Mohamed Arfat

زيزوومي جديد
إنضم
22 سبتمبر 2014
المشاركات
62
مستوى التفاعل
11
النقاط
90
غير متصل
السلام عليكم
اخواني ممكن حل لمشلة regsvr32 أداه لاسترجاع الملفات او أي شئ
وشكرا
 

عليكم السلام ورحمه الله
ممكن توضيح اكثر اخي
هذه احد ملفات
ال DLL تدخل في اشياء كثيرة
ما المشكله بالتحديد
 
توقيع : m_uons2002
عليكم السلام ورحمه الله
ممكن توضيح اكثر اخي
هذه احد ملفات
ال DLL تدخل في اشياء كثيرة
ما المشكله بالتحديد
درجة حرارة المعالج مرتفه بشكل رهيب وبحثت
بحث عن المشكلة ووجدت ان السبب يمكن ان يكون في تلف ملفات Regsve32
 
سخونه المعالج لها اسباب كثيرة
وبالتحاليل والتقارير السليمه يتم معرفه السبب ومعالجته
والاخوة لن يقصرو معك . فقط اطرح المشكله بشكل وافي
 
توقيع : m_uons2002
سخونه المعالج لها اسباب كثيرة
وبالتحاليل والتقارير السليمه يتم معرفه السبب ومعالجته
والاخوة لن يقصرو معك . فقط اطرح المشكله بشكل وافي
اشكرك .. انزل التقارير هنا ولا افتح موضوع جديد
 
انتظر اخي احد المسؤولين عن القسم
أخي @الهمشري
 
توقيع : m_uons2002
في الانتظار
 
السلام عليكم اخي ارفق لنا صورة للمشكلة
وضع مواصفات جهازك
بالدخول لتشغيل او run
ثم اكتب dxdiag
enter
>>>
ضع صورة ماسيظهر لك
هنا

وفقك الله...
 
ولتحميل الملف الرابط:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وطريقة وضعه علي نظامك وتنصيبه:
If that does not help your problem, place the file to your system directory.


By default, this is


C:\Windows\System (Windows 95/98/Me),


C:\WINNT\System32 (Windows NT/2000), or


C:\Windows\System32 (Windows XP, Vista, 7, 8, 8.1, 10).





On a 64bit version of Windows, the default folder for 32bit DLL-files is C:\Windows\SysWOW64\ , and for 64bit dll-files C:\Windows\System32\ .


Make sure to overwrite any existing files (but make a backup copy of the original file).





Reboot your computer.





Step 3


If the problem still occurs, try the following to register the DLL-file:





For 32bit DLL-files on a 32bit Windows, and for 64bit DLL-files on a 64bit Windows:


  1. Open an elevated command prompt.
    • To do this, click Start, click All Programs, click Accessories, right-click "Command Prompt", and then click Run as administrator.
    • In Windows 8/10, go to the Start screen. Start typing cmd and Windows will find "Command Prompt". Right click "Command Prompt" and choose "Run as administrator".
    • If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
  2. Type regsvr32 "filename".dll and press Enter.

Registering 32bit DLL-files on a 64bit Windows:


  1. Open an elevated command prompt, as instructed above.
  2. In the command prompt, start by typing following and press enter:
    • cd c:\windows\syswow64\
  3. then type the following and press enter:
    • regsvr32 c:\windows\syswow64\"filename".dll

Finally, reboot your PC one last time to refresh the memory. That should do it!



وفقك الله
...
 
مواصفات الجهاز
 

المرفقات

  • Untitled.webp
    Untitled.webp
    23.4 KB · المشاهدات: 6
تقرير هايجاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:22:06, on 08/03/2017
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - (no file)
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O15 - Trusted Zone:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5179 bytes
 
تقرير Run scanner
Runscanner logfile
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


* = signed file
- = file not found

General info
------------
Computer name : ELTANAHY-PC
Creation time : 3/8/2017 12:23:29 AM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Home Basic
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
* C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe

Unrated items
-------------
003 * C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
010 * C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 23.0 r0)
010 * C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Anti-Malware)
011 * C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (HWiNFO AMD64 Kernel Driver)
011 * C:\Windows\system32\DRIVERS\idmwfp.sys (Internet Download Manager WFP Driver)
011 * C:\Windows\system32\drivers\mbam.sys (MBAMProtector)
011 * C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl)
011 * C:\Windows\system32\DRIVERS\L1C62x64.sys (Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller)
011 * C:\Windows\system32\drivers\RTKVHD64.sys (Realtek(r) High Definition Audio Function Driver)
011 * C:\Windows\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver)
011 * C:\Windows\system32\DRIVERS\ssudbus.sys (SAMSUNG USB Composite Device Driver)
011 * C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5)
031 GUID / CLSID not found {88FED34C-F0CA-4636-A375-3CB6248B04CD}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
047 Zone: localhost : *.localhost
047 Zone: update.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update-test2.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update-test2.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: webcompanion.com :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

052 GUID / CLSID not found {0055C089-8582-441B-A0BF-17B458C2A3A8}
052 GUID / CLSID not found {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
052 GUID / CLSID not found {FFCB3198-32F3-4E8B-9539-4324694ED664}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
100 Start Page HKCU :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Download all links with IDM : C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
105 Download with IDM : C:\Program Files (x86)\Internet Download Manager\IEExt.htm
170 {7b718cdd-5c1e-11e6-bdab-902b34835e04} : E:\AutoRun.exe
173 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
173 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
173 GUID / CLSID not found {947217BD-E967-400A-B14A-BA851A8EDCBB}
173 GUID / CLSID not found {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
173 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
173 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
221 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
221 GUID / CLSID not found {947217BD-E967-400A-B14A-BA851A8EDCBB}
221 GUID / CLSID not found {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
221 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
221 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
223 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
227 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
227 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 GUID / CLSID not found {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
229 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
241 GUID / CLSID not found {16F3DD56-1AF5-4347-846D-7C10C4192619}
241 GUID / CLSID not found {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}
241 GUID / CLSID not found {920E6DB1-9907-4370-B3A0-BAFC03D81399}
241 GUID / CLSID not found {99FD978C-D287-4F50-827F-B2C658EDA8E7}
241 GUID / CLSID not found {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}
251 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
251 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
010 C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
011 c:\windows\system32\drivers\uvhkvl.sys
011 C:\Windows\system32\Drivers\utmymtk0.sys
011 C:\Windows\system32\drivers\WinRing0_1_2_0.sys
032 rdpclip
063 bootdelete
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
212 C:\Program Files (x86)\IObit\Advanced SystemCare\DiskDefrag.exe
 
قائمة البرامج
 

المرفقات

  • Untitled.webp
    Untitled.webp
    27.7 KB · المشاهدات: 8
المشكلة ارتفاع درجة حرارة cpu لـ 100%
 
السلام عليكم معظم المشاكل يسببها برنامج
\IObit\Advanced SystemCare
لذا انصحك بازالته من جذوره باستخدام
Revo Uninstaller Pro
بعدها افحص الجهاز ببرنامج مالويرابيتس
وضع تقرير الفحص هنا بالتوفيق...
 
حذفته من فتره ببرنامج your uninstaller
ومسحت ملفاته من Program fills لكن في تقرير Run scanner يظهر Iobit / advanced system care في خانه Missing Fills
ودا تقرير جديد من Run scanner
Runscanner logfile
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


* = signed file
- = file not found

General info
------------
Computer name : ELTANAHY-PC
Creation time : 3/8/2017 2:49:36 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Home Basic
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\conhost.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\El Tanahy\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\sfc.exe (Microsoft Corporation)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\System32\cmd.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wuauclt.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe

Unrated items
-------------
003 * C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
010 * C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service)
010 * C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 23.0 r0)
010 * C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Anti-Malware)
011 * C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS (HWiNFO AMD64 Kernel Driver)
011 * C:\Windows\system32\DRIVERS\idmwfp.sys (Internet Download Manager WFP Driver)
011 * C:\Windows\system32\drivers\mbam.sys (MBAMProtector)
011 * C:\Windows\system32\drivers\mwac.sys (MBAMWebAccessControl)
011 * C:\Windows\system32\DRIVERS\L1C62x64.sys (Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller)
011 * C:\Windows\system32\drivers\RTKVHD64.sys (Realtek(r) High Definition Audio Function Driver)
011 * C:\Windows\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver)
011 * C:\Windows\system32\DRIVERS\ssudbus.sys (SAMSUNG USB Composite Device Driver)
011 * C:\Program Files\Unlocker\UnlockerDriver5.sys (UnlockerDriver5)
031 GUID / CLSID not found {88FED34C-F0CA-4636-A375-3CB6248B04CD}
042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
047 Zone: localhost : *.localhost
047 Zone: update.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update-test2.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: update-test2.drp.su :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

047 Zone: webcompanion.com :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

052 GUID / CLSID not found {0055C089-8582-441B-A0BF-17B458C2A3A8}
052 GUID / CLSID not found {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
052 GUID / CLSID not found {FFCB3198-32F3-4E8B-9539-4324694ED664}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
100 Start Page HKCU :
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

105 Download all links with IDM : C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
105 Download with IDM : C:\Program Files (x86)\Internet Download Manager\IEExt.htm
170 {7b718cdd-5c1e-11e6-bdab-902b34835e04} : E:\AutoRun.exe
173 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
173 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
173 GUID / CLSID not found {947217BD-E967-400A-B14A-BA851A8EDCBB}
173 GUID / CLSID not found {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
173 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
173 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
221 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
221 GUID / CLSID not found {947217BD-E967-400A-B14A-BA851A8EDCBB}
221 GUID / CLSID not found {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
221 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
221 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
223 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
225 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 GUID / CLSID not found {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}
225 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D}
227 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
227 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
229 GUID / CLSID not found {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
229 GUID / CLSID not found {6C467336-8281-4E60-8204-430CED96822D}
241 GUID / CLSID not found {16F3DD56-1AF5-4347-846D-7C10C4192619}
241 GUID / CLSID not found {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}
241 GUID / CLSID not found {920E6DB1-9907-4370-B3A0-BAFC03D81399}
241 GUID / CLSID not found {99FD978C-D287-4F50-827F-B2C658EDA8E7}
241 GUID / CLSID not found {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}
251 GUID / CLSID not found {B41DB860-64E4-11D2-9906-E49FADC173CA}
251 C:\Program Files (x86)\WinRar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
010 C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
011 c:\windows\system32\drivers\uvhkvl.sys
011 C:\Windows\system32\Drivers\utmymtk0.sys
011 C:\Windows\system32\drivers\WinRing0_1_2_0.sys
032 rdpclip
063 bootdelete
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
065 C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
212 C:\Program Files (x86)\IObit\Advanced SystemCare\DiskDefrag.exe
 
تقرير هايجاك جديد بعد الفحص ببرنامج malwarebytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:13, on 08/03/2017
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - (no file)
O2 - BHO: (no name) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - (no file)
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O15 - Trusted Zone:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5119 bytes
 
انا قلت لك استخدم برنامج مالويرابيتس وليس هايجاك لان جهازك به تروجان
او ادوير مثلا هذا يعتبره البرنامج دودة Trusted Zone:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وهو في تقريرك
PUP.CrossRider
وهذا ايضا يعتبره كاسبر تروجان
Missing files
-------------
010 C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
011 c:\windows\system32\drivers\uvhkvl.sys
011 C:\Windows\system32\Drivers\utmymtk0.sys
011 C:\Windows\system32\drivers\WinRing0_1_2_0.sys
032 rdpclip
063 bootdelete
لديك تولبار وبرامج خبيثة استخدم برنامج ادوير هنا الشرح:
102334944.png

...
616213035.png

...

672409729.png

...


804052535.png

...
والله ولى التوفيق

افحص مرة اخري الجهاز ببرنامج مالويرابيتس واختر فحص
مخصص ثم خيار فحص الجذور الخفية
478823590.png

وفقك الله
...
 
أشكرك على مجهودك جزاك الله كل خير .. لكن المشاكل لا تنتهي للأسف
برنامج ادوير كلينر لما أضغط scan تظهر أنه Sqlite3.dll فسدت او اتغيرت ..
حملت ملف Sqlite3.dll من موقع dll-files و نقلته لفولدر System 32 وكمان فولدر systemWOW64 وبرضة لفولدر البرنامج نفسه في القرص C .. لكن المشكلة زي ماهي
 

المرفقات

  • Untitled.webp
    Untitled.webp
    15.4 KB · المشاهدات: 3
هذا بسبب البرمجيات الخبيثة وليست نقص ملفات dll
جرب الفحص من الوضع الامن...
 
عودة
أعلى