[تم حل المشكلة]تقرير الافيرا الرجاء المساعدة

  • بادئ الموضوع بادئ الموضوع hasonasaid
  • تاريخ البدء تاريخ البدء
  • المشاهدات 858
الحالة
مغلق و غير مفتوح للمزيد من الردود.
H

hasonasaid

زيزوومي جديد
إنضم
28 مارس 2009
المشاركات
38
مستوى التفاعل
0
النقاط
50
غير متصل
Avira AntiVir Personal
Report file date: 19 ابريل, 2009 23:23

Scanning for 1426624 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : hasona
Computer name : HASONA-4F74CFA8

Version information:
BUILD.DAT : 9.0.0.386 17962 Bytes 3/11/2009 15:55:00
AVSCAN.EXE : 9.0.3.3 464641 Bytes 2/24/2009 10:13:28
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 08:58:26
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 09:35:50
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 04:29:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 11:32:40
ANTIVIR2.VDF : 7.1.4.0 2336768 Bytes 5/20/2009 04:15:54
ANTIVIR3.VDF : 7.1.4.21 200704 Bytes 5/26/2009 12:52:36
Engineversion : 8.2.0.168
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 06:33:10
AESCRIPT.DLL : 8.1.2.0 389497 Bytes 5/15/2009 07:20:36
AESCN.DLL : 8.1.2.3 127347 Bytes 5/15/2009 07:20:36
AERDL.DLL : 8.1.1.3 438645 Bytes 11/4/2008 23:43:26
AEPACK.DLL : 8.1.3.16 397686 Bytes 5/8/2009 07:51:08
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 11:56:12
AEHEUR.DLL : 8.1.0.129 1761655 Bytes 5/15/2009 07:20:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 11:56:12
AEGEN.DLL : 8.1.1.44 348532 Bytes 5/15/2009 07:20:34
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/15/2008 02:49:36
AECORE.DLL : 8.1.6.9 176500 Bytes 4/14/2009 04:42:00
AEBB.DLL : 8.1.0.3 53618 Bytes 10/15/2008 02:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:48:00
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 08:32:16
AVREP.DLL : 8.0.0.3 155688 Bytes 5/26/2009 12:52:38
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 08:32:10
AVARKT.DLL : 9.0.0.1 292609 Bytes 2/9/2009 05:52:26
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 08:37:10
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 13:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 06:21:34
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 08:32:12
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 2/9/2009 09:45:46
RCTEXT.DLL : 9.0.35.0 87297 Bytes 3/11/2009 13:55:14

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\DOCUME~1\hasona\LOCALS~1\Temp\RarSFX0\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 19 ابريل, 2009 23:23

Initiating scan of system files:
Signed -> 'C:\WINDOWS\system32\svchost.exe'
Signed -> 'C:\WINDOWS\system32\winlogon.exe'
Signed -> 'C:\WINDOWS\explorer.exe'
Signed -> 'C:\WINDOWS\system32\smss.exe'
Signed -> 'C:\WINDOWS\system32\wininet.DLL'
Signed -> 'C:\WINDOWS\system32\wsock32.DLL'
Signed -> 'C:\WINDOWS\system32\ws2_32.DLL'
Signed -> 'C:\WINDOWS\system32\services.exe'
Signed -> 'C:\WINDOWS\system32\lsass.exe'
Signed -> 'C:\WINDOWS\system32\csrss.exe'
Signed -> 'C:\WINDOWS\system32\drivers\kbdclass.sys'
Signed -> 'C:\WINDOWS\system32\spoolsv.exe'
Signed -> 'C:\WINDOWS\system32\alg.exe'
Signed -> 'C:\WINDOWS\system32\wuauclt.exe'
Signed -> 'C:\WINDOWS\system32\advapi32.DLL'
Signed -> 'C:\WINDOWS\system32\user32.DLL'
Signed -> 'C:\WINDOWS\system32\gdi32.DLL'
Signed -> 'C:\WINDOWS\system32\kernel32.DLL'
Signed -> 'C:\WINDOWS\system32\ntdll.DLL'
Signed -> 'C:\WINDOWS\system32\ntoskrnl.exe'
Signed -> 'C:\WINDOWS\system32\ctfmon.exe'
The system files were scanned ('21' files)

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'zyzoom_avira9.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'IEMonitor.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'IDMan.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned

Starting master boot sector scan:

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '55' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\PAGEFILE.SYS
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيف.rar
[0] Archive type: RAR
--> ￯↑ᆱᆬ ゚←↑ᆬ¥■¬゚ᄁ.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
Begin scan in 'D:\'
D:\New Folder (2)\power_point2003.part2.rar
[0] Archive type: RAR
--> power point2003\lesson\403.avi
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
Begin scan in 'E:\'
E:\idm1010\RapiDown.rar
[0] Archive type: RAR
--> Crack.exe
[DETECTION] Is the TR/Agent.1026560.B Trojan
--> RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
Begin scan in 'F:\'
Begin scan in 'G:\'
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[0] Archive type: RAR
--> IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan

Beginning disinfection:
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\اداه التنظيف.rar
[NOTE] The file was moved to '4ac39b7e.qua'!
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\يمسح المحفوظات.exe
[DETECTION] Contains a recognition pattern of the (harmful) BDS/Backdoor.Gen back-door program
[NOTE] The file was moved to '501ea11c.qua'!
E:\idm1010\RapiDown.rar
[NOTE] The file was moved to '4a5b9b38.qua'!
E:\idm1010\RapiDown 5.9us.exe
[DETECTION] Is the TR/PSW.Stealer.742804 Trojan
[NOTE] The file was moved to '4b293b21.qua'!
G:\ahly\New Folder\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4a389b1b.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft.rar
[NOTE] The file was moved to '4b5f640c.qua'!
G:\ahly\New Folder\برامج\IDM 5.15 Build 6 By Arab-Soft\Patch.and.keygen\Patch.exe
[DETECTION] Is the TR/Spy.44544.1 Trojan
[NOTE] The file was moved to '4a5f9b38.qua'!


End of the scan: 19 ابريل, 2009 23:42
Used time: 18:55 Minute(s)

The scan has been done completely.

3971 Scanned directories
108657 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
108647 Files not concerned
939 Archives were scanned
4 Warnings
9 Notes
 

ترتيب حسب التاريخ ترتيب حسب الأصوات
وهذا تقرير هاىجاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:58 ?, on 27/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\hasona\My Documents\Downloads\Programs\zyzoom_avira9.exe
C:\DOCUME~1\hasona\LOCALS~1\Temp\RarSFX0\avcenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\hasona\LOCALS~1\Temp\RarSFX0\avscan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\hasona\My Documents\Downloads\Compressed\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: ????? ????? ?????? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ???? ????? Google (gupdate1c9c145d8c9da42) (gupdate1c9c145d8c9da42) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 5338 bytes
 
تأييد 0
التقريرين يا اخوانى
 
تأييد 0
كان عندك فيروسات وتم حذفها

وتقرير الهايجاك سليم

هل تواجه مشاكل حاليا ؟؟ِ
 
توقيع : فارس الملاك
تأييد 0
لا توجد مشاكل والحمد لله
 
تأييد 0
الحمد لله
 
توقيع : format
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى