من فضلك قم بتحديث الصفحة لمشاهدة المحتوى المخفي
السلام عليكم ورحمة الله وبركاته
لدي مشكلة بظهور نافذة وهي التالية
وهذا تقرير الهايجك لو كانت لدي مشاكل أخرى وجزاكم الله كل خير
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 05:50:00 م, on 15/02/19
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19101)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Cybereason\RansomFree\CybereasonRansomFree.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\Downloads\Compressed\HiJackThis.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Eraser] "C:\Program Files\Eraser\Eraser.exe" -atRestart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCAVInstaller] wscript.exe "C:\Users\Lenovo\AppData\Local\Temp\CCAVInstaller.vbs"
O4 - HKCU\..\Run: [Google Update] C:\Users\Lenovo\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - Global Startup: Avast SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\Vpn.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O17 - HKLM\System\CS2\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Ransomware Defender (AvSrv Ransomware Defender) - Unknown owner - C:\Program Files\Ransomware Defender\ServiceInstaller.exe
O23 - Service: Ransomware Defender Update Service (AvUpdSrv Ransomware Defender) - Unknown owner - C:\Program Files\Ransomware Defender\UpdaterSvc.exe
O23 - Service: DiskDrill Watcher (cfbackd) - CleverFiles - C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Cybereason RansomFree Engine (CybereasonRansomFree) - Cybereason - C:\Program Files\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Malwarebytes Anti-Ransomware Service (MB3Service) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Ransomware\mb3service.exe
O23 - Service: Avast SecureLine (SecureLine) - AVAST Software - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
--
End of file - 7824 bytes
لدي مشكلة بظهور نافذة وهي التالية
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
وهذا تقرير الهايجك لو كانت لدي مشاكل أخرى وجزاكم الله كل خير
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 05:50:00 م, on 15/02/19
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19101)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Cybereason\RansomFree\CybereasonRansomFree.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\Downloads\Compressed\HiJackThis.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lenovo\AppData\Local\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Eraser] "C:\Program Files\Eraser\Eraser.exe" -atRestart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCAVInstaller] wscript.exe "C:\Users\Lenovo\AppData\Local\Temp\CCAVInstaller.vbs"
O4 - HKCU\..\Run: [Google Update] C:\Users\Lenovo\AppData\Local\Google\Update\1.3.33.23\GoogleUpdateCore.exe
O4 - Global Startup: Avast SecureLine.lnk = C:\Program Files\AVAST Software\SecureLine\Vpn.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O17 - HKLM\System\CS1\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O17 - HKLM\System\CS2\Services\Tcpip\..\{280EA79A-54CC-42F3-81E0-F29C422B34A5}: NameServer = 77.234.40.79
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Ransomware Defender (AvSrv Ransomware Defender) - Unknown owner - C:\Program Files\Ransomware Defender\ServiceInstaller.exe
O23 - Service: Ransomware Defender Update Service (AvUpdSrv Ransomware Defender) - Unknown owner - C:\Program Files\Ransomware Defender\UpdaterSvc.exe
O23 - Service: DiskDrill Watcher (cfbackd) - CleverFiles - C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Cybereason RansomFree Engine (CybereasonRansomFree) - Cybereason - C:\Program Files\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: خدمة iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Malwarebytes Anti-Ransomware Service (MB3Service) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Ransomware\mb3service.exe
O23 - Service: Avast SecureLine (SecureLine) - AVAST Software - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
--
End of file - 7824 bytes
