تم حل المشكلة كيف اعرف ان الجهاز مخترق

الحالة
مغلق و غير مفتوح للمزيد من الردود.
أ

أحساس مجنون

زيزوومي نشيط
إنضم
20 نوفمبر 2007
المشاركات
115
مستوى التفاعل
1
النقاط
120
الإقامة
k.s.a
غير متصل
سلام عليكمِ
مسـآء الخيرِ
كيفكم .؟!

ياخواني احسس الجهاز مخترق كيف اعرف انه مخترق و لا ...؟! :er:
لاهنتو ابي اعرف له احلى تقييم ...
 

توقيع : أحساس مجنون
ترتيب حسب التاريخ ترتيب حسب الأصوات
هذا تقرير [هايجاك]
====


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:53:18 م, on 19/03/11
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Download Manager By MMZahyan\IDMan.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager By MMZahyan\IEMonitor.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager By MMZahyan\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager By MMZahyan\IEExt.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager By MMZahyan\IEGetAll.htm
O8 - Extra context menu item: تحميل الكل بواسطة بيتكومنت - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager By MMZahyan\IEExt.htm
O8 - Extra context menu item: تحميل بواسطة بيتكومنت - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager By MMZahyan\IEGetVL.htm
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
- C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

--
End of file - 5229 bytes


====

هذا تقرير [رن سكنر]

====

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : أحساس مجنون
تأييد 0
حملته لمن يخلص تحميل اضغط عليها تجي رساله هل تريد حذف برنامج المولويربايت من جهازك
احط لاِ , مايفتح البرنامج
 
توقيع : أحساس مجنون
تأييد 0
اعمل الفحص بالوضع الامن اخي
 
تأييد 0
====




Avira AntiVir Personal
Report file date: Sunday, March 20, 2011 00:30

Scanning for 2502953 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : EZEL-PC

Version information:
BUILD.DAT : 10.0.0.635 31822 Bytes 02/04/32 12:15:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 06/02/32 11:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 16/04/31 09:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 06/02/32 11:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 26/02/31 20:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 18/11/30 06:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 08/01/32 11:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 06/03/32 21:53:02
VBASE003.VDF : 7.11.3.1 2048 Bytes 06/03/32 21:53:02
VBASE004.VDF : 7.11.3.2 2048 Bytes 06/03/32 21:53:02
VBASE005.VDF : 7.11.3.3 2048 Bytes 06/03/32 21:53:02
VBASE006.VDF : 7.11.3.4 2048 Bytes 06/03/32 21:53:02
VBASE007.VDF : 7.11.3.5 2048 Bytes 06/03/32 21:53:03
VBASE008.VDF : 7.11.3.6 2048 Bytes 06/03/32 21:53:03
VBASE009.VDF : 7.11.3.7 2048 Bytes 06/03/32 21:53:03
VBASE010.VDF : 7.11.3.8 2048 Bytes 06/03/32 21:53:03
VBASE011.VDF : 7.11.3.9 2048 Bytes 06/03/32 21:53:03
VBASE012.VDF : 7.11.3.10 2048 Bytes 06/03/32 21:53:04
VBASE013.VDF : 7.11.3.59 157184 Bytes 11/03/32 21:53:05
VBASE014.VDF : 7.11.3.97 120320 Bytes 13/03/32 21:53:06
VBASE015.VDF : 7.11.3.148 128000 Bytes 16/03/32 21:53:07
VBASE016.VDF : 7.11.3.183 140288 Bytes 19/03/32 21:53:07
VBASE017.VDF : 7.11.3.216 124416 Bytes 21/03/32 21:53:08
VBASE018.VDF : 7.11.3.251 159232 Bytes 25/03/32 21:53:09
VBASE019.VDF : 7.11.4.33 148992 Bytes 27/03/32 21:53:10
VBASE020.VDF : 7.11.4.73 150016 Bytes 01/04/32 21:53:11
VBASE021.VDF : 7.11.4.108 122880 Bytes 03/04/32 21:53:12
VBASE022.VDF : 7.11.4.150 133120 Bytes 05/04/32 21:53:13
VBASE023.VDF : 7.11.4.183 122368 Bytes 09/04/32 07:30:27
VBASE024.VDF : 7.11.4.228 123392 Bytes 11/04/32 12:56:33
VBASE025.VDF : 7.11.4.229 2048 Bytes 11/04/32 12:56:33
VBASE026.VDF : 7.11.4.230 2048 Bytes 11/04/32 12:56:33
VBASE027.VDF : 7.11.4.231 2048 Bytes 11/04/32 12:56:33
VBASE028.VDF : 7.11.4.232 2048 Bytes 11/04/32 12:56:33
VBASE029.VDF : 7.11.4.233 2048 Bytes 11/04/32 12:56:34
VBASE030.VDF : 7.11.4.234 2048 Bytes 11/04/32 12:56:34
VBASE031.VDF : 7.11.5.1 87040 Bytes 13/04/32 21:29:22
Engineversion : 8.2.4.188
AEVDF.DLL : 8.1.2.1 106868 Bytes 06/02/32 11:23:26
AESCRIPT.DLL : 8.1.3.57 1261947 Bytes 12/04/32 13:00:34
AESCN.DLL : 8.1.7.2 127349 Bytes 06/02/32 11:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 06/02/32 11:23:26
AERDL.DLL : 8.1.9.8 639346 Bytes 10/04/32 07:30:55
AEPACK.DLL : 8.2.4.12 520567 Bytes 10/04/32 07:30:52
AEOFFICE.DLL : 8.1.1.17 205177 Bytes 08/04/32 21:53:23
AEHEUR.DLL : 8.1.2.87 3371383 Bytes 12/04/32 13:00:00
AEHELP.DLL : 8.1.16.1 246134 Bytes 08/04/32 21:53:19
AEGEN.DLL : 8.1.5.3 397684 Bytes 12/04/32 12:57:26
AEEMU.DLL : 8.1.3.0 393589 Bytes 06/02/32 11:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 08/04/32 21:53:17
AEBB.DLL : 8.1.1.0 53618 Bytes 06/02/32 11:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 06/02/32 11:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 06/02/32 11:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 05/07/31 11:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 06/02/32 11:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 06/02/32 11:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 06/02/32 11:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 06/02/32 11:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 05/07/31 11:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 06/02/32 11:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 05/07/31 11:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 13/02/31 10:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 06/02/32 11:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Sunday, March 20, 2011 00:30

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '76' Module(s) have been scanned
Scan process 'avscan.exe' - '28' Module(s) have been scanned
Scan process 'taskhost.exe' - '27' Module(s) have been scanned
Scan process 'explorer.exe' - '171' Module(s) have been scanned
Scan process 'plugin-container.exe' - '75' Module(s) have been scanned
Scan process 'firefox.exe' - '145' Module(s) have been scanned
Scan process 'wuauclt.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '108' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '59' Module(s) have been scanned
Scan process 'IEMonitor.exe' - '32' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '29' Module(s) have been scanned
Scan process 'IDMan.exe' - '60' Module(s) have been scanned
Scan process 'avgnt.exe' - '70' Module(s) have been scanned
Scan process 'KeyScrambler.exe' - '34' Module(s) have been scanned
Scan process 'igfxpers.exe' - '32' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxtray.exe' - '29' Module(s) have been scanned
Scan process 'taskhost.exe' - '50' Module(s) have been scanned
Scan process 'Dwm.exe' - '32' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'avshadow.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '31' Module(s) have been scanned
Scan process 'avguard.exe' - '69' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Scan process 'spoolsv.exe' - '78' Module(s) have been scanned
Scan process 'svchost.exe' - '91' Module(s) have been scanned
Scan process 'svchost.exe' - '81' Module(s) have been scanned
Scan process 'svchost.exe' - '155' Module(s) have been scanned
Scan process 'svchost.exe' - '112' Module(s) have been scanned
Scan process 'svchost.exe' - '94' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'lsass.exe' - '67' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '357' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\' <DATA>
Begin scan in 'E:\' <DATA>


End of the scan: Sunday, March 20, 2011 00:59
Used time: 29:30 Minute(s)

The scan has been done completely.

20099 Scanned directories
331255 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
331255 Files not concerned
1343 Archives were scanned
0 Warnings
0 Notes
363760 Objects were scanned with rootkit scan
0 Hidden objects were found




====
 
توقيع : أحساس مجنون
تأييد 0
تأييد 0
توقيع : أحساس مجنون
تأييد 0
يعني هذا الفيس طبق اللي هو مقتبسه :d:

هو مقتبس لك الاول تحمل برنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
ثم تدخل للوضع الامن من هنا >>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
تأييد 0
rd-19 قال:
يعني هذا الفيس طبق اللي هو مقتبسه :d:

هو مقتبس لك الاول تحمل برنامج
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
ثم تدخل للوضع الامن من هنا >>
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
أنقر للتوسيع...


اها مالووير بايت حملته لمن اضغط على كلمة لا مايفتحِ حملته اكثر من اربع مرات نفسس شي
انا جهازي ويندوز سبعه لمن سويت رستارت و ضغط على اف 8 جاتني شاشه سوادء
 
توقيع : أحساس مجنون
تأييد 0
توقيع : أحساس مجنون
تأييد 0
بس تدخل بالوضع الامن اعمل فحص المالوير بايت
 
تأييد 0
توقيع : أحساس مجنون
تأييد 0
الحين انتهي من الفحص
 
توقيع : أحساس مجنون
تأييد 0
هات التقرير حسب الشرح
 
تأييد 0
توقيع : أحساس مجنون
تأييد 0
الجهاز سليم اخي

هل من ملاحظات اخرى ؟
 
تأييد 0
توقيع : أحساس مجنون
تأييد 0
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى