ماأدري مخترق او لا !

السلام عليكم ورحمة الله


ودي اعرف هل جهازي مخترق او لاا !!


- تقرير 1 -

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:00:00 ص, on 18/12/10
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Real\realplayer\Update\realsched.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Admin\Desktop\Zyzoom_HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus Live UAE Toolbar - {685d78fc-4e0c-4be1-85a2-cd6674d41c19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\tbMes1.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \IE\rpbrowserrecordplugin.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O2 - BHO: Messenger Plus Live UAE Toolbar - {685d78fc-4e0c-4be1-85a2-cd6674d41c19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\tbMes1.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Messenger Plus Live UAE Toolbar - {685d78fc-4e0c-4be1-85a2-cd6674d41c19} - C:\Program Files\Messenger_Plus_Live_Saudi_Arabia\tbMes1.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll
O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~1\TEXTAL~1\TAForIE.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Program Files\IsoBuster\tbIsoB.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Maintenance
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
--
End of file - 8169 bytes


................

- تقرير 2 -

µTorrent
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS
Adobe Reader 9.3
Ask Toolbar
Ask.com Search Assistant 1.0.2
AV Bros. Page Curl 2.0 (Remove Only)
Bing Bar
Bing Bar Platform
BOOKcase 4.0
Brick Break V2.1
Cambridge Learner's Dictionary SAMPLE
Cambridge University Press promotional CD-ROM
D3DX10
Dynamic-Photo HDR Trial 3.43
Easy GIF Animator 5.0
English
FormatFactory 2.20
Google Talk (remove only)
HijackThis 2.0.2
IsoBuster 2.8
IsoBuster Toolbar
J2SE Runtime Environment 5.0 Update 7
Junk Mail filter update
K-Lite Codec Pack 4.7.5 (Full)
Mesh Runtime
Messenger Companion
Messenger Plus! Live
MessengerDiscovery 2.1.79
MessengerDiscovery 2.5.95
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Mosaizer Pro v8.0
MSVCRT
NOD32 antivirus system
NOD32 FiX v2.1
NVIDIA Drivers
Photo to Sketch Pro 3.51
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.0
Restorator 2007 Trial Update 2
Rhapsody Player Engine
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office Outlook 2007 (KB980376)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office Publisher 2007 (KB982124)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
Shockwave
Softonic-Eng7 Toolbar
TextAloud
The KMPlayer 2.9.4.1434
Topaz Vivacity
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Outlook 2007 Junk Email Filter (kb2279264)
vReveal
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
Zwunzi 1.0 build 149
بريد Windows Live
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
معرض صور Windows Live
موسوعة الفطائر والمعجنات


............


Start-Up Items; List generated by Start-Up Tool. http://Soft.EM-TNT.com

msnmsgr

Name:msnmsgrCommand:"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundReg_Path:HKEY_CURRENT_USER\Software\Micr osoft\Windows\CurrentVersion\RunStatus:enabledDescription:Windows Live MessengerCompany:Microsoft Corporation


uTorrent

Name:uTorrentCommand:"C:\Program Files\uTorrent\uTorrent.exe"Reg_Path:HKEY_CURRENT_ USER\Software\Microsoft\Windows\CurrentVersion\Run Status:enabledDescription:µTorrentCompany:BitTorrent, Inc.


nod32kui

Name:nod32kuiCommand:"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICEReg_Path:HKEY_LOCAL_MACHINE\Software\Mi crosoft\Windows\CurrentVersion\RunStatus:enabledDescription:NOD32 Control Center GUICompany:Eset


NvCplDaemon

Name:NvCplDaemonCommand:RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartupReg_Path:HK EY_LOCAL_MACHINE\Software\Microsoft\Windows\Curren tVersion\RunStatus:enabledDescription:n/aCompany:n/a


NvMediaCenter

Name:NvMediaCenterCommand:RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInitReg_ Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows \CurrentVersion\RunStatus:enabledDescription:n/aCompany:n/a


NVHotkey

Name:NVHotkeyCommand:rundll32.exe C:\Windows\system32\nvHotkey.dll,StartReg_Path:HKE Y_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\RunStatus:enabledDescription:n/aCompany:n/a


googletalk

Name:googletalkCommand:C:\Program Files\Google\Google Talk\googletalk.exe /autostartReg_Path:HKEY_LOCAL_MACHINE\Software\Micr osoft\Windows\CurrentVersion\RunStatus:enabledDescription:Google TalkCompany:Google


Adobe Reader Speed Launcher

Name:Adobe Reader Speed LauncherCommand:"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"Reg_Path:HKEY_LOCAL_MACHI NE\Software\Microsoft\Windows\CurrentVersion\RunSt atus:enabledDescription:Adobe Acrobat SpeedLauncherCompany:Adobe Systems Incorporated


Adobe ARM

Name:Adobe ARMCommand:"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"Reg_Path:HKEY_LOC AL_MACHINE\Software\Microsoft\Windows\CurrentVersi on\RunStatus:enabledDescription:Adobe Reader and Acrobat ManagerCompany:Adobe Systems Incorporated


UpdateReminder

Name:UpdateReminderCommand:C:\Program Files\Eset\UpdateReminder.exeReg_Path:HKEY_LOCAL_M ACHINE\Software\Microsoft\Windows\CurrentVersion\R unStatus:enabledDescription:ESET Update ReminderCompany:ESET, spol. s r.o.


TkBellExe

Name:TkBellExeCommand:"C:\Program Files\Real\realplayer\update\realsched.exe" -osbootReg_Path:HKEY_LOCAL_MACHINE\Software\Microso ft\Windows\CurrentVersion\RunStatus:enabledDescription:RealNetworks SchedulerCompany:RealNetworks, Inc.


OneNote 2007 Screen Clipper and Launcher.lnk

Name:OneNote 2007 Screen Clipper and Launcher.lnkCommand:C:\PROGRA~1\MICROS~2\Office12\ ONENOTEM.EXE/tsrLinkPath:C:\Users\Admin\AppData\Roaming\Microso ft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnkStatus:enabledDescription:Microsoft Office OneNote Quick LauncherCompany:Microsoft Corporation


Adobe Gamma Loader.lnk

Name:Adobe Gamma Loader.lnkCommand:C:\PROGRA~1\COMMON~1\Adobe\CALIB R~1\ADOBEG~1.EXELinkPath:C:\ProgramData\Microsoft\ Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnkStatus:enabledDescription:Adobe Gamma LoaderCompany:Adobe Systems, Inc.






تقرير runscanner







وشكراً سلفاً :b:




. .








أكثر...