تم حل المشكلة هل جهازي مخترق ..؟!!

الحالة
مغلق و غير مفتوح للمزيد من الردود.
شــوق

شــوق

زيزوومى متألق
إنضم
15 يونيو 2009
المشاركات
296
مستوى التفاعل
6
النقاط
360
غير متصل
السسسسسلام عليكم



كيفكم ان شاءالله بخير


فيني ششك ابيكم تساعدوني افحص الاجهاز


امانه ساعدوني
 

أفحص بهذا البرنامج وعند ما تقوم بتنزيله اضغط threat scan

[hide]
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
[/hide]
 
توقيع : The MonSteR
توقيع : Mr.AzOz
تقرير هايجاك



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:21:12, on 10/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\ManyCam 2.4\ManyCam.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Paltalk Messenger\paltalk.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ??C?I E???? C?II?? ??? ???? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: iToolsBHO - {E1499FE7-129D-4B6E-B681-DDF21E14172C} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam 2.4\ManyCam.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\SCC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe -update plugin (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe -update plugin (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe -update plugin (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-2583142430-3372316264-318875137-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: MorphVOX.lnk = C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe (User '?')
O4 - S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 Startup: MorphVOX.lnk = C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe (User '?')
O4 - S-1-5-21-2583142430-3372316264-318875137-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 Startup: MorphVOX.lnk = C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe (User '?')
O4 - Startup: MorphVOX.lnk = C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ???C? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: ??&?C? ??? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira C???C?E C?A??E C???E??E (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: II?E Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: II?E Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17092 bytes
 
تقرير هايجاك




====== معلومات نظام التشغيل ======
X64 WIN_7 7601 Service Pack 1

====== قائمة البرامج المثبتة ======
A73 Piano Station
Acoustica MP3 Audio Mixer
Adobe AIR
Adobe AIR
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Photoshop CS
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.1
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 9.10
Avira Free Antivirus
CCleaner
COWON Media Center - jetAudio Basic VX
D3DX10
Elcomsoft Phone Password Breaker
FastStone Capture 7.1
FormatFactory 3.2.1.0
Free Hide IP
Golden Al-Wafi Translator
GOM Player
Google Earth
Google Update Helper
Hotspot Shield 3.18
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
KeyScrambler
Malwarebytes Anti-Malware النسخة 2.0.3.1025
ManyCam 2.4 (remove only)
Mesh Runtime
Messenger Companion
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 33.0.3 (x86 ar)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
Paltalk Messenger 11.4
PhoneClean 3.3.0
PowerDVD
QuickTime 7
RocketDock 1.3.5
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2883031) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2883032) 32-Bit Edition
Skype Click to Call
Skype™ 6.21
SWiSHmax
swMSM
TeamViewer 9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899475) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
VLC media player
Wedding Album Maker Gold 3.52
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 2.6
WinRAR archiver
بريد Windows Live
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
معرض صور Windows Live
 
ماالوير باايتس





Malwarebytes Anti-Malware
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Scan Date: 10/11/2014
Scan Time: 02:46:12
Logfile: jkk.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.09.08
Rootkit Database: v2014.11.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: SCC
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 629347
Time Elapsed: 3 hr, 22 min, 19 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 1
PUP.Optional.ArabyOnline.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
, Good: (
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
), Bad: (
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
,[a9aba990106cba7c111b1131c243738d]
Folders: 1
PUP.Optional.ARHome.A, C:\Users\SCC\AppData\Roaming\ARHome, Quarantined, [d77db782bdbfa39340ed33ee659e9a66],
Files: 3
PUP.Optional.ARHome.A, C:\Users\SCC\AppData\Roaming\ARHome\qhnsjt.dat, Quarantined, [d77db782bdbfa39340ed33ee659e9a66],
PUP.Optional.ARHome.A, C:\Users\SCC\AppData\Roaming\ARHome\Updater.exe, Quarantined, [d77db782bdbfa39340ed33ee659e9a66],
PUP.Optional.ArabyOnline.A, C:\Users\SCC\AppData\Roaming\Mozilla\Firefox\Profiles\jc3yn5f5.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
");), Replaced,[7dd76fca681420169beff385b64fd62a]
Physical Sectors: 0
(No malicious items detected)

(end)
 
جهازك سليم ..
اي استفسارات اخرى ؟
 
توقيع : Mr.AzOz
تسلملي اخوي

بس لسى احس ان فيه اختراق شو اعمل ؟؟
فيه فحص ثاني منشان اتاكد اكثر ؟؟
 
كمااااااااااان جهازي يعلق كثير يطلع لا يستجيب بس من يومين هيك شو اعمممل
 
توقيع : Mr.AzOz
عفوا ما أنتبهت أنك وضعت التقرير مسبقاً ..

احذف البرامج التاليه ..

RocketDock 1.3.5
TeamViewer 9
A73 Piano Station
COWON Media Center - jetAudio Basic VX
FastStone Capture 7.1
Free Hide IP
Hotspot Shield 3.18
Malwarebytes Anti-Malware
QuickTime 7

ثم اعمل التالي بعد حذف البرامج ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
 
توقيع : Mr.AzOz
اول اداة


# AdwCleaner v4.101 - Report created 10/11/2014 at 19:38:13
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Home Basic Service Pack 1 (64 bits)
# Username : SCC - SCC-PC9983
# Running from : C:\Users\SCC\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\baidu
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\SCC\AppData\Local\Pokki
Folder Deleted : C:\Users\SCC\AppData\Local\webplayer
Folder Deleted : C:\Users\SCC\AppData\Local\CrashRpt
Folder Deleted : C:\Users\SCC\AppData\Local\Temp\hotspot shield
Folder Deleted : C:\Users\SCC\AppData\Roaming\baidu
Folder Deleted : C:\Users\SCC\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\SCC\AppData\Roaming\VolIE
File Deleted : C:\Users\SCC\AppData\Roaming\Mozilla\Firefox\Profiles\jc3yn5f5.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : BackgroundContainer Startup Task
Task Deleted : LaunchSignup
***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B1D7E518-15F2-45E5-8DEF-0FEA0BB19909}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\ARHome
Key Deleted : HKCU\Software\NoVooITSet
Key Deleted : HKCU\Software\Vonteera Safe ads
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ARHome
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v33.0.3 (x86 ar)

-\\ Google Chrome v

*************************
AdwCleaner[R0].txt - [3340 octets] - [10/11/2014 19:36:07]
AdwCleaner[S0].txt - [2988 octets] - [10/11/2014 19:38:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3048 octets] ##########
 
توقيع : Mr.AzOz
تفضضضضل




Start-Up Items; List generated by Start-Up Tool.
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ManyCam
Name:ManyCam
Command:"C:\Program Files (x86)\ManyCam 2.4\ManyCam.exe"
Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:ManyCam Application
Company:ManyCam LLC


Google Update
Name:Google Update
Command:"C:\Users\SCC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:مثبِّت Google
Company:Google Inc.


avgnt
Name:avgnt
Command:"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:Avira system tray application
Company:Avira Operations GmbH & Co. KG


RemoteControl
Name:RemoteControl
Command:"C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:PowerDVD RC Service
Company:Cyberlink Corp.


LanguageShortcut
Name:LanguageShortcut
Command:"C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:Language Application
Company:n/a


KeyScrambler
Name:KeyScrambler
Command:C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:KeyScrambler
Company:QFX Software Corporation


GrooveMonitor
Name:GrooveMonitor
Command:"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:GrooveMonitor Utility
Company:Microsoft Corporation


Adobe ARM
Name:Adobe ARM
Command:"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:Adobe Reader and Acrobat Manager
Company:Adobe Systems Incorporated


SunJavaUpdateSched
Name:SunJavaUpdateSched
Command:"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:Java(TM) Update Scheduler
Company:Oracle Corporation


iTunesHelper
Name:iTunesHelper
Command:"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Status:enabled
Description:iTunesHelper
Company:Apple Inc.


Adobe Gamma Loader.lnk
Name:Adobe Gamma Loader.lnk
Command:C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE
LinkPath:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
Status:enabled
Description:Adobe Gamma Loader
Company:Adobe Systems, Inc.
 
من أداة StartUp ..

قم بإلغاء علامة الصح من امام هذه البرامج ..

Google Update
ManyCam
RemoteControl
LanguageShortcut
KeyScrambler
GrooveMonitor
Adobe ARM
SunJavaUpdateSched
iTunesHelper
Adobe Gamma Loader.lnk

ثم اضغط ع Apply ..

ثم ..

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبلغنا اخر النتايج :]
 
توقيع : Mr.AzOz
طلعت ملفات كثير كانه مظلل عليها خفيف شو اعمل احذفها ؟؟
 
الحالة
مغلق و غير مفتوح للمزيد من الردود.
عودة
أعلى