السلام عليكم

قبل يومين اميلي انسرق فجأة وما شفت اي تغييرات في جهازي فشكيت في الموضوع كيف سرقه

وانا حاط معلومات قوية حتى الباسوورد ما يقل عن 18 رقم وحرف ورمز والاميل البديل عارفه وشغال عليه وباقي البيانات اعرفها

طبعاً الحمد لله كلمت الشركة ورجعوه لي لكن لحد الآن لم افهم كيف سرقه :?:

المهم اذا ممكن تشوفون لي جهازي سليم ام لا

اقتباس:
logfile of trend micro hijackthis v2.0.4
scan saved at 11:39:45 ص, on 09/10/11
platform: Windows 7 sp1 (winnt 6.00.3505)
msie: Internet explorer v8.00 (8.00.7601.17514)
boot mode: Normal
running processes:
C:\program files (x86)\internet download manager\idman.exe
c:\program files (x86)\internet download manager\iemonitor.exe
c:\program files (x86)\yuna software\messenger plus!\plusservice.exe
c:\program files (x86)\vmware\vmware workstation\vmware-tray.exe
c:\program files (x86)\windows live\messenger\msnmsgr.exe
c:\program files (x86)\windows live\contacts\wlcomm.exe
c:\program files (x86)\internet explorer\iexplore.exe
c:\program files (x86)\internet explorer\iexplore.exe
c:\windows\syswow64\macromed\flash\flashutil10x_ac tivex.exe
c:\program files (x86)\internet explorer\iexplore.exe
c:\zyzoom_forum_tools\zyzoom.exe
c:\zyzoom_forum_tools\zhijak.com
r1 - hkcu\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896
r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896
r0 - hklm\software\microsoft\internet explorer\main,start page = http://go.microsoft.com/fwlink/?linkid=69157
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\int ernet settings,proxyoverride = local;*.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: Userinit=userinit.exe
o2 - bho: Idm helper - {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files (x86)\internet download manager\idmiecc.dll
o2 - bho: Acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: Groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~3\office14\grooveex.dll
o2 - bho: مساعد تسجيل الدخول إلى معرف windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: Windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll
o2 - bho: Urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~3\office14\urlredir.dll
o2 - bho: Java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
o4 - hklm\..\run: [plusservice] c:\program files (x86)\yuna software\messenger plus!\plusservice.exe
o4 - hklm\..\run: [switchboard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
o4 - hklm\..\run: [adobecs5servicemanager] "c:\program files (x86)\common files\adobe\cs5servicemanager\cs5servicemanager.ex e" -launchedbylogin
o4 - hklm\..\run: [vmware-tray] "c:\program files (x86)\vmware\vmware workstation\vmware-tray.exe"
o4 - hkcu\..\run: [idman] c:\program files (x86)\internet download manager\idman.exe /onboot
o4 - hkcu\..\run: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o8 - extra context menu item: Download with imtoo iphone transfer platinum - c:\program files (x86)\imtoo\iphone transfer platinum\upod_link.htm
o8 - extra context menu item: إر&سال إلى onenote - res://c:\progra~1\micros~3\office14\onbttnie.dll/105
o8 - extra context menu item: ت&صدير إلى microsoft excel - res://c:\progra~1\micros~3\office14\excel.exe/3000
o8 - extra context menu item: تحميل الكل بواسطة internet download manager - c:\program files (x86)\internet download manager\iegetall.htm
o8 - extra context menu item: تحميل بواسطة internet download manager - c:\program files (x86)\internet download manager\ieext.htm
o9 - extra button: @c:\program files (x86)\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files (x86)\windows live\companion\companioncore.dll
o9 - extra button: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll
o9 - extra button: إرسال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra 'tools' menuitem: إر&سال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll
o9 - extra button: ملاحظات onenote الم&رتبطة - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra 'tools' menuitem: ملاحظات onenote الم&رتبطة - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll
o9 - extra button: بحث - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~2\micros~3\office11\refiebar.dll
o10 - unknown file in winsock lsp: C:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: C:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: C:\windows\system32\vsocklib.dll
o10 - unknown file in winsock lsp: C:\windows\system32\vsocklib.dll
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
o18 - protocol: Wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll
o23 - service: Adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: Apple mobile device - apple inc. - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: Bonjour service - apple inc. - c:\program files (x86)\bonjour\mdnsresponder.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: Ipod service - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: Switchboard - adobe systems incorporated - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
o23 - service: Tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files (x86)\tuneup utilities 2011\tuneuputilitiesservice64.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: Vmware authorization service (vmauthdservice) - vmware, inc. - c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe
o23 - service: Vmware dhcp service (vmnetdhcp) - vmware, inc. - c:\windows\system32\vmnetdhcp.exe
o23 - service: Vmware usb arbitration service (vmusbarbservice) - vmware, inc. - c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator64.exe
o23 - service: Vmware nat service - vmware, inc. - c:\windows\system32\vmnat.exe
o23 - service: Vmware workstation server (vmwarehostd) - unknown owner - c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 10612 bytes