Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09
.gif "N Aggressive (27)")
03 ب.ظ, on 2012/03/23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20583)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft (MRT)\Alcohol 120
\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hotspot Shield\bin\openvpntray.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\portabl\Free Download Manager\fdm.exe
c:\progra~1\thekmp~1\kmplayer.exe
D:\HHAMMID\Downloads\Software\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
=
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
[ برای مشاهده لینک ، با نام کاربری خود وارد شوید یا ثبت نام کنید ]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-
502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Ashampoo US Toolbar - {124d001a-bdcb-472f-aa59-
bbe7e4bc3204} - C:\Program Files\Ashampoo_US\prxtbAsha.dll
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-
d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O2 - BHO: Ashampoo US - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} -
C:\Program Files\Ashampoo_US\prxtbAsha.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} -
C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-
8377850BF205} - D:\portabl\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} -
C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-
9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0
Runtime\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
- C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-
4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ashampoo US Toolbar - {124d001a-bdcb-472f-aa59-
bbe7e4bc3204} - C:\Program Files\Ashampoo_US\prxtbAsha.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-
d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut]
HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog
Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir
Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program
Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"
/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32
\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Samsung Common SM]
"C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u
shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u
shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
(User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u
shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
(User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u
shell32 (User 'Default user')
O8 - Extra context menu item: Download all with Free Download Manager -
file://D:\portabl\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download
Manager - file://D:\portabl\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager
- file://D:\portabl\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager -
file://D:\portabl\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-
4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9DCE7C59-E3E2-47C0-947C-
A3040F1326BB}: NameServer = 4.2.2.4,89.165.0.14
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7458D99-C2D4-47A0-9182-
0D8FFF1B7166}: NameServer = 89.165.0.13 89.165.0.14
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-
B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -
{8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32
\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) -
Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH -
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner -
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree
Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown
owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown
owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle
Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket
Division Software - C:\Program Files\Alcohol Soft (MRT)\Alcohol 120
\StarWind\StarWindService.exe
--
End of file - 8522 bytes
جواب بصورت نقل قول