السلام عليكم
صار عندي
الكمبيوتر يعلق بشكل فظيع
ارجوكم يا اساتذة تساعدوني في حل هذه المشكلة
جزاكم الله خيرا على جهودكم الخيرة
وهاكم التقرير
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8
50 AM, on 28/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WIN\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WIN\system32\spoolsv.exe
C:\WIN\system32\acs.exe
C:\WIN\Explorer.EXE
C:\WIN\system32\ctfmon.exe
C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\****\jre6\bin\jqs.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
C:\WIN\RTHDCPL.EXE
C:\WIN\system32\igfxpers.exe
C:\WIN\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WIN\system32\igfxtray.exe
C:\WIN\system32\hkcmd.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WIN\system32\svchost.exe
C:\WIN\System32\TUProgSt.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\AutorunRemover\AutorunRemover.exe
C:\program files\real\realplayer\update\realsched.e xe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Alwil Software\Avast4\ash***Sv.exe
C:\Program Files\Common Files\****\**** Update\jusched.exe
C:\Program Files\iTunes\iTune****per.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WWW.HOSTJSC.NET\Internet Download Manager\IDMan.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Livestation\Livestation.exe
C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IEMonitor.exe
C:\Program Files\Norton Utilities 14\nu.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\JaBack9\jre\bin\****w.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\WIN\system32\msiexec.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\CheckOutXP\CheckOutXP.exe
C:\WIN\Integrator.exe
C:\PROGRA~1\***shots\***shots.scr
C:\WIN\system32\wuauclt.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\JaBack9\jre\bin\****w.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpro.com/chitchat/{...5-7E4FD285E087}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentV ersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
F2 - REG:system.ini: ****l=
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper Shim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\********s and Settings\All Users.WIN\Application Data\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\Groove****lExtensions.dl l
O2 - BHO: ****(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\****\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: ****(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\****\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\****\jre6\lib\deploy\jqs\ie\jqs_pl ugin.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Persistence] C:\WIN\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [IgfxTray] C:\WIN\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WIN\system32\hkcmd.exe
O4 - HKLM\..\Run: [Hard Disk Sentinel] "C:\Program Files\Hard Disk Sentinel\HDSentinel.exe" /AUTORUN
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AutorunRemover.exe] C:\Program Files\AutorunRemover\AutorunRemover.exe -Hide
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.e xe" -osboot
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sun****UpdateSched] "C:\Program Files\Common Files\****\**** Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTune****per] "C:\Program Files\iTunes\iTune****per.exe"
O4 - HKCU\..\Run: [***camMaxAutoRun] "C:\Program Files\***camMax\***camMax.exe" -a
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKCU\..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\nu.exe /H
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig 20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig 20.exe" -t (User 'Default user')
O4 - Startup: AntiCrash.lnk = C:\Program Files\Dachshund Software\AntiCrash\AntiCrash.exe
O4 - Startup: CheckOutXP.lnk = C:\Program Files\CheckOutXP\CheckOutXP.exe
O4 - Startup: ***shots.lnk = C:\Program Files\***shots\Launcher.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp officejet 4100 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: JaBack9.lnk = C:\Program Files\JaBack9\jre\bin\****w.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Interne t Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Interne t Explorer\Control Panel present
O8 - Extra con**** menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra con**** menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra con**** menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra con**** menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra con**** menu item: Download all links with IDM - C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IEGetAll.htm
O8 - Extra con**** menu item: Download FLV video ******* with IDM - C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IEGetVL.htm
O8 - Extra con**** menu item: Download with IDM - C:\Program Files\
WWW.HOSTJSC.NET\Internet Download Manager\IEExt.htm
O8 - Extra con**** menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra con**** menu item: easy***Save - res://C:\Program Files\easy***Save\bin\adonbie.dll/ieSSave.htm
O8 - Extra con**** menu item: Free YouTube to Mp3 Converter - C:\********s and Settings\ali.ALI-AD0D970C640\Application Data\DVDVideoSoftIEHelpers\youtubetomp3. htm
O8 - Extra con**** menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra con**** menu item: Translate this *** page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra con**** menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O8 - Extra con**** menu item: Upload to Facebook - C:\Program Files\UploadRabbitforFacebook\iecon****. htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.d ll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.d ll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.D LL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WIN\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WIN\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this *** page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this *** page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra button: easy***Save - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\easy***Save\bin\ezsvcfg.exe (HKCU)
O9 - Extra 'Tools' menuitem: easy***Save - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\easy***Save\bin\ezsvcfg.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{01C6D C55-C7A1-4B4A-A725-C758C1C0D7D1}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CCS\Services\Tcpip\..\{2534C 08F-3E9B-401E-9FF2-A6DC1857082D}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CCS\Services\Tcpip\..\{4789D 51E-6200-4788-BD7E-284EFE626983}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7583 435-6F12-48ED-B8ED-108A791BA10E}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CCS\Services\Tcpip\..\{F32D3 5F0-695B-4354-878C-EBF5DAE7E796}: NameServer = 192.117.235.237 62.219.186.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD041 8F1-B919-4D13-860F-91374BC94307}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CS1\Services\Tcpip\..\{01C6D C55-C7A1-4B4A-A725-C758C1C0D7D1}: NameServer = 87.118.111.215,78.47.115.195
O17 - HKLM\System\CS2\Services\Tcpip\..\{01C6D C55-C7A1-4B4A-A725-C758C1C0D7D1}: NameServer = 87.118.111.215,78.47.115.195
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\WIN\system32\acs.exe
O23 - Service: ArcSoft Exchange Service (ADExchange) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! *** Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ash***Sv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: **** Quick Starter (****QuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\****\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WIN\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WIN\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WIN\System32\TUProgSt.exe
--
End of file - 15625 bytes
تستطيع المشاركة هنا والرد على الموضوع ومشاركة رأيك عبر حسابك في الفيس بوك
lshu]m la;gm jugdr hg;lfd,jv
المواضيع المتشابهه 
مساعدة مشكلة تعليق الكمبيوتر 
العرض الشجري
