menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 – Extra button: ICQ6 – {E59EB121-F339-4851-A3BA-FE49C35617C2} – E:\Program Files\ICQ6.5\ICQ.exe
O9 – Extra 'Tools' menuitem: ICQ6 – {E59EB121-F339-4851-A3BA-FE49C35617C2} – E:\Program Files\ICQ6.5\ICQ.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O10 – Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 – Options group: [INTERNATIONAL] International
O15 – Trusted Zone: http://www.google.co.il
O16 – DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) – http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 – DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) – http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab
O16 – DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) – http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56 986.cab
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 – DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) – http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 – DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) – http://messenger.zone.msn.com/binary/MessengerStatsPAClient. cab56907.cab
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s wflash.cab
O16 – DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) – http://messenger.zone.msn.com/binary/MineSweeper.cab56986.ca b
O18 – Protocol: bwfile-8876480 – {9462A756-7B47-47BC-8C80-C34B9B80B32B} – (no file)
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 – Protocol: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 – SSODL: WPDShServiceObj – {AAA288BA-9A4C-45B0-95D7-94D524869DB5} – C:\WINDOWS\system32\WPDShServiceObj.dll
O23 – Service: Ad-Aware 2007 Service (aawservice) – Lavasoft AB – E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 – Service: AOL Connectivity Service (AOL ACS) – AOL LLC – C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 – Service: Apple Mobile Device – Apple Inc. – C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: Capture Device Service – InterVideo Inc. – C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 – Service: ESET HTTP Server (EhttpSrv) – ESET – C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 – Service: ESET Service (ekrn) – ESET – C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 – Service: Hotspot Shield Service (HotspotShieldService) – Unknown owner – C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 – Service: Hotspot Shield Routing Service (HssSrv) – AnchorFree Inc. – E:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 – Service: Hotspot Shield Tray Service (HssTrayService) – Unknown owner – E:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Unknown owner – C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 – Service: LexBce Server (LexBceS) – Lexmark International, Inc. – C:\WINDOWS\system32\LEXBCES.EXE
O23 – Service: Macro Expert – Grass Software – e:\program files\grasssoft\mouse recorder\MacroService.exe
O23 – Service: nProtect GameGuard Service (npggsvc) – Unknown owner – C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: PC Tools Security Service (sdCoreService) – PC Tools – C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 – Service: TuneUp Drive Defrag Service (TuneUp.Defrag) – TuneUp Software GmbH – C:\WINDOWS\System32\TuneUpDefragService.exeתודה
