|
#1
10-09-2011
|
||||
|
||||
مساعدة في معرفة جهازي سليم ام مخترق !؟
السلام عليكم قبل يومين اميلي انسرق فجأة وما شفت اي تغييرات في جهازي فشكيت في الموضوع كيف سرقه وانا حاط معلومات قوية حتى الباسوورد ما يقل عن 18 رقم وحرف ورمز والاميل البديل عارفه وشغال عليه وباقي البيانات اعرفها طبعاً الحمد لله كلمت الشركة ورجعوه لي لكن لحد الآن لم افهم كيف سرقه :?: المهم اذا ممكن تشوفون لي جهازي سليم ام لا اقتباس: logfile of trend micro hijackthis v2.0.4 scan saved at 11:39:45 ص, on 09/10/11 platform: Windows 7 sp1 (winnt 6.00.3505) msie: Internet explorer v8.00 (8.00.7601.17514) boot mode: Normal running processes: C:\program files (x86)\internet download manager\idman.exe c:\program files (x86)\internet download manager\iemonitor.exe c:\program files (x86)\yuna software\messenger plus!\plusservice.exe c:\program files (x86)\vmware\vmware workstation\vmware-tray.exe c:\program files (x86)\windows live\messenger\msnmsgr.exe c:\program files (x86)\windows live\contacts\wlcomm.exe c:\program files (x86)\internet explorer\iexplore.exe c:\program files (x86)\internet explorer\iexplore.exe c:\windows\syswow64\macromed\flash\flashutil10x_ac tivex.exe c:\program files (x86)\internet explorer\iexplore.exe c:\zyzoom_forum_tools\zyzoom.exe c:\zyzoom_forum_tools\zhijak.com r1 - hkcu\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896 r1 - hklm\software\microsoft\internet explorer\main,default_page_url = http://go.microsoft.com/fwlink/?linkid=69157 r1 - hklm\software\microsoft\internet explorer\main,default_search_url = http://go.microsoft.com/fwlink/?linkid=54896 r1 - hklm\software\microsoft\internet explorer\main,search page = http://go.microsoft.com/fwlink/?linkid=54896 r0 - hklm\software\microsoft\internet explorer\main,start page = http://go.microsoft.com/fwlink/?linkid=69157 r0 - hklm\software\microsoft\internet explorer\search,searchassistant = r0 - hklm\software\microsoft\internet explorer\search,customizesearch = r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm r1 - hkcu\software\microsoft\windows\currentversion\int ernet settings,proxyoverride = local;*.local r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = f2 - reg:system.ini: Userinit=userinit.exe o2 - bho: Idm helper - {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files (x86)\internet download manager\idmiecc.dll o2 - bho: Acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll o2 - bho: Groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~3\office14\grooveex.dll o2 - bho: مساعد تسجيل الدخول إلى معرف windows live - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll o2 - bho: Windows live messenger companion helper - {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files (x86)\windows live\companion\companioncore.dll o2 - bho: Urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~3\office14\urlredir.dll o2 - bho: Java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll o4 - hklm\..\run: [plusservice] c:\program files (x86)\yuna software\messenger plus!\plusservice.exe o4 - hklm\..\run: [switchboard] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe o4 - hklm\..\run: [adobecs5servicemanager] "c:\program files (x86)\common files\adobe\cs5servicemanager\cs5servicemanager.ex e" -launchedbylogin o4 - hklm\..\run: [vmware-tray] "c:\program files (x86)\vmware\vmware workstation\vmware-tray.exe" o4 - hkcu\..\run: [idman] c:\program files (x86)\internet download manager\idman.exe /onboot o4 - hkcu\..\run: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background o4 - hkcu\..\run: [sidebar] c:\program files\windows sidebar\sidebar.exe /autorun o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service') o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service') o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service') o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service') o8 - extra context menu item: Download with imtoo iphone transfer platinum - c:\program files (x86)\imtoo\iphone transfer platinum\upod_link.htm o8 - extra context menu item: إر&سال إلى onenote - res://c:\progra~1\micros~3\office14\onbttnie.dll/105 o8 - extra context menu item: ت&صدير إلى microsoft excel - res://c:\progra~1\micros~3\office14\excel.exe/3000 o8 - extra context menu item: تحميل الكل بواسطة internet download manager - c:\program files (x86)\internet download manager\iegetall.htm o8 - extra context menu item: تحميل بواسطة internet download manager - c:\program files (x86)\internet download manager\ieext.htm o9 - extra button: @c:\program files (x86)\windows live\companion\companionlang.dll,-600 - {0000036b-c524-4050-81a0-243669a86b9f} - c:\program files (x86)\windows live\companion\companioncore.dll o9 - extra button: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll o9 - extra 'tools' menuitem: @c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files (x86)\windows live\writer\writerbrowserextension.dll o9 - extra button: إرسال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll o9 - extra 'tools' menuitem: إر&سال إلى onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\program files (x86)\microsoft office\office14\onbttnie.dll o9 - extra button: ملاحظات onenote الم&رتبطة - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll o9 - extra 'tools' menuitem: ملاحظات onenote الم&رتبطة - {789fe86f-6fc4-46a1-9849-ede0db0c95ca} - c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll o9 - extra button: بحث - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~2\micros~3\office11\refiebar.dll o10 - unknown file in winsock lsp: C:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll o10 - unknown file in winsock lsp: C:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll o10 - unknown file in winsock lsp: C:\windows\system32\vsocklib.dll o10 - unknown file in winsock lsp: C:\windows\system32\vsocklib.dll o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab o18 - protocol: Wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files (x86)\windows live\photo gallery\albumdownloadprotocolhandler.dll o23 - service: Adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing) o23 - service: Apple mobile device - apple inc. - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe o23 - service: Bonjour service - apple inc. - c:\program files (x86)\bonjour\mdnsresponder.exe o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing) o23 - service: Ipod service - apple inc. - c:\program files\ipod\bin\ipodservice.exe o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing) o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing) o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing) o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing) o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing) o23 - service: Switchboard - adobe systems incorporated - c:\program files (x86)\common files\adobe\switchboard\switchboard.exe o23 - service: Tuneup utilities service (tuneup.utilitiessvc) - tuneup software - c:\program files (x86)\tuneup utilities 2011\tuneuputilitiesservice64.exe o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing) o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing) o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing) o23 - service: Vmware authorization service (vmauthdservice) - vmware, inc. - c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe o23 - service: Vmware dhcp service (vmnetdhcp) - vmware, inc. - c:\windows\system32\vmnetdhcp.exe o23 - service: Vmware usb arbitration service (vmusbarbservice) - vmware, inc. - c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator64.exe o23 - service: Vmware nat service - vmware, inc. - c:\windows\system32\vmnat.exe o23 - service: Vmware workstation server (vmwarehostd) - unknown owner - c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing) o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing) o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing) o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing) -- end of file - 10612 bytes الموضوع الأساسي: مساعدة في معرفة جهازي سليم ام مخترق !؟ المصدر: زيزوووم للأمن والحماية أكثر... |
| مواقع النشر (المفضلة) |
|
|
المواضيع المتشابهه
|
||||
| الموضوع | كاتب الموضوع | المنتدى | مشاركات | آخر مشاركة |
| اريد معرفة اذا جهازي مخترق اولا | RSS | Arabic Rss | 0 | 10-01-2011 03:40 AM |
| مساعدة في معرفة ما إذا كان جهازي يقبل الترقية إلى 64 بت | RSS | Arabic Rss | 0 | 06-25-2011 08:30 PM |
| مساعدة كيف اعرف جهازي مخترق ..؟ | RSS | Arabic Rss | 0 | 06-22-2011 10:23 AM |
| مساعدة على معرفة جهازي مخترق ام لا | RSS | Arabic Rss | 0 | 06-14-2011 02:40 PM |
| مساعدة هل جهازي مخترق؟؟؟ | RSS | Arabic Rss | 0 | 04-06-2011 01:30 PM |
|
|
العرض الشجري