منتديات المجاوشي - عرض مشاركة واحدة - مشكلة فى الافيرا اضرب ويوجد صورة وتقرير هايجاك

#1 09-20-2011

تقرير هايجاك

Logfile of HijackThis v1.99.1
Scan saved at 7:40:44 AM, on 9/21/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\Program Files\Avira\AntiVir Desktop\sched.exe
H:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
H:\Program Files\Avira\AntiVir Desktop\avguard.exe
H:\Program Files\Panda USB Vaccine\USBVaccine.exe
H:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
H:\Program Files\Avira\AntiVir Desktop\avshadow.exe
H:\WINDOWS\system32\FsUsbExService.Exe
H:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Mail.Ru\Agent\MAgent.exe
H:\Program Files\Common Files\Real\Update_OB\realsched.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
H:\Program Files\Etisalat 3.5G USB Modem\Etisalat 3.5G USB Modem.exe
H:\Program Files\Opera\opera.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\Skype\Plugin Manager\skypePM.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Documents and Settings\XPPRESP3\Desktop\HijackThis.exe
H:\WINDOWS\system32\NOTEPAD.EXE
H:\Documents and Settings\XPPRESP3\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
H:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - H:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - H:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: ??C?I E???? C?II?? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - H:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\s wg.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - H:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - H:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [MAgent] H:\Program Files\Mail.Ru\Agent\MAgent.exe -LM
O4 - HKLM\..\Run: [OutpostMonitor] "H:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice
O4 - HKLM\..\Run: [MSConfig] H:\WINDOWS\system32\msconfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: EI??? ??C ?? C??I??E - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &EI??? ??C ?? Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - H:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ???C? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: ??&?C? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: C??? C???C?? - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: ??? C???C?? - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: ??U - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: ??U C???C?? - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - H:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll
O9 - Extra button: ??E????? - {724d43aa-0d85-11d4-9908-00400523e39a} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: O??? CI?CE ??E????? - {724d43aa-0d85-11d4-9908-00400523e39a} - file://H:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Mail.Ru Agent - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - H:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru Agent - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - H:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: h:\program files\avira\antivir desktop\avsda.dll
O10 - Unknown file in Winsock LSP: h:\program files\avira\antivir desktop\avsda.dll
O10 - Unknown file in Winsock LSP: h:\program files\avira\antivir desktop\avsda.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\prxerdrv.dll
O11 - Options group: [INTERNATIONAL] International
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - H:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - AppInit_DLLs: h:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: igfxcui - H:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - H:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira GmbH - H:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - H:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - H:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - H:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - H:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - H:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - H:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Guard.Mail.ru - Unknown owner - H:\Program Files\Mail.Ru\Guard\GuardMailRu.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe

الموضوع الأساسي: مشكلة فى الافيرا اضرب ويوجد صورة وتقرير هايجاك
المصدر: زيزوووم للأمن والحماية

أكثر...