جهازي فية فايروس كيف احذفة

السلام عليكم

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:(38 م, on 26/05/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesHotspot Shieldbinopenvpnas.exe
C:Program FilesHotspot ShieldHssWPRhsssrv.exe
C:Program FilesHotspot Shieldbinhsswd.exe
C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
C:WINDOWSExplorer.EXE
C:WINDOWSVistaDriveVistaDrive.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32S3trayp.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
C:Program FilesUltraVPNbinopenvpn-gui.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNo tifier.exe
C:Documents and Settingsووو.EXTRAPCLocal SettingsApplication DataGoogleUpdate1.2.183.23GoogleCrashHandler.e xe
C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesHotspot Shieldbinopenvpntray.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://search.conduit.com?SearchSour…ctid=CT1561552
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInt ernet Settings,ProxyOverride = local
R3 – URLSearchHook: Hotspot Shield Toolbar – {c95a4e8e-816d-4655-8c79-d736da1adb6d} – C:Program FilesHotspot_ShieldtbHots.dll
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 – BHO: RealPlayer Download and Record Plugin for Internet Explorer – {3049C3E9-B461-4BC5-8870-4C09146192CA} – C:Documents and SettingsAll UsersApplication DataRealRealPlayerBrowserRecordPluginIErpbrow serrecordplugin.dll
O2 – BHO: Groove GFS Browser Helper – {72853161-30C5-4D22-B7F9-0BBC1D38A37E} – C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 – BHO: مساعد تسجيل الدخول إلى Windows Live – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450sw g.dll
O2 – BHO: Google Dictionary Compression sdch – {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} – C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 – BHO: Hotspot Shield Toolbar – {c95a4e8e-816d-4655-8c79-d736da1adb6d} – C:Program FilesHotspot_ShieldtbHots.dll
O2 – BHO: Hotspot Shield Class – {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} – C:Program FilesHotspot ShieldhssieHssIE.dll
O3 – Toolbar: &Google Toolbar – {2318C2B1-4965-11d4-9B18-009027A5CD4F} – C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 – Toolbar: Hotspot Shield Toolbar – {c95a4e8e-816d-4655-8c79-d736da1adb6d} – C:Program FilesHotspot_ShieldtbHots.dll
O4 – HKLM..Run: C:WINDOWSVistaDriveVistaDrive.exe
O4 – HKLM..Run: “C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe”
O4 – HKLM..Run: “C:Program FilesAdobeReader 9.0ReaderReader_sl.exe”
O4 – HKLM..Run: VTTimer.exe
O4 – HKLM..Run: S3trayp.exe
O4 – HKLM..Run: “C:Program FilesCommon FilesRealUpdate_OBrealsched.exe” -osboot
O4 – HKLM..Run: C:Program FilesUltraVPNbinopenvpn-gui.exe
O4 – HKLM..Run: RTHDCPL.EXE
O4 – HKLM..Run: ALCMTR.EXE
O4 – HKLM..Run: “C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe” /starttray
O4 – HKCU..Run: C:WINDOWSsystem32ctfmon.exe
O4 – HKCU..Run: C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNo tifier.exe
O4 – HKCU..Run: “C:Documents and Settingsووو.EXTRAPCLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe” /c
O4 – HKCU..Run: “C:Program FilesWindows LiveMessengermsnmsgr.exe” /background
O4 – HKUSS-1-5-20..Run: C:WINDOWSsystem32CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 – HKUSS-1-5-20..RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘NETWORK SERVICE’)
O4 – HKUSS-1-5-18..Run: C:WINDOWSsystem32CTFMON.EXE (User ‘SYSTEM’)
O4 – HKUSS-1-5-18..RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘SYSTEM’)
O4 – HKUS.DEFAULT..Run: C:WINDOWSsystem32CTFMON.EXE (User ‘Default user’)
O4 – HKUS.DEFAULT..RunOnce: rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User ‘Default user’)
O4 – Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:Program FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 – Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 – Extra context menu item: ت&صدير إلى Microsoft Excel – res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 – Extra button: إرسال إلى OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: إر&سال إلى OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:Program FilesMessengermsmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:Program FilesMessengermsmsgs.exe
O16 – DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) – http://cdn.scan.onecare.live.com/res…scbase6087.cab
O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O23 – Service: Google Updater Service (gusvc) – Google – C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 – Service: Hotspot Shield Service (HotspotShieldService) – Unknown owner – C:Program FilesHotspot Shieldbinopenvpnas.exe
O23 – Service: Hotspot Shield Routing Service (HssSrv) – AnchorFree Inc. – C:Program FilesHotspot ShieldHssWPRhsssrv.exe
O23 – Service: Hotspot Shield Tray Service (HssTrayService) – Unknown owner – C:Program FilesHotspot ShieldbinHssTrayService.EXE
O23 – Service: Hotspot Shield Monitoring Service (HssWd) – Unknown owner – C:Program FilesHotspot Shieldbinhsswd.exe
O23 – Service: MBAMService – Malwarebytes Corporation – C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
—
End of file – 8364 bytes