تم حل المشكلة هل جهازي سليم من الاختراق؟

مستاءة · 31 ديسمبر 2011

السلام عليكم
صادفتني مشكلة لاول مرة
فجاة وانا اشتغل على الجهاز .. اشتغلت لمبة الكام حقتي
وانا مش مشغلة برامج تصوير ولامسن ولا سكايب ولا شي
استغربت شلون اشتغلت كذا لحالها !!
خفت ان الجهاز مخترق .. خصوصا انه بطيء اشوي بالفترة الاخيرة
فحبيت اتطمن انه سليم
وهذي التقارير كلها

تقرير الهايجك

PHP:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:41:48 م, on 30/12/11
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Users\User\AppData\Local\Temp\bibju5cc.exe
C:\Users\User\Desktop\runscanner.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.maxiwe.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [jggrphfntf5a05aupo25noa1] C:\Users\User\AppData\Roaming\mshoft\wihost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: جاري إرسال الصفحة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: جاري إرسال الصورة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Program Files\Webpage Capture\Webpage Capture.exe (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8227 bytes

تقرير البرامج المثبتة

PHP:

 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.0.1)
Adobe Shockwave Player 11.5
Ap PDF to IMAGE
Apple Application Support
Apple Mobile Device Support
Click to Call with Skype
D3DX10
Golden Al-Wafi Translator
Google Update Helper
Image To PDF v3.2.0
Intel(R) Control Center
Intel(R) Graphics Media *********** Driver
Intel(R) Rapid Storage Technology
iTunes
J2SE Runtime Environment 5.0 Update 21
Java(TM) 6 Update 22
Junk Mail filter update
Ma-Config.com
Marvell Miniport Driver
Mesh Runtime
Messenger Companion
Messenger Companion
Messenger Plus! 5
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Windows Media Video 9 VCM
Mozilla Firefox 8.0.1 (x86 ar)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT Redists
Nitro PDF Professional
Nokia Connectivity Cable Driver
Norton AntiVirus
OGA Notifier 2.0.0048.0
PC Connectivity Solution
QuickTime
Realtek USB 2.0 Card Reader
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2478663)
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2518870)
Skype™ 5.5
ThinkPad Bluetooth with Enhanced Data Rate Software
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR 4.10 بيتا 5 (32-بت)
بريد Windows Live
حزمة اللغة العربية لـ Microsoft .NET Framework 4
حزمة برامج تشغيل Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
معرض صور Windows Live

تقرير الرن سكنر

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

techno · 31 ديسمبر 2011

فضلا تقرير هايجيك جديد بدون كود
نسخ لصق

مستاءة · 31 ديسمبر 2011

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:41:48 م, on 30/12/11
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Users\User\AppData\Local\Temp\bibju5cc.exe
C:\Users\User\Desktop\runscanner.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [jggrphfntf5a05aupo25noa1] C:\Users\User\AppData\Roaming\mshoft\wihost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: جاري إرسال الصفحة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: جاري إرسال الصورة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Program Files\Webpage Capture\Webpage Capture.exe (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: Printer Control - ActMask Co.,Ltd -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

- C:\Windows\system32\PrintCtrl.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8227 bytes

techno · 31 ديسمبر 2011

بالهايجيك احذفي القيم التاليه

O9 - Extra button: Webpage Capture - {1F958B09-6612-7a0e-9223-4C7324C57B23} - C:\Program Files\Webpage Capture\Webpage Capture.exe (file missing)

حدثي برنامج الجافا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طبقي التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد اعادة التشغيل شوفي اذ فيه تحسن

مستاءة · 31 ديسمبر 2011

Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 7622

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31/12/11 07:56:59 ص
mbam-log-2011-12-31 (07-56-59).txt

Scan type: Full scan (C:\|)
Objects scanned: 238821
Time elapsed: 35 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\User\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
c:\Users\User\AppData\Roaming\svhost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

مستاءة · 31 ديسمبر 2011

سويت الخطوات كلها ..
جهازي سليم الحين؟

techno · 31 ديسمبر 2011

مستاءة قال:
سويت الخطوات كلها ..
جهازي سليم الحين؟

:d:
هل هو سؤال ام انه المشكله انحلت عندك

مستاءة · 31 ديسمبر 2011

سؤال :d:
لانو خايفة ان الجهاز مخترق .. قلت بالبداية ان لمبة الكام اشتغلت فجاة من غير برامج
خفت ان احد مخترق جهازي او شي
فحبيت اتطمن ان الجهاز سليم
:d:

techno · 31 ديسمبر 2011

مستاءة قال:
سؤال :d:
لانو خايفة ان الجهاز مخترق .. قلت بالبداية ان لمبة الكام اشتغلت فجاة من غير برامج
خفت ان احد مخترق جهازي او شي
فحبيت اتطمن ان الجهاز سليم
:d:

:hh:
طبقي التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند الانتهاء انسخي تقرير السوبر انتي سبايور
+
تقرير هايجيك جديد

وان شاء الله خير

مستاءة · 31 ديسمبر 2011

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 12/31/2011 at 09:46 AM

Application Version : 5.0.1142

Core Rules Database Version : 8091
Trace Rules Database Version: 5903

Scan type : Complete Scan
Total Scan Time : 00:26:45

Operating System Information
Windows 7 Starter 32-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned : 724
Memory threats detected : 0
Registry items scanned : 37977
Registry threats detected : 0
File items scanned : 31934
File threats detected : 34

Adware.Tracking Cookie
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\1O3J8KKU.txt [ /tradefx.advertserve.com ]
C:\USERS\USER\Cookies\1O3J8KKU.txt [ Cookie:user@tradefx.advertserve.com/ ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mynortonaccount.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mynortonaccount.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mynortonaccount.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mynortonaccount.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
account.norton.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.islamicfinder.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.tdstats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.static.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.islamicfinder.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.islamicfinder.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.clickaider.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLRCGEZ0.DEFAULT\COOKIES.SQLITE ]

الهايجك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:51:14 ص, on 31/12/11
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Users\User\AppData\Local\Temp\bibju5cc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PrintDisp] C:\Windows\system32\PrintDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\User\AppData\Local\Temp\zxq2\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -m
O4 - HKCU\..\Run: [jggrphfntf5a05aupo25noa1] C:\Users\User\AppData\Roaming\mshoft\wihost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: جاري إرسال الصفحة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: جاري إرسال الصورة إلى &جهاز Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: Printer Control - ActMask Co.,Ltd -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

- C:\Windows\system32\PrintCtrl.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8306 bytes

مستاءة · 31 ديسمبر 2011

اخوي techno
سطح المكتب صارت خلفيته سودا من بعد ما طبقت الشرح الاخير !!
كيف ارجعه الى وضعه الطبيعي
معليه بتعبك شوي

techno · 31 ديسمبر 2011

مستاءة قال:
اخوي techno
سطح المكتب صارت خلفيته سودا من بعد ما طبقت الشرح الاخير !!
كيف ارجعه الى وضعه الطبيعي
معليه بتعبك شوي

ممكن صورة لسطح المكتب

عابر12 · 31 ديسمبر 2011

ياغاليه على سطح المكتب بالماوس اليمين بعدين خصائص بعدين تلاقي سطح المكتب بعدين اختاري الخلفيه الي كانت عندك قبل ماتصير سودا وتطبيق وموافق تحياتي لك .

مستاءة · 31 ديسمبر 2011

techno قال:
ممكن صورة لسطح المكتب

تفضل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وغير كذا توها الحين الكام حقتي اشتغلت اللمبة حقتها
وانا مو فاتحة اي برنامج حق تصوير ولا مسن ولا شي
كذا اشتغلت اللمبة لحالها !!!
اول مرة تصير كذا من شريت اللاب
مدري وش قصتها ؟:?:

مستاءة · 31 ديسمبر 2011

عابر12 قال:
ياغاليه على سطح المكتب بالماوس اليمين بعدين خصائص بعدين تلاقي سطح المكتب بعدين اختاري الخلفيه الي كانت عندك قبل ماتصير سودا وتطبيق وموافق تحياتي لك .

انا الوندوز حقي 7 ستارتر
مافيه خاصية تغيير خلفية سطح المكتب
سطح المكتب له خلفية معينة للوندوز ستارتر من اول ماركبت الوندوز وسطح المكتب على حاله
بس الحين صارت خلفيته سودا
:i:

مستاءة · 31 ديسمبر 2011

انا عندي احساس انو الجهاز مخترق
حتى برنامج الحماية طلع لي كذا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

كأن الجهاز مهكر او مخترق وكانه هذي معلوماته اللي صادها برنامج الحماية :no:

techno · 31 ديسمبر 2011

مستاءة قال:
انا الوندوز حقي 7 ستارتر
مافيه خاصية تغيير خلفية سطح المكتب
سطح المكتب له خلفية معينة للوندوز ستارتر من اول ماركبت الوندوز وسطح المكتب على حاله
بس الحين صارت خلفيته سودا
:i:

كلك يمين على سطح المكتب ثم تخصيص
ثم تلقا ع اليمين من ضمن الخيارات "عرض"
اضغط عليها تلقا الأختيار على 100% غيره الى 125%
ثم يطلب منك تسجيل خروج اطلع وارجع ادخل ورجعه على 100% واطلع وادخل وكل شيء يرجع تمام التمام

مستاءة · 1 يناير 2012

هلا
مافي زي كذا لا بالخيارات ولا العرض
بس مو مهم ايش قصة الكام تشتغل لحالها
جهازي سليم من الاختراق والهكر ولا كيف؟

MAAX · 1 يناير 2012

الجهاز بالفعل مخترق بواسطة البيفروست

اعملي تقرير فحص سريع من اداة الصيانة

مستاءة · 1 يناير 2012

هلالالالالا ماكس
ياويلي

وش اللي خلاه يخترقه ؟ :er:

تفضل

QuickScan Beta 32-bit v0.9.9.99
-------------------------------
تاريخ المسح: Sun Jan 01 09:06:23 2012
عنوان الحاسب: 86A54F97

لم يتم العثور على عدوى
----------------------

البرامج
-------
Bluetooth Software 3588 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Firefox 2020 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 600 C:\Program Files\Mozilla Firefox\plugin-container.exe
Firefox 1640 C:\Program Files\Mozilla Firefox\plugin-container.exe
Flash® Player Installer/Uninstaller 1608 C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe
IAStorIcon 2572 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Intel(R) Common User Interface 2604 C:\Windows\System32\hkcmd.exe
Intel(R) Common User Interface 2612 C:\Windows\System32\igfxpers.exe
Intel(R) Common User Interface 2592 C:\Windows\System32\igfxtray.exe
iTunes 2656 C:\Program Files\iTunes\iTunesHelper.exe
Java(TM) Platform SE Auto Updater 2 0 3248 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Messenger Plus! 5 2748 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
Microsoft Search Client Server 884 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
Microsoft® Visual Studio® 2005 3988 C:\Users\User\AppData\Local\Temp\bibju5cc.exe
Microsoft® Windows® Operating System 3264 C:\Program Files\Windows Sidebar\sidebar.exe
Microsoft® Windows® Operating System 1476 C:\Windows\explorer.exe
PrintDisp 2624 C:\Windows\System32\PrintDisp.exe
Windows® Internet Explorer 1644 C:\Program Files\Internet Explorer\iexplore.exe
Windows® Internet Explorer 3188 C:\Program Files\Internet Explorer\iexplore.exe
تم تفقده Microsoft® Windows® Operating System 424 C:\Windows\System32\dwm.exe
تم تفقده Microsoft® Windows® Operating System 2012 C:\Windows\System32\taskhost.exe

انشطة الشبكة
------------
البرنامج firefox.exe (2020) موصول على معبر 80 (HTTP) --> 74.125.225.139
البرنامج firefox.exe (2020) موصول على معبر 80 (HTTP) --> 69.171.229.14
البرنامج firefox.exe (2020) موصول على معبر 443 (HTTP over SSL) --> 74.125.225.111
البرنامج firefox.exe (2020) موصول على معبر 80 (HTTP) --> 23.1.165.115
البرنامج firefox.exe (2020) موصول على معبر 80 (HTTP) --> 74.125.235.159
البرنامج bibju5cc.exe (3988) موصول على معبر 8888 --> 2.88.63.42

الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
Apache HTTP Server C:\Users\User\AppData\Roaming\mshoft\wihost.exe
Ascentive Performance Center C:\Program Files\Ascentive\Performance Center\ApcMain.exe
IAStorIcon C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Intel(R) Common User Interface C:\Windows\System32\hkcmd.exe
Intel(R) Common User Interface C:\Windows\system32\igfxdev.dll
Intel(R) Common User Interface C:\Windows\System32\igfxpers.exe
Intel(R) Common User Interface C:\Windows\System32\igfxtray.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
Messenger Plus! 5 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
Microsoft® Windows® Operating System C:\Program Files\Windows Sidebar\sidebar.exe
Mozilla Firefox C:\Program Files\Mozilla Firefox
PrintDisp C:\Windows\System32\PrintDisp.exe
QuickTime C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe
تم تفقده Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

وصلات المتصفح
-------------
AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
Babylon Chrome Plugin C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
Babylon Chrome Plugin C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_1\BabylonChromePI.dll
BitDefender QuickScan C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zlrcgez0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll
Google Update C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
Java Deployment Toolkit 6.0.300.12 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java(TM) Platform SE 6 U30 c:\program files\java\jre6\bin\jp2ssv.dll
Java(TM) Platform SE 6 U30 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
Java(TM) Platform SE 6 U30 C:\Program Files\Java\jre6\bin\ssv.dll
Ma-Config.com plugin C:\Program Files\ma-config.com\nphardwaredetection.dll
Microsoft Search Enhancement Pack C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll
PaltalkScene C:\Program Files\Paltalk Messenger\Paltalk.exe
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.6.9 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
RealPlayer Download and Record Plugin C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
Skype Toolbars C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
Skype Toolbars C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_1\npSkypeChromePlugin.dll
Symantec Intrusion Detection C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
Windows Live Messenger Companion C:\Program Files\Windows Live\Companion\companioncore.dll
Windows Live Photo Gallery C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer C:\Windows\System32\ieframe.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
تم تفقده Shockwave for Director C:\Windows\system32\Adobe\Director\np32dsw.dll

الملفات الناقصة
---------------
الملف C:\Users\User\AppData\Local\Temp\zxq2\mbam.exe غيرموجود
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Malwarebytes' Anti-Malware (reboot)"

مسح
---
MD5: 090148f78121729ecbeccd76d0d5d0a9 C:\Program Files\Ascentive\Performance Center\ApcMain.exe
MD5: 3cdea45c32aa24f161c55fa4b33cc063 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
MD5: f31208835709a62ecc5d45211d89c772 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
MD5: dddd1d04d5f4360371bc99c7c476f70d C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 1edd423e34c5ff8f1c9c94a1afc12d03 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: de4835a2de88d3597fdc92b863333f05 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: d30dd708f05fb85ef2c53727ed3573d2 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll
MD5: 38711bb50d27b7145186f61ce31b3336 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll
MD5: 9e515554a3ea7b70c975f61971c6977d C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll
MD5: 7ef0c8a9a1a57756f4868e3693173c08 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 258d35f5f5f5f3f6045488ecdc14faab C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: df3bf36f93945062b85b02ea408e716f C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 90044039365b06cecdd8e347ac08bbae C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 20f6f19fe9e753f2780dc2fa083ad597 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: e6748a0adc22f0595e31448cac746d3f C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 6e3245df783e58375b3465f03274743e C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: bb0667b0171b632b97ea759515476f07 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
MD5: 6bf01e200063d7274f3af06d226671f5 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
MD5: 9d4a1690af93f233e15380398bec7431 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: 0a70f4022ec2e14c159efc4f69aa2477 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
MD5: 75e8b69f28c813675b16db357f20720f C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
MD5: 720b18d76de9e603b626dfcd6f1fca7c C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
MD5: 8c2044169be2224c8a7cb8e81e7581af C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: c01efa80f72d20d2249585c2aee2b608 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ar-SA\IAStorIcon.resources.dll
MD5: e8fe70f942f0fea4dda73f2bccd86036 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ar-SA\IntelVisualDesign.resources.dll
MD5: af3fa498afcc7242c7dc411881c5575a C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
MD5: 89c5acca0dc6f4951ec75771ae36c53d C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MD5: abe1d7c1f0270849be855c1081687081 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
MD5: 08925b04a66d5f874c16830dd97b1b62 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
MD5: 5005c6512b4f0c0201b0d9a4a62c5428 C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 8ed7c19aefa3673aadb0d6864b03fbce C:\Program Files\Internet Explorer\iexplore.exe
MD5: 0bf28e777209ef48ad215c809ad2cbb5 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: b84a28b3984185eda8867541af14cddb C:\Program Files\iPod\bin\iPodService.exe
MD5: ba0f6dcc3181a4e3cbb02ec41153bb72 C:\Program Files\iTunes\iTunesHelper.dll
MD5: 53d96678fb89f056d5285101481297d9 C:\Program Files\iTunes\iTunesHelper.exe
MD5: 99aaa6c83d40be9db1ba81141b2aebc8 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: 562814461db20253b42bb806c994d20d C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 7f8aefd3bbc0f30c42c59fd27a828dcf C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: f2121482c2968cd3b53ed53acc9277a5 c:\program files\java\jre6\bin\jp2ssv.dll
MD5: ccc24faa47c47e66be61bf22603c5e3a C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: e810acafa8e6d80117414b7ca036d626 C:\Program Files\Java\jre6\bin\ssv.dll
MD5: 61c3ee682b38a5ed56a6a99e9075c2f6 C:\Program Files\ma-config.com\maconfservice.exe
MD5: ce6db25ffa35fd051c503f11db745862 C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: 99b6ce3840f5ad5c4b13b666249aa467 C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
MD5: 2b66f8af35fa5d7b312c38623cde3e7f C:\Program Files\Microsoft\Search Enhancement Pack\SeaNote\SeaNote.dll
MD5: 16a252022535b680046f6e34e136d378 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
MD5: 7fc1fb17882abc73c85c1feb0b9357dd C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\srchbxex.dll
MD5: a4ad1aa4c57409480c1d84bbca6becf0 C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
MD5: bd4c601a0c7c2b5e06753c77b0f15cec C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MD5: 25532414a7a088553527a75b31df0592 C:\Program Files\Mozilla Firefox\firefox.exe
MD5: acdda9608d9e9374227ae3981305da74 C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: 8bb7bee59f0287a0ead64957db67b532 C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: 54e853f7cbb2a7114da3763bf9abd4d5 C:\Program Files\Mozilla Firefox\MOZCPP19.dll
MD5: 37ef3bb68aea271b600a1d2eec58cd2a C:\Program Files\Mozilla Firefox\MOZCRT19.dll
MD5: 3a5236be0bc729a077a80e2e5a716843 C:\Program Files\Mozilla Firefox\mozjs.dll
MD5: 3481a993bbbcef7f83938d3bbcba53c3 C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MD5: b18ac873044816fcd21f6c742eea4556 C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: 3c840551b5baafc45b3f02c789d4fc77 C:\Program Files\Mozilla Firefox\nss3.dll
MD5: 15032e6af825451b861f0f941c344932 C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: c45c19f159f02a7a050c840dfccac489 C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: 4585bff270a7f0bac15c15f131012578 C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 3a6b10e1d909da39716dfbb921a4842c C:\Program Files\Mozilla Firefox\plc4.dll
MD5: f9375875aa40bf4756d66ff692393aac C:\Program Files\Mozilla Firefox\plds4.dll
MD5: 1cd878ffa3b97d9008fa0e723ed996cb C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
MD5: ff030b5f429a1a8c18821e4595599c1f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 0bf28e777209ef48ad215c809ad2cbb5 C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 6c859c6fce6d694eafd7ea3ae66d54db C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 3cf277c305780ffeb8be2f80276a9e37 C:\Program Files\Mozilla Firefox\smime3.dll
MD5: c30f05f0faa9c826b8578d0159fa7c83 C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: eda70aba6202a5a152c6d8b5c5874ce9 C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: 49f6273082e0341ddd4af0be02394da9 C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: d2f353297cdf9197dc322f4c930009c0 C:\Program Files\Mozilla Firefox\xul.dll
MD5: ba4eab2b03c133c8e7cce1d688661c90 C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
MD5: db7951146ca1e218e1d3bcff115848a3 C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccIPC.dll
MD5: 7a03683fdec05543a5cf7aa968129a1f C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccL100U.dll
MD5: 6fee15b53d624e06d86759258e1f6a9c C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSet.dll
MD5: e78a365cc3e0fbfc018a33dce01909f8 C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
MD5: abff5f1e970dbc68e2cae682378dc717 C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccVrTrst.dll
MD5: 177364f26f682529220af4906131dc2a C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\EFACli.dll
MD5: 21215b293e3af3126d313b2be33723ca C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL
MD5: b3a9aa8f17a9eae0aa8f5953143caf1d C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\NPCGadgt.dll
MD5: 73af59254b1ad976acc41d99c3283303 C:\Program Files\Paltalk Messenger\Paltalk.exe
MD5: 7d3903af48e6c1dc2704eafcb608d031 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
MD5: 187259aed69fe2b1015c532ef8f633a1 C:\Program Files\ThinkPad\Bluetooth Software\BtBalloon.dll
MD5: f577324eeee6979392fe9c1432fd0d40 C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
MD5: c2d63d3e76e8f3e3d6dc4c949ac27427 C:\Program Files\ThinkPad\Bluetooth Software\btmmhook.dll
MD5: 24d9cdd6ec0664e1860ebfb61e6f25c0 C:\Program Files\ThinkPad\Bluetooth Software\btncopy.dll
MD5: d317e2f7dcc519b705284d87128b63ed C:\Program Files\ThinkPad\Bluetooth Software\btosif.dll
MD5: 6832d8e1439c3b1ba24d6baca17974a8 C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll
MD5: 630b6c2df4b34e98d530fef44a871115 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
MD5: deaf87b50a403e9492603e3caaa01d3c C:\Program Files\ThinkPad\Bluetooth Software\btwapi.dll
MD5: 0e3ee2bc0ec56bfe869fcde3e5806684 C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
MD5: 7cd24a5c9987c2f29ac5af20e0faa76e C:\Program Files\ThinkPad\Bluetooth Software\btwhidcs.DLL
MD5: afdae59fe562a7cdb44f9d4abedac316 C:\Program Files\Video Convert Master\codec\quicktime\QTSystem\QTCF.dll
MD5: 1d856e6e7490447fcfaa46e09a2bf9c9 C:\Program Files\Video Convert Master\codec\quicktime\QTSystem\QuickTime.qts
MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe
MD5: 47bdbce3e2d819b17ab9fa4539b9df71 C:\Program Files\Windows Live\Companion\companioncore.dll
MD5: 4ce9dac1518ff7e77bd213e6394b9d77 C:\Program Files\Windows Live\Family Safety\fsssvc.exe
MD5: 5b239ff33aeaffc5983aaad4dbf9c87f C:\Program Files\Windows Live\Installer\wlshim.dll
MD5: 6067acef367e79914af628fa1e9b5330 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
MD5: ac421a44de902f2627f1e63793ed89cd C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
MD5: 3856e8add648bc2dfeb07406c7f25804 C:\Program Files\Windows Live\Shared\UXCalendar.dll
MD5: f0d369b57b0b0b00d4e146f0f53fb86c C:\Program Files\Windows Live\Shared\uxcontacts.dll
MD5: e680a55e9488921fc487616f4ede7797 C:\Program Files\Windows Live\Shared\UXCore.dll
MD5: cc9e4d197143738bd868282e76ff6731 C:\Program Files\Windows Live\Shared\WLDCore.dll
MD5: 77fbd400984cf72ba0fc4b3489d65f74 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: ea6eadf6314e43783ba8eee79f93f73c C:\Program Files\Windows Sidebar\sidebar.exe
MD5: e1c1197d2202843f1cbafb449851c7f5 C:\Program Files\Windows Sidebar\wlsrvc.dll
MD5: 30183a68e8efde4cb7d65c815081dada C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
MD5: 9d14d76e4e7b9b2ead17149011db2b11 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111221.003\BHDrvx86.sys
MD5: 9bc8840de4140e8e2a6fc3192e054a8c C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111228.001\IDSvix86.sys
MD5: 862f55824ac81295837b0ab63f91071f C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111231.022\NAVENG.SYS
MD5: 529d571b551cb9da44237389b936f1ae C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111231.022\NAVEX15.SYS
MD5: 6e5700eb96d1d3c03ed1417b39382c4e C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
MD5: be3faf4aa180660c069f3122be3cd8a4 C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll
MD5: be3faf4aa180660c069f3122be3cd8a4 C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_1\BabylonChromePI.dll
MD5: b50cfcb466d0634ef9a258d0a0fb408c C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll
MD5: b50cfcb466d0634ef9a258d0a0fb408c C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_1\npSkypeChromePlugin.dll
MD5: aeec0405a1c587562275ab20cc6e3521 C:\Users\User\AppData\Local\Temp\bibju5cc.exe
MD5: 39763504067962108505bff25f024345 C:\Users\User\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS
MD5: 77b9fc20084b48408ad3e87570eb4a85 C:\Users\User\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS
MD5: f4a569f89a90205a095965ae628625e1 C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zlrcgez0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: 797186acc542b1b6de03eced8bcd2344 C:\Users\User\AppData\Roaming\mshoft\wihost.exe
MD5: 2a0612e57b59ebffc0a6118c2b962827 C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ar_b77a5c561934e089\mscorlib.resources.dll
MD5: 85b3a4f286e21b121947974f3998667b C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_ar_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MD5: 97a4d48fd7118f6a3cfe71b5e3ef262e C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\48b328b4b360d98896aa164ac763308d\IAStorCommon.ni.dll
MD5: 115e6f51ae624736f8bc76b7f7cf0b43 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b12b97a70ff8529eb2e166cb8af6e5df\IAStorUtil.ni.dll
MD5: 87deeeb4a04306c3464c409027a47306 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MD5: 8be9187abfe036f157cf55d5a3eff22a C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MD5: d8c9ac87d26409fcb7c47edca2daa3c8 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MD5: 46ab16b330c82bc899db28b3e57c64f5 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MD5: 339d5e05399cdabda3202453f612197a C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MD5: bd1be9e9625744df191e09e7e80d2979 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MD5: 0202b3742d8f91d87616c7585cdc3314 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MD5: bad09b48e7feb5d8e93e72c7a69ee9e8 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MD5: 5865a7993e167a11cedda9dabc705db3 C:\Windows\Downloaded Program Files\qsax.dll
MD5: 2af58d15edc06ec6fdacce1f19482bbf C:\Windows\explorer.exe
MD5: af2d82d297609df60469bfae48645762 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 44a38da547fbfeb2f2b3d480728805de C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 5f3bdb02d64443efca7dd9248619c962 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 225e83f591113adec764afba0ab12593 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: cb44e805bb7c0c9bc3b8a66a59bb300a C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 0a58da99321d95944e796541a716cbf5 C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: ea93d50a341350321c96208f651408d0 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: 61490bbf4d7c399bd42af6b63960fb92 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 267aff1ea665dbe422276601989efff3 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 792fc8e77dc71a5f095c32d3a5c78ea1 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: 84cb9832f03a6aa1929636f5d9e7e298 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3927fdfe073338428a24160e427e87a3 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 56b798396b5ad9fb064528b638a6008f C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 77895ba5c5cdcfef66419a03b6a4cdad C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 88955bce0a301ca342562be24415d9cc C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 308823c5a58a4022fedd8f4db3f99a25 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 75959d7e5ef8fd7e7e17f40f63f3cc66 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 2ff5b43393e8f2c46135ac33e842b076 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: a5750894aefe1d57cf8c460ea4065748 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: b3758364d42bbdba18383f010fb7cfcd C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 20f76c488929b6288733888bffe62f65 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: 11e5a68a159bf13bcf0538bec894e0ce C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 5cccf830959345f0b8bcc2a0dfac11b5 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: daef44b6ff4aec4533bab3761310d4a5 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 62ad339f7420b022509edac1d9fd7ba1 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: c13d2932297d3597fea7b6902efc117d C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: cdc1f7b46fc7b0b8c88df0cfbda2eb2c C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 69ac43aae61eec7625726b377ccaaa13 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: 5710b9bd7a3e4f716402b8119004eb48 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: a2903ece1d115fea38bb07e01c122b5e C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: fabfc817547eabb19b74849cef410622 C:\Windows\system32\authui.dll
MD5: e24fe90e9de8d8ae70e59f7b01675def C:\Windows\system32\avicap32.dll
MD5: 53831de9162c6c2378574b59eb786bf1 C:\Windows\system32\corpol.dll
MD5: b8473011f59a6aa2b35e84aa19d707cf C:\Windows\system32\d3d10_1.dll
MD5: 029e2a480ce2020df097e535a2311712 C:\Windows\system32\d3d10_1core.dll
MD5: 62390f4ace9e2b63e3ca26b7f7497897 C:\Windows\system32\dnsapi.DLL
MD5: b15be77a2bacf9c3177d27518afe26a9 C:\Windows\System32\dnsrslvr.dll
MD5: 0db7a48388d54d154ebec120461a0fcd C:\Windows\system32\drivers\afd.sys
MD5: 19ce906b4cdc11fc4fef5745f33a63b6 C:\Windows\system32\drivers\amdsata.sys
MD5: 869e67d66be326a5a9159fba8746fa70 C:\Windows\system32\drivers\amdxata.sys
MD5: eb7c2dadf52f50f69f198c14c3556dc1 C:\Windows\system32\DRIVERS\bcmwl6.sys
MD5: 9a5c671b7fbae4865149bb11f59b91b2 C:\Windows\system32\DRIVERS\bowser.sys
MD5: 88059ff1ded4472acd17eebabd393069 C:\Windows\System32\Drivers\BTHport.sys
MD5: 80e6384beec03b8bd45edea29802d657 C:\Windows\System32\Drivers\BTHUSB.sys
MD5: 7e826be3b3558208d5c9b00034e51be5 C:\Windows\system32\drivers\btwaudio.sys
MD5: af9148c3e844131ac954cb53ff43d971 C:\Windows\system32\drivers\btwavdt.sys
MD5: 480b3d195854b2e55299cddddc50bcf9 C:\Windows\system32\DRIVERS\btwrchid.sys
MD5: 83d1ecea8faae75604c0fa49ac7ad996 C:\Windows\System32\Drivers\dfsc.sys
MD5: 1679a4669326cb1a67cc95658d273234 C:\Windows\System32\drivers\dxgkrnl.sys
MD5: d909075fa72c090f27aa926c32cb4612 C:\Windows\system32\DRIVERS\fssfltr.sys
MD5: 4b80b97cbf0782b3bb3057f88d42c367 C:\Windows\system32\DRIVERS\iaStor.sys
MD5: 71f1a494fedf4b33c02c4a6a28d6d9e9 C:\Windows\system32\drivers\iaStorV.sys
MD5: 8e9da2e49347af49901526dcd4d0f397 C:\Windows\system32\DRIVERS\igdkmd32.sys
MD5: ca7570e42522e24324a12161db14ec02 C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: f965c3ab2b2ae5c378f4562486e35051 C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: 25c38264a3c72594dd21d355d70d7a5d C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: a73399804d5d4a8b20ba60fcf70c9f1f C:\Windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS
MD5: 83726cf02eced69138948083e06b6eac C:\Windows\System32\Drivers\NAV\1206000.01D\SRTSP.SYS
MD5: 4e7eab2e5615d39cf1f1df9c71e5e225 C:\Windows\system32\drivers\NAV\1206000.01D\SRTSPX.SYS
MD5: 9bbeb8c6258e72d62e7560e6667aad39 C:\Windows\system32\drivers\NAV\1206000.01D\SYMDS.SYS
MD5: d5c02629c02a820a7e71bca3d44294a3 C:\Windows\system32\drivers\NAV\1206000.01D\SYMEFA.SYS
MD5: 2c688094650d23b62b0a809decd0b12f C:\Windows\System32\Drivers\NAV\1206000.01D\SYMNETS.SYS
MD5: f1b0bed906f97e16f6d0c3629d2f21c6 C:\Windows\system32\drivers\nvraid.sys
MD5: 4520b63899e867f354ee012d34e11536 C:\Windows\system32\drivers\nvstor.sys
MD5: fd2041e9ba03db7764b2248f02475079 C:\Windows\system32\DRIVERS\pccsmcfd.sys
MD5: b4090006a82eeb608c358ab5d37de85a C:\Windows\system32\DRIVERS\RMCAST.sys
MD5: a633399432491bb173bb3cf3b41b9c55 C:\Windows\System32\Drivers\RtsUStor.sys
MD5: d3fa9fb502ad62001101f495bbbac42e C:\Windows\system32\drivers\ScreamingBAudio.sys
MD5: c4a027b8c0bd3fc0699f41fa5e9e0c87 C:\Windows\System32\DRIVERS\srv.sys
MD5: 414bb592cad8a79649d01f9d94318fb3 C:\Windows\System32\DRIVERS\srv2.sys
MD5: ff207d67700aa18242aaf985d3e7d8f4 C:\Windows\System32\DRIVERS\srvnet.sys
MD5: ab33c3b196197ca467cbdda717860dba C:\Windows\system32\Drivers\SYMEVENT.SYS
MD5: 56c198ac82efa622dd93e9e43575f79c C:\Windows\System32\drivers\tcpip.sys
MD5: 83cafcb53201bbac04d822f32438e244 C:\Windows\System32\Drivers\usbaapl.sys
MD5: c31ae588e403042632dc796cf09e30b0 C:\Windows\system32\DRIVERS\usbccgp.sys
MD5: e4c436d914768ce965d5e659ba7eebd8 C:\Windows\system32\DRIVERS\usbehci.sys
MD5: bdcd7156ec37448f08633fd899823620 C:\Windows\system32\DRIVERS\usbhub.sys
MD5: eb2d819a639015253c871cda09d91d58 C:\Windows\system32\drivers\usbohci.sys
MD5: 1c4287739a93594e57e2a9e6a3ed7353 C:\Windows\system32\DRIVERS\USBSTOR.SYS
MD5: 22480bf4e5a09192e5e30ba4dde79fa4 C:\Windows\system32\DRIVERS\usbuhci.sys
MD5: b5f6a992d996282b7fae7048e50af83a C:\Windows\System32\Drivers\usbvideo.sys
MD5: b2abab4ca46bad182e27763dc19c780f C:\Windows\system32\DRIVERS\vcsvad.sys
MD5: 21886ae871840739885a34e7f216afa7 C:\Windows\system32\DRIVERS\yk62x86.sys
MD5: 60cc965a89e2072ebd26d63d5e1e1d18 C:\Windows\system32\dwmcore.dll
MD5: 977bc1b9d7fa25654f8ba8f01d1d5f6f C:\Windows\system32\hccutils.DLL
MD5: 9bff6d759eaea0a92a846c6c80d97687 C:\Windows\System32\hkcmd.exe
MD5: 12e9654d04ef03fcc95cdbd966bd0455 C:\Windows\System32\ieframe.dll
MD5: a71393be61db2046b13197298a0fb4fc C:\Windows\System32\iepeers.dll
MD5: 0a17693daae940c17e579791c150c534 C:\Windows\system32\iertutil.dll
MD5: f9e41d28f2dc8fb8af5cde317021ae26 C:\Windows\system32\IEUI.dll
MD5: 304d35722507447b133cbd606a020850 C:\Windows\system32\igdumd32.dll
MD5: 98e9cb23c8e9a8a0e5cebc8eef07f3c1 C:\Windows\system32\igdumdx32.dll
MD5: aea739802356e478775ff40f32f090b6 C:\Windows\system32\igfxdev.dll
MD5: b5e6304b6be9b518123d76a7305db242 C:\Windows\System32\igfxpers.exe
MD5: 82b5494981d5400235788cb44f4e98b3 C:\Windows\system32\igfxpph.dll
MD5: a0a77f9ad57ddda6130f31643b3c6e3b C:\Windows\system32\igfxrARA.lrc
MD5: dfb0b6f044e06472d78eec68f90ca86c C:\Windows\system32\igfxress.dll
MD5: 5af16367b6175cbcaa7528e0bc6f8729 C:\Windows\system32\igfxsrvc.dll
MD5: 0696962693ff0a37a77a5660abc69d95 C:\Windows\System32\igfxtray.exe
MD5: bc5525c19f79b6099b085d0c00c4ef46 C:\Windows\system32\irprops.cpl
MD5: 0bd0665d8bfd321d3b5a898ed09d1df3 C:\Windows\System32\jscript.dll
MD5: 7e99a20c758abb5ae89c7aeea3a9aeb2 C:\Windows\system32\kernel32.dll
MD5: acf24c46a6eada7621940d8f2511f906 C:\Windows\system32\KERNELBASE.dll
MD5: 27fc75229eee367d4c0e643c108a90fa C:\Windows\System32\LocationApi.dll
MD5: e46ea53d149113b9a513bfe0955968ce C:\Windows\system32\Macromed\Flash\Flash10w.ocx
MD5: 9e388307dfceab604f275a972e06bbcd C:\Windows\system32\Macromed\Flash\FlashUtil10w_ActiveX.dll
MD5: bb646927c878ef8b966ed168d4c712ae C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe
MD5: de3745a51b7ac7fedc356a83f76c8023 C:\Windows\system32\Macromed\Flash\NPSWF32.dll
MD5: 74c76bb54b26ce50c4bc755f92687c63 C:\Windows\system32\MFC42.dll
MD5: f7b5ccb751411908e8088d2eaf832778 C:\Windows\system32\msfeeds.dll
MD5: 9b2203a026436b0ce445819356619c06 C:\Windows\System32\mshtml.dll
MD5: bd669749eaeff96773b5f8d0a43e0068 C:\Windows\System32\msxml3.dll
MD5: 5f856156f709df40b42d36ae8a0f0695 C:\Windows\System32\msxml6.dll
MD5: 4d9b229fb4bfa251a568a88d22b881fb C:\Windows\system32\msyuv.dll
MD5: 4c3d247687c878b14bd8d1168d6f1602 C:\Windows\System32\NLSData0001.dll
MD5: 78e11d9006139a7fb638f0bda9179d27 C:\Windows\System32\NLSLexicons0001.dll
MD5: 7bfa0c5d8a4a2f1c46a6a3a698bde3e5 C:\Windows\system32\NLSSRV32.EXE
MD5: 3bbf9937cc8c58e8b418b01bddb8d43b C:\Windows\SYSTEM32\ntdll.dll
MD5: 5764c381949147ebcfb9a7134e2abf06 C:\Windows\system32\ODBC32.dll
MD5: e2c2d8c982316c8abf800c6ce3f28fab C:\Windows\system32\ole32.dll
MD5: 4d59a5b6ef0af6f9fdf3d157534380af C:\Windows\System32\OLEACC.dll
MD5: 705c210efc5564be49eb026bd7aff27a C:\Windows\system32\OLEAUT32.dll
MD5: 2862a3819bbc9757dd27bac41a4e0a3e C:\Windows\System32\pnidui.dll
MD5: 0264b15f628c8c7dbf439fd7ab4108f5 C:\Windows\system32\PrintCtrl.exe
MD5: cd3e1e79992f07f9bb6195e497af3544 C:\Windows\System32\PrintDisp.exe
MD5: 21cf5c7d8d727dcc337a1d251b6135f4 C:\Windows\system32\schannel.DLL
MD5: df1e5c82e4d09cf8105cc644980c4803 C:\Windows\system32\schedsvc.dll
MD5: 71402c7923f6b7f8acb48e50f35463e7 C:\Windows\system32\SearchIndexer.exe
MD5: af70c31606f01c918e7198ca64b09c5f C:\Windows\system32\SHELL32.dll
MD5: d1bb750eb51694de183e08b9c33be5b2 C:\Windows\System32\spoolsv.exe
MD5: 4c287f9069fedbd791178876ee9de536 C:\Windows\system32\sppsvc.exe
MD5: 8f6bf790d3168224c16f2af68a84438c C:\Windows\system32\srvsvc.dll
MD5: 8d908f346eedd752005a32787a6dcafa C:\Windows\System32\StructuredQuery.dll
MD5: 8c7fe6b9559204765849bff308764fa5 C:\Windows\System32\SyncCenter.dll
MD5: 04105c8da62353589c29bdaeb8d88bd8 C:\Windows\system32\sysmain.dll
MD5: 25819a6361f10c30905b5d0fdb8dca42 C:\Windows\system32\t2embed.dll
MD5: 21012407e8c74aa72bbb485b0fc197fe C:\Windows\system32\taskschd.dll
MD5: 7271b48b193c9624416bd5006cd8b92f C:\Windows\system32\tquery.dll
MD5: 71def5ec79774c798342d0ea16e41780 C:\Windows\system32\umpnpmgr.dll
MD5: 94951a18965bd4d2a42b428e8ebfad84 C:\Windows\system32\urlmon.dll
MD5: 3f27a99c1415b86f6023d93465b2bd30 C:\Windows\system32\vbame.dll
MD5: 509b666bf56d469c641df55652c76168 C:\Windows\system32\vbscript.dll
MD5: e32b288b38c3182d9f890f45b067a5db C:\Windows\system32\vfwwdm32.dll
MD5: 7790b77fe1e5ee47dcc66247095bb4c9 C:\Windows\system32\wbengine.exe
MD5: 6d9b75275c3e3a5f51aef81affadb2b6 C:\Windows\System32\wcncsvc.dll
MD5: bb5ec38f8d4600119b4720bc5d4211f1 C:\Windows\System32\webclnt.dll
MD5: 4fb96aacf2f05c7357546becd7678863 C:\Windows\system32\webio.dll
MD5: 9a6dedbe309aa0ce2c31ee6799b38e4f C:\Windows\System32\werconcpl.dll
MD5: cc9bbcfc715fbedf7ae476106fe653e9 C:\Windows\system32\WINHTTP.dll
MD5: 7f5b51faca193430346970283c50769f C:\Windows\system32\WININET.dll
MD5: 374b26395852a9092bde2e4c8d4d0c8d C:\Windows\System32\WSCAPI.dll
MD5: a661a76333057b383a06e65f0073222f C:\Windows\System32\wscsvc.dll
MD5: 7fd5532c142db6c9cc47aa4dcf71fdec C:\Windows\System32\wscui.cpl
MD5: a33408cc036f9c08142b11be5e93f0a1 C:\Windows\system32\wuaueng.dll
MD5: 0c2ae180d8c35f723ba13a16aa9ac453 C:\Windows\system32\xmllite.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: d3ead1cf16ba729a7f7c9a5d94aa7c05 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\Comctl32.dll
MD5: 4b8dd8541c0e26602005dd0137333615 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\COMCTL32.dll

يجب تحميل الملفات التالية ليتم فحصها:
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ar-SA\IAStorIcon.resources.dll
C:\Users\User\AppData\Roaming\mshoft\wihost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ar-SA\IntelVisualDesign.resources.dll

بدء التحميل - الملف 3
wihost.exe (597163)
IntelVisualDesign.resources.dll (4608)
IAStorIcon.resources.dll (32768)
سرعة التحميل - 54 KB/s
انتهاء التحميل - تم تحميل: 3 و فشل تحميل: 0

الملفات المحملة نظيفة

انتهاء المسح - تم الاتصال خلال 12 ثواني
الحجم الاجمالي - تم ارسال 0.64 ميجابايت و تم استقبال 1.15
تم مسح 847 ملف و برنامج - 177 ثواني

==============================================================================

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

زيزوومى مميز

زيزوومى مميز

زيزوومى مميز

عضو شرف

توقيع : techno

زيزوومى مميز

عضوشرف

زيزوومى مميز