مشكلة .. الجهاز يعلق .. وبه فيروسات

نوااف123 · 25 يناير 2012

السلام عليكم
كيف حالكم يا اعضاء زيزووم
عندي مشكلة وهي التعليق
يعني الجهاز ثقيل جدا جدا انتظر 3-5 دقائق لفتح المتصفح او اي برنامج اخر
حملت برنامج Kasperskay وتم فحص الجهاز ووجدت 13 فيروس تقريبا وتم حذفهم جميعاً
ورجع الجهاز زي الحلاوة 100% لكن جئت بعد ذلك ووجدت تعليق نفس المشكلة ..
حملت الهايجاك ونظفت القيم ولا ضبط ..
تم ازالة جميع البرامج والتولبار التي لا احتاجها ولكن !!
فـ قلت مالي الا الله ثم اعضاء زيزووم ان شاء الله تساعدوني

وهذه التقارير

Hijack
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:56:07 ص, on 25/01/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Users\Admin\AppData\Roaming\regsrv64.exe
C:\Windows\system32\svchost.exe
C:\Users\Admin\AppData\Roaming\365B.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [explore r.exe] C:\Users\Admin\AppData\Local\Temp\Rar$EX02.087\downloads\proxy.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Microsoft DLL Registration] C:\Users\Admin\AppData\Roaming\regsrv64.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (file missing)
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O15 - Trusted Zone:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-683F-4D45-B6F1-549188BB79C1} (BMC Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7553A666-683F-4D45-B6F1-549188BB79C1} (BMC Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} (DownloaderActiveX Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 10587 bytes

البرامج المثبتة

====== معلومات نظام التشغيل ======
X86 WIN_7 7600

====== قائمة البرامج المثبتة ======
Update for Microsoft Office 2007 (KB2508958)
µTorrent
7-Zip 9.20
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS
Adobe Reader 8.1.0 - Arabic
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Counter-Strike: Source
D3DX10
FormatFactory 2.20
Fraps
Google Earth
Google Update Helper
HP Photo Creations
HP Update
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) 6 Update 3
Junk Mail filter update
Kaspersky Internet Security 2012
Kaspersky Internet Security 2012
Malwarebytes' Anti-Malware النسخة 1.51.2.1300
Mesh Runtime
Messenger Companion
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTA:SA v1.0.5
MTA:SA v1.1.1
Native Instruments Service Center
Nero 7 Ultra Edition
neroxml
NVIDIA Install Application
NVIDIA Update Components
NVIDIA برنامج تشغيل الرسومات 285.62
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Steam
Swiff Player 1.7.2
System Requirements Lab
System Requirements Lab CYRI
Team Fortress 2
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Script Editor Help (KB963671)
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Live Writer Resources
WinRAR archiver
Yahoo! Detect
أمان العائلة في Windows Live
برامج الجهاز الأساسية HP Deskjet 2050 J510 series
بريد Windows Live
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
تحديثات NVIDIA 1.5.20
صانع الأفلام من Windows Live
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
لوحة تحكم NVIDIA 285.62
مساعد تسجيل الدخول إلى Windows Live
معرض صور Windows Live
معرض صور Windows Live

تقرير رن سكنر

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

البارون · 25 يناير 2012

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نوااف123 · 25 يناير 2012

البارون قال:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اخي حملت البرنامج ثم ظهر لي هل تريد حذف مالويربايت من جهازك
ضغطت لا ولا فتح لي شيء
حاولت اكثر من مرة ..

علي كيوان · 25 يناير 2012

نوااف123 قال:
اخي حملت البرنامج ثم ظهر لي هل تريد حذف مالويربايت من جهازك

نوااف123 قال:
ضغطت لا ولا فتح لي شيء
حاولت اكثر من مرة ..

اخي الفاضل قم بفتح البرنامج كمسؤول

كليلك يمين على البرنامج وتشغيل كمسؤول

الوفاء طبعي · 25 يناير 2012

اخوي شغله كمسؤول وشوف يمشي ولا لا

واذا مامشى الحال حمل المالوير بايت من هالرابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وحدثه بعدها افحص الجهاز زي ما كان مشروح في الرابط اللي عطاك اخوي البارون

الوفاء طبعي · 25 يناير 2012

علي كيوان قال:
اخي الفاضل قم بفتح البرنامج كمسؤول

كليلك يمين على البرنامج وتشغيل كمسؤول

k:

k:

المعذرة يالغالي ما انتبهت لردك :b:

نوااف123 · 25 يناير 2012

Malwarebytes Anti-Malware 1.60.0.1800

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: v2012.01.24.05
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Admin :: ADMIN-PC [administrator]
02/03/33 04:14:17 ص
mbam-log-2012-01-25 (04-14-17).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 354202
Time elapsed: 38 minute(s), 2 second(s)
Memory Processes Detected: 1
C:\Users\Admin\AppData\Roaming\regsrv64.exe (Backdoor.Agent) -> 3328 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 4
HKCR\CLSID\{C1ACFFD6-514E-49DA-B4FF-30D02FEEED14} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4BB1C10E-D349-4C48-A979-1C0E4704A7C5} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCR\Interface\{F4355BF2-0E20-4F5D-916F-A4903A883A48} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/DOWNLOADED PROGRAM FILES/DOWNLOADERACTIVEX.OCX (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\WINDOWS\DOWNLOADED PROGRAM FILES\DOWNLOADERACTIVEX.OCX (Trojan.Downloader) -> Data: 1 -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft DLL Registration (Backdoor.Agent) -> Data: C:\Users\Admin\AppData\Roaming\regsrv64.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|explore r.exe (Trojan.Agent) -> Data: C:\Users\Admin\AppData\Local\Temp\Rar$EX02.087\downloads\proxy.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 6
c:\users\admin\appdata\roaming\qakukk.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Admin\AppData\Roaming\Microsoft\services.exe (Trojan.LVBP) -> Quarantined and deleted successfully.
C:\Users\Admin\Downloads\Nero 7.10.1.0\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\Admin\Downloads\Programs\SoftonicDownloader_for_electronic-piano.exe (PUP.BundleOffer.Downloader.S) -> Quarantined and deleted successfully.
C:\Windows\Downloaded Program Files\DownloaderActiveX.ocx (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Admin\AppData\Roaming\regsrv64.exe (Backdoor.Agent) -> Delete on reboot.
(end)

نوااف123 · 25 يناير 2012

نسيت ان اقول
ظهور رسالة مزعجة كل ما اسكرها تفتح من الكاسبر
هذه هي

ايضاً قبل قليل صار الجهاز ثقيل جداً فتحت ادارة المهام ووجدت عدة تطبيقات مفتوحة باسم ntvb
والـCPU 100 %
اغلقت التطبيقات والحمدلله يرجع سريع .. لكن ستعود هذه التبيقات وستجعل الجهاز ثقيل مرة اخرى

مالحل , جزاكم الله خير

محب المدينه · 25 يناير 2012

بعد اذن الاخوان

حمل برنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

حدث يرنامج الحماية الكاسبر

ادخل للوضع الآمن للويندوز

الطريقة اعد التشغيل واثناء ذلك اضغط على الزر F8 عدة مرات الى أن تظهر شاشة سوداء بها عدة خيارات يمكن التنقل بينها
بالأسهم ,, اختر منها ( Safe Mode ) ثم اضغط على Enter
وانتظر قليلا سوف تظهر رسالة من الويندوز تسأل هل تريد الاستمرار في الوضع الآمن ,, وافق عليه لتدخل الوضع الآمن
للويندوز

افحص الجهاز فحص كامل ( Full Scan ) بالكاسبر

استخدم برنامج CCleaner كما في الطريقة المشروحة في الرابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اعد التشغيل للعودة للوضع الطبيعي

واعطنا تقرير هايجاك جديد

نوااف123 · 25 يناير 2012

تم ولكن عندما رجعت الى الوضع الطبيعي
ظهرت لي رسالة غريبة

وعندما فتحت ادارة المهام وجدت الفايروس مرة اخرى

وهذا تقرير هايجاك جديد

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:18:04 م, on 25/01/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - (no file)
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O15 - Trusted Zone:

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7253A666-683F-4D45-B6F1-549188BB79C1} (BMC Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {7553A666-683F-4D45-B6F1-549188BB79C1} (BMC Control) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 10516 bytes

الوفاء طبعي · 25 يناير 2012

اعمل هالفحص

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نوااف123 · 25 يناير 2012

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 01/25/2012 at 05:52 PM
Application Version : 5.0.1142
Core Rules Database Version : 8159
Trace Rules Database Version: 5971
Scan type : Complete Scan
Total Scan Time : 00:25:15
Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC Off - Administrator
Memory items scanned : 586
Memory threats detected : 0
Registry items scanned : 27031
Registry threats detected : 0
File items scanned : 50589
File threats detected : 28
Adware.Tracking Cookie
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\EX2OUUHH.txt [ /doubleclick.net ]
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VOO5W3JG.txt [ /weborama.fr ]
C:\USERS\ADMIN\Cookies\EX2OUUHH.txt [ Cookie:admin@doubleclick.net/ ]
C:\USERS\ADMIN\Cookies\VOO5W3JG.txt [ Cookie:admin@weborama.fr/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZLPRUDM0.txt [ Cookie:???@adtech.de/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\DV8NHCPV.txt [ Cookie:???@content.yieldmanager.com/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\MSLMVT2L.txt [ Cookie:???@doubleclick.net/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\3046FBV4.txt [ Cookie:???@imrworldwide.com/cgi-bin ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\RA5RRHA2.txt [ Cookie:خاص@atdmt.com/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKK4JYNE.txt [ Cookie:خاص@adtech.de/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFJ5Y9XJ.txt [ Cookie:خاص@imrworldwide.com/cgi-bin ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\16W1NV9X.txt [ Cookie:???@c.atdmt.com/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\J0X81BQZ.txt [ Cookie:???@serving-sys.com/ ]
C:\USERS\خاص\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWW0WY39.txt [ Cookie:???@googleads.g.doubleclick.net/ ]
.doubleclick.net [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.baghdad4ever.net [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.baghdad4ever.net [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.baghdad4ever.net [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.baghdad4ever.net [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\خاص\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

البارون · 25 يناير 2012

سوي تقرير رن سكنر

نوااف123 · 25 يناير 2012

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

على فكرة ترى الفيروس لسى باقي في الجهاز ما انحذف :f:

البارون · 25 يناير 2012

خذ هالملف

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طبق عليه كما بالشرح ...

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبعدها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبعد التشغيل هات تقرير هايجاك جديد

نوااف123 · 25 يناير 2012

اخي عندما فتحت Iteam Fixer
لم تظهر لي ملفات
انظر

البارون · 25 يناير 2012

شغل الاداة حقت الرن سكنر من جديد وسوي فحص بدون تسوي تقرير واخرج من الاداة

حملها من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم بعدين ارجع افتح الملف اللي عطيتك ايه في مشاركتي السابقة

نوااف123 · 25 يناير 2012

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:43:31 م, on 25/01/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16912)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: مساعد رابط Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKLM\..\Run: [PService] C:\Users\Admin\AppData\Roaming\B0AF.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PService] C:\Users\Admin\AppData\Roaming\B0AF.exe
O4 - HKCU\..\Run: [Fckukz] C:\Users\Admin\AppData\Roaming\Fckukz.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1742999202-740037558-147797819-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {C1B7E532-3ECB-4E9E-BB3A-2951FFE67C61} -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 8201 bytes

نوااف123 · 25 يناير 2012

فحصت الجهاز قبل قليل بـ موقع QuickScan
وحسب التقرير الذي ظهر لي انه لا يوجد فايروس او ملفات خطيرة .
لكن لا اعلم اذا الفايروس بيرجع او لآ
التقرير

PHP:

QuickScan 32-bit v0.9.9.103
---------------------------
تاريخ المسح: Wed Jan 25 23:45:28 2012
عنوان الحاسب: B0F433C7



لم يتم العثور على عدوى
----------------------



البرامج
-------
            IEMonitor Application                    3016    C:\Program Files\Internet Download Manager\IEMonitor.exe
            Internet Download Manager (IDM)          3872    C:\Program Files\Internet Download Manager\IDMan.exe
            Microsoft® Windows® Operating System     2940    C:\Windows\explorer.exe
            Microsoft® Windows® Operating System      464    C:\Windows\System32\csrss.exe
            Microsoft® Windows® Operating System      524    C:\Windows\System32\csrss.exe
            Microsoft® Windows® Operating System      588    C:\Windows\System32\lsass.exe
            Microsoft® Windows® Operating System      596    C:\Windows\System32\lsm.exe
            Microsoft® Windows® Operating System      504    C:\Windows\System32\rundll32.exe
            Microsoft® Windows® Operating System      568    C:\Windows\System32\services.exe
            Microsoft® Windows® Operating System      368    C:\Windows\System32\smss.exe
            Microsoft® Windows® Operating System     1564    C:\Windows\System32\spoolsv.exe
            Microsoft® Windows® Operating System     7144    C:\Windows\System32\taskeng.exe
            Microsoft® Windows® Operating System      512    C:\Windows\System32\wininit.exe
            Microsoft® Windows® Operating System      648    C:\Windows\System32\winlogon.exe
            Microsoft® Windows® Operating System     1384    C:\Windows\System32\wuauclt.exe
            Nero Home                                2572    C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
            NVIDIA Update Components                 4064    C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
            NVIDIA User Experience Driver Component  1296    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
            PnkBstrA.exe                             1776    C:\Windows\System32\PnkBstrA.exe
            Windows® Internet Explorer               5180    C:\Program Files\Internet Explorer\iexplore.exe
            Windows® Internet Explorer               5616    C:\Program Files\Internet Explorer\iexplore.exe
تم تفقده    GrooveMonitor Utility                    3420    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
تم تفقده    Microsoft® Windows® Operating System     3048    C:\Windows\servicing\TrustedInstaller.exe
تم تفقده    Microsoft® Windows® Operating System     2828    C:\Windows\System32\dwm.exe
تم تفقده    Microsoft® Windows® Operating System      752    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System      852    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System      908    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1004    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1048    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1592    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1648    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1816    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     3348    C:\Windows\System32\svchost.exe
تم تفقده    Microsoft® Windows® Operating System     1204    C:\Windows\System32\svchost.exe


انشطة الشبكة
------------
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 92.123.208.20
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 79.140.95.179
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 209.85.229.102
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 92.123.208.20
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 209.85.229.102
البرنامج  iexplore.exe (5616) موصول على معبر 80 (HTTP) --> 66.235.142.14

البرنامج  wininit.exe (512) يستمع لمعبر: 49152 (RPC)
البرنامج  services.exe (568) يستمع لمعبر: 49156 (RPC)
البرنامج  lsass.exe (588) يستمع لمعبر: 49159 (RPC)
البرنامج  svchost.exe (852) يستمع لمعبر: 135 (RPC)
البرنامج  svchost.exe (908) يستمع لمعبر: 49153 (RPC)
البرنامج  svchost.exe (1048) يستمع لمعبر: 49154 (RPC)
البرنامج  spoolsv.exe (1564) يستمع لمعبر: 49157 (RPC)


الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
             hpwuSchd Application                    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
            Adobe Acrobat                            C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
            Adobe Systems, Inc. Adobe Gamma Loader   C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
            Fckukz.exe                               C:\Users\Admin\AppData\Roaming\Fckukz.exe
            gf                                       C:\Users\Admin\AppData\Roaming\B0AF.exe
            GrooveShellExtensions Module             C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
            Internet Download Manager (IDM)          C:\Program Files\Internet Download Manager\IDMan.exe
            Internet Explorer                        C:\Program Files\Internet Explorer
            Java(TM) Platform SE Auto Updater 2 0    C:\Program Files\Common Files\Java\Java Update\jusched.exe
            Kaspersky Anti-Virus                     C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
            Kaspersky Anti-Virus                     C:\Windows\system32\klogon.dll
            Microsoft Office OneNote                 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
            Nero AG NeroCheck                        C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
            Nero Home                                C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
            ParetoLogic Update Application           C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
            RealPlayer (32-bit)                      C:\Program Files\Real\RealPlayer\update\realsched.exe
            Steam                                    C:\Program Files\Steam\steam.exe
تم تفقده    Google Update                            C:\Program Files\Google\Update\GoogleUpdate.exe
تم تفقده    Google Update                            C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
تم تفقده    GrooveMonitor Utility                    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
تم تفقده    Microsoft® Windows® Operating System     c:\windows\system32\userinit.exe


وصلات المتصفح
-------------
            AcroIEHelper Library                     c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
            Akamai Download Manager ActiveX Control  C:\Windows\Downloaded Program Files\Manager.exe
            BitDefender QuickScan                    C:\Windows\Downloaded Program Files\qsax.dll
            BMC ActiveX Control Module               C:\Windows\Downloaded Program Files\bmc.ocx
            BMC ActiveX Control Module               C:\Windows\Downloaded Program Files\CONFLICT.1\bmc.ocx
            Google Earth Plugin                      C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
            Google Update                            C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
            Google Update                            C:\Users\Admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
            GrooveShellExtensions Module             C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
            Internet Download Manager Module         c:\program files\internet download manager\idmiecc.dll
            Java(TM) Platform SE 6 U29               c:\program files\java\jre6\bin\jp2ssv.dll
            Java(TM) Platform SE 6 U29               C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
            Kaspersky Anti-Virus                     c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
            Kaspersky Anti-Virus                     c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
            Kaspersky Anti-Virus                     C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin\npurladvisor.dll
            Kaspersky Anti-Virus                     C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin\npvkplugin.dll
            Kaspersky Anti-Virus                     C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin\npabplugin.dll
            Microsoft® Windows® Operating System     C:\Windows\system32\wshbth.dll
            NPSWF32.dll                              C:\Windows\system32\Macromed\Flash\NPSWF32.dll
            RealJukebox NS Plugin                    c:\program files\real\realplayer\Netscape6\nprjplug.dll
            RealNetworks(tm) Chrome Background Exte  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
            RealPlayer Download and Record Plugin    c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
            RealPlayer Version Plugin                c:\program files\real\realplayer\Netscape6\nprpjplug.dll
            RealPlayer(tm) G2 LiveConnect-Enabled P  c:\program files\real\realplayer\Netscape6\nppl3260.dll
            RealPlayer(tm) HTML5VideoShim Plug-In (  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
            Silverlight Plug-In                      C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
            System Requirements Lab                  C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll
            Windows Live® Photo Gallery              C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
            Windows® Internet Explorer               C:\Windows\System32\ieframe.dll
            Yahoo! activeX Plug-in Bridge            C:\Program Files\Yahoo!\Common\npyaxmpb.dll
تم تفقده    Microsoft® Windows Live Login Helper     c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
تم تفقده    Microsoft® Windows® Operating System     C:\Windows\system32\mswsock.dll
تم تفقده    Microsoft® Windows® Operating System     C:\Windows\system32\napinsp.dll
تم تفقده    Microsoft® Windows® Operating System     C:\Windows\System32\nlaapi.dll
تم تفقده    Microsoft® Windows® Operating System     C:\Windows\system32\pnrpnsp.dll
تم تفقده    Microsoft® Windows® Operating System     C:\Windows\System32\winrnr.dll


مسح
---
MD5: 66d4456c920e21bd2188f8cc33680df5  C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MD5: c11f6a1f61481e24be3fdc06ea6f7d2a  c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
MD5: c2ff17734176cd15221c10044ef0ba1a  C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
MD5: 421b260404162f1f00a9618c3f42315b  C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll
MD5: 8112d0dacae746290fc87b3a980fa719  C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MD5: 86f0d0b3a07c142c81dab47e8495a822  C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
MD5: a63e5d51fbdb18afa2ec67cadcb062fd  C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll
MD5: a328a46d87bb92ce4d8a4528e9d84787  C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: 49130b95291f0269689af46a461db034  C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll
MD5: 0c01b2c22322c48d8adae3b9d467e924  C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll
MD5: 6e3245df783e58375b3465f03274743e  C:\Program Files\Common Files\Java\Java Update\jusched.exe
MD5: 2606474eee568d477850952739f16535  C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
MD5: 2cc01434982af2677db422f0892875ff  C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
MD5: 6bcacab447d6d723a4047cc79e60854f  C:\Program Files\Common Files\Steam\SteamService.exe
MD5: 2437be68d5a37a75fad51c5f0e9a03ed  C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af  C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: 5fcdeafde6938f1b9efbb49d16b5587d  C:\Program Files\Internet Download Manager\IDMan.exe
MD5: d1b9b05e24284f53bac514b048215952  c:\program files\internet download manager\idmiecc.dll
MD5: f5a508a2861ba0d6dd869f7a06c55937  C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: c2752cffb1418b0b2174eff338414934  C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: 5005c6512b4f0c0201b0d9a4a62c5428  C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 8ed7c19aefa3673aadb0d6864b03fbce  C:\Program Files\Internet Explorer\iexplore.exe
MD5: dc365b6e595683f67bc21a203432e336  c:\program files\java\jre6\bin\jp2ssv.dll
MD5: 1e96525ae85d402f9f8047f8caef5f06  C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
MD5: 2718dc27571bd1e37813f5759d2dc118  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
MD5: b58849104a5e76875b34f23dcb82efe9  c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
MD5: f6c8e09bb9ddf60d954c1c3d5d43b8bc  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klscav.dll
MD5: 35006646bc1e5684f2a8be96631c69d5  c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
MD5: a0648aa8cb8e519c8f19dbe8b6b615dc  C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\scrchpg.dll
MD5: 451b004c4ace3b84a75cb982627b5e0c  C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
MD5: fd67bab137c3a27d0418baf1bd78fe2e  C:\Program Files\Microsoft Office\Office12\GrooveUtil.DLL
MD5: ce6db25ffa35fd051c503f11db745862  C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: b498a14133bd09ad0817590ace4470ad  C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: 09d7b04dabd7df49cd5ee881d8e22482  C:\Program Files\NVIDIA Corporation\Display\NvUI.dll
MD5: 32d659e8cb7e09b7c98ee76b0b061be7  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
MD5: af5d8f1784364774bdb3746f841c97a3  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
MD5: 4f00aee1b05f6c10cc78d1fc11148553  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
MD5: 003cb0a155568b4a53a301f07c734233  C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
MD5: a514c4518d25c9ecfd765d8912aa6b27  c:\program files\real\realplayer\Netscape6\nppl3260.dll
MD5: 8eb61c97b476268228393bcc607fd39b  c:\program files\real\realplayer\Netscape6\nprjplug.dll
MD5: db97b6d30f8cfcbf00537ff7a74ae12d  c:\program files\real\realplayer\Netscape6\nprpjplug.dll
MD5: 4f8dd1cea5412541283f1e9ee02f7ab2  C:\Program Files\Real\RealPlayer\update\realsched.exe
MD5: 67384147dd005e54d2c0a20408e28579  C:\Program Files\Steam\steam.exe
MD5: 77fbd400984cf72ba0fc4b3489d65f74  C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: 987d6532b72a9132f16663b605573a71  C:\Program Files\Yahoo!\Common\npyaxmpb.dll
MD5: 9dba702a134869f39a6bfd5923db17bc  c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
MD5: 8fbed84a67cd0d424428b32b17b6e5c9  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
MD5: cc021b4bac2edc0789fe42d45b183959  C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
MD5: ffe794c8618f1e81a642c057556e82d7  C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.397_0\plugin\npurladvisor.dll
MD5: a34a10e1b5375ff8d0f6f85f93b863d7  C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin\npvkplugin.dll
MD5: 268bf86145b0e8f496e4a78218b49574  C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin\npabplugin.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af  C:\Users\Admin\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: eb70c81355fa1ff2a2f4a9c542f98c7a  C:\Users\Admin\AppData\Roaming\B0AF.exe
MD5: a91d7a2c9603f6d4389e167b4dcb996a  C:\Users\Admin\AppData\Roaming\Fckukz.exe
MD5: 0c6da141572e1f90f98968fdc7177913  C:\Windows\Downloaded Program Files\bmc.ocx
MD5: ed96c741fe0e9222f63a97c5d91fac74  C:\Windows\Downloaded Program Files\CONFLICT.1\bmc.ocx
MD5: a7e770b48cb0b6eb979fa6c518b1b518  C:\Windows\Downloaded Program Files\Manager.exe
MD5: b8f613ac24cc3c706029e602e2d5ddbf  C:\Windows\Downloaded Program Files\qsax.dll
MD5: 1697c39978cd69f6fbc15302edcece1f  C:\Windows\ehome\ehRecvr.exe
MD5: 2af58d15edc06ec6fdacce1f19482bbf  C:\Windows\explorer.exe
MD5: 8b794ae6d5c7d42092804bc39a2eb8f6  c:\windows\system32\AEPIC.dll
MD5: 5f3bdb02d64443efca7dd9248619c962  C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 225e83f591113adec764afba0ab12593  C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: cb44e805bb7c0c9bc3b8a66a59bb300a  C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: 0a58da99321d95944e796541a716cbf5  C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: ea93d50a341350321c96208f651408d0  C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: 61490bbf4d7c399bd42af6b63960fb92  C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 267aff1ea665dbe422276601989efff3  C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 792fc8e77dc71a5f095c32d3a5c78ea1  C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: 84cb9832f03a6aa1929636f5d9e7e298  C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3927fdfe073338428a24160e427e87a3  C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 56b798396b5ad9fb064528b638a6008f  C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: 77895ba5c5cdcfef66419a03b6a4cdad  C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: 88955bce0a301ca342562be24415d9cc  C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 308823c5a58a4022fedd8f4db3f99a25  C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 75959d7e5ef8fd7e7e17f40f63f3cc66  C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 2ff5b43393e8f2c46135ac33e842b076  C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: a5750894aefe1d57cf8c460ea4065748  C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: b3758364d42bbdba18383f010fb7cfcd  C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 20f76c488929b6288733888bffe62f65  C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: 11e5a68a159bf13bcf0538bec894e0ce  C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 5cccf830959345f0b8bcc2a0dfac11b5  C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: daef44b6ff4aec4533bab3761310d4a5  C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 62ad339f7420b022509edac1d9fd7ba1  C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: c13d2932297d3597fea7b6902efc117d  C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: cdc1f7b46fc7b0b8c88df0cfbda2eb2c  C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: 69ac43aae61eec7625726b377ccaaa13  C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: 5710b9bd7a3e4f716402b8119004eb48  C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: a2903ece1d115fea38bb07e01c122b5e  C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: fabfc817547eabb19b74849cef410622  C:\Windows\system32\authui.dll
MD5: 9a595df601070da78c40481120dd2c06  C:\Windows\system32\basesrv.DLL
MD5: f45ed8c4f9af862cd9992849b5203c11  C:\Windows\system32\bitsigd.dll
MD5: 704a8b68374e6309b8d67f997fd3034b  c:\windows\system32\bitsperf.dll
MD5: 9092668daf4061898fd3f2c19d8c7f85  C:\Windows\system32\CLUSAPI.DLL
MD5: 50ba656134f78af64e4dd3c8b6fefd7e  C:\Windows\system32\cngaudit.dll
MD5: 53831de9162c6c2378574b59eb786bf1  C:\Windows\system32\corpol.dll
MD5: d3d01fd81e6b3d041815015fdd8341df  C:\Windows\system32\CSRSRV.dll
MD5: 342271f6142e7c70805b8a81e1ba5f5c  C:\Windows\System32\csrss.exe
MD5: b8473011f59a6aa2b35e84aa19d707cf  C:\Windows\system32\d3d10_1.dll
MD5: 029e2a480ce2020df097e535a2311712  C:\Windows\system32\d3d10_1core.dll
MD5: 990a58a0b01720e419b55efc5ff387f8  C:\Windows\System32\dhcpcore6.dll
MD5: 62390f4ace9e2b63e3ca26b7f7497897  C:\Windows\system32\DNSAPI.dll
MD5: b15be77a2bacf9c3177d27518afe26a9  C:\Windows\System32\dnsrslvr.dll
MD5: 0db7a48388d54d154ebec120461a0fcd  C:\Windows\system32\drivers\afd.sys
MD5: 19ce906b4cdc11fc4fef5745f33a63b6  C:\Windows\system32\drivers\amdsata.sys
MD5: 869e67d66be326a5a9159fba8746fa70  C:\Windows\system32\drivers\amdxata.sys
MD5: 9a5c671b7fbae4865149bb11f59b91b2  C:\Windows\system32\DRIVERS\bowser.sys
MD5: fcf500c9e89e193e038dcfcdba6aa032  C:\Windows\System32\Drivers\BtHidBus.sys
MD5: 88059ff1ded4472acd17eebabd393069  C:\Windows\System32\Drivers\BTHport.sys
MD5: 80e6384beec03b8bd45edea29802d657  C:\Windows\System32\Drivers\BTHUSB.sys
MD5: 36c252e474b2ffa0f0fbbff20d92a640  C:\Windows\System32\Drivers\cng.sys
MD5: 83d1ecea8faae75604c0fa49ac7ad996  C:\Windows\System32\Drivers\dfsc.sys
MD5: 1679a4669326cb1a67cc95658d273234  C:\Windows\System32\drivers\dxgkrnl.sys
MD5: 71f1a494fedf4b33c02c4a6a28d6d9e9  C:\Windows\system32\drivers\iaStorV.sys
MD5: a99b28d267c4d661d976975db9c6726f  C:\Windows\system32\DRIVERS\idmwfp.sys
MD5: 71e1fc547cc488d5cd7bf0860c96f5af  C:\Windows\System32\Drivers\IvtBtBus.sys
MD5: 186b54479d98e48aee0e9ada4b3c4d31  C:\Windows\system32\DRIVERS\kl1.sys
MD5: bf485bfba13c0ab116701fd9c55324d0  C:\Windows\system32\DRIVERS\kl2.sys
MD5: af04d0ce7939324e9a605b159295706c  C:\Windows\system32\DRIVERS\klif.sys
MD5: 6295a19003f935ecc6ccbe9e2376427b  C:\Windows\system32\DRIVERS\klim6.sys
MD5: 3de1771c135328420315e21dde229bba  C:\Windows\system32\DRIVERS\klmouflt.sys
MD5: 0263364acb9c834ace52fb85c2c064ec  C:\Windows\System32\Drivers\ksecdd.sys
MD5: 27391db553be2a4e2b0adeea2873b2af  C:\Windows\System32\Drivers\ksecpkg.sys
MD5: 01cc7fb6e790ef044b411377f3a1ff41  C:\Windows\system32\DRIVERS\LHidFilt.Sys
MD5: a2e7eae8898d7b4b8c302b8f4e836bb5  C:\Windows\system32\DRIVERS\LMouFilt.Sys
MD5: ddfa88e36d5f8db5fbdbdddc4969db0a  C:\Windows\System32\Drivers\LUsbFilt.Sys
MD5: ca7570e42522e24324a12161db14ec02  C:\Windows\system32\DRIVERS\mrxsmb.sys
MD5: f965c3ab2b2ae5c378f4562486e35051  C:\Windows\system32\DRIVERS\mrxsmb10.sys
MD5: 25c38264a3c72594dd21d355d70d7a5d  C:\Windows\system32\DRIVERS\mrxsmb20.sys
MD5: 66b4bf606fcc7f0622d4a21bb1461089  C:\Windows\system32\DRIVERS\nvlddmkm.sys
MD5: f1b0bed906f97e16f6d0c3629d2f21c6  C:\Windows\system32\drivers\nvraid.sys
MD5: 4520b63899e867f354ee012d34e11536  C:\Windows\system32\drivers\nvstor.sys
MD5: d96ea49ab9a9174331bc023fd0cadc18  C:\Windows\system32\DRIVERS\rminiv3.sys
MD5: 564297827d213f52c7a3a2ff749568ca  C:\Windows\System32\Drivers\RootMdm.sys
MD5: 7dfd48e24479b68b258d8770121155a0  C:\Windows\system32\DRIVERS\Rt86win7.sys
MD5: d15da1ba189770d93eea2d7e18f95af9  C:\Windows\System32\Drivers\sptd.sys
MD5: 898a81cf4b599f870f94f2f59f00a3a7  C:\Windows\system32\drivers\srs_sscfilter.sys
MD5: c4a027b8c0bd3fc0699f41fa5e9e0c87  C:\Windows\System32\DRIVERS\srv.sys
MD5: 414bb592cad8a79649d01f9d94318fb3  C:\Windows\System32\DRIVERS\srv2.sys
MD5: ff207d67700aa18242aaf985d3e7d8f4  C:\Windows\System32\DRIVERS\srvnet.sys
MD5: 56c198ac82efa622dd93e9e43575f79c  C:\Windows\System32\drivers\tcpip.sys
MD5: c31ae588e403042632dc796cf09e30b0  C:\Windows\system32\DRIVERS\usbccgp.sys
MD5: e4c436d914768ce965d5e659ba7eebd8  C:\Windows\system32\DRIVERS\usbehci.sys
MD5: bdcd7156ec37448f08633fd899823620  C:\Windows\system32\DRIVERS\usbhub.sys
MD5: eb2d819a639015253c871cda09d91d58  C:\Windows\system32\drivers\usbohci.sys
MD5: 1c4287739a93594e57e2a9e6a3ed7353  C:\Windows\system32\DRIVERS\USBSTOR.SYS
MD5: 22480bf4e5a09192e5e30ba4dde79fa4  C:\Windows\system32\DRIVERS\usbuhci.sys
MD5: 63ef70b7bfb875436d5983e3c77f0681  C:\Windows\system32\DRIVERS\vpchbus.sys
MD5: 2559494dc74877afce97c6f75e4b7020  C:\Windows\system32\DRIVERS\vpcnfltr.sys
MD5: ac0adad2ad5a166100cf59fb9a7880b7  C:\Windows\system32\DRIVERS\vpcusb.sys
MD5: 7a806cc4416fe9b1b9c091e31bc638bc  C:\Windows\system32\drivers\vpcvmm.sys
MD5: 60cc965a89e2072ebd26d63d5e1e1d18  C:\Windows\system32\dwmcore.dll
MD5: 91f434ff6606ed9bdc6a05d651b69553  C:\Windows\system32\efslsaext.dll
MD5: d720800c2aa3c6889b538011ed6c6b1b  c:\windows\system32\ESENT.dll
MD5: 8898c95862d03d16b2a06db4db6bb6b2  C:\Windows\system32\EXPLORERFRAME.dll
MD5: f34cfada6c48daa41b996d24c7d8d3ca  C:\Windows\system32\fdPnp.dll
MD5: 7fe4995528a7529a761875151ee3d512  c:\windows\system32\fntcache.dll
MD5: c87f28a34b3840f4b40011d170b1a159  C:\Windows\system32\FVECERTS.dll
MD5: d5cc5113671ac70993a5b46923212f16  C:\Windows\System32\FXSMON.DLL
MD5: df649fa45c0a12c89e3735d4ccdb39a1  C:\Windows\System32\hpinksts8711LM.dll
MD5: 12e9654d04ef03fcc95cdbd966bd0455  C:\Windows\System32\ieframe.dll
MD5: a71393be61db2046b13197298a0fb4fc  C:\Windows\System32\iepeers.dll
MD5: 0a17693daae940c17e579791c150c534  C:\Windows\system32\iertutil.dll
MD5: f9e41d28f2dc8fb8af5cde317021ae26  C:\Windows\system32\IEUI.dll
MD5: 258a532cffaad910b5b14f27dcd7bfb3  C:\Windows\System32\inetpp.dll
MD5: 7852e03bb44413b0b4c987040c1d0ad8  C:\Windows\system32\IPROP.dll
MD5: 867c1b8b0dc55d2ffef3c51989eb7079  C:\Windows\System32\jscript.dll
MD5: 48744c796f25a52b2c229686eb86edd5  C:\Windows\system32\kerberos.DLL
MD5: 7e99a20c758abb5ae89c7aeea3a9aeb2  C:\Windows\SYSTEM32\kernel32.dll
MD5: acf24c46a6eada7621940d8f2511f906  C:\Windows\system32\KERNELBASE.dll
MD5: 8fe8d71756ea302293f2df4f3bdf94c7  C:\Windows\system32\klogon.dll
MD5: 55ca01ba19d0006c8f2639b6c045e08b  C:\Windows\System32\lmhsvc.dll
MD5: 724a74ba9b5832a91562d2ac393e540b  C:\Windows\System32\localspl.dll
MD5: 00eaa109e049942bed01a65215efe86f  C:\Windows\system32\lsasrv.dll
MD5: c2243ff9e9aad0c30e8b1a0914da15b6  C:\Windows\System32\lsass.exe
MD5: 398dc10274c0cb861338cfc56e727c9f  C:\Windows\System32\lsm.exe
MD5: f6062bdc377e93c8dc21ea77086f84f1  C:\Windows\system32\Macromed\Flash\Flash10m.ocx
MD5: 3306893c1944eaa156e9173c5a1a080e  C:\Windows\system32\Macromed\Flash\NPSWF32.dll
MD5: f7b5ccb751411908e8088d2eaf832778  C:\Windows\system32\msfeeds.dll
MD5: 9b2203a026436b0ce445819356619c06  C:\Windows\System32\mshtml.dll
MD5: 387a8a473ecc5ba02cf453277c1f3274  c:\windows\system32\mspatcha.dll
MD5: c90878913df3dc504790282043db5f4c  C:\Windows\system32\msprivs.DLL
MD5: bd669749eaeff96773b5f8d0a43e0068  C:\Windows\System32\msxml3.dll
MD5: 5f856156f709df40b42d36ae8a0f0695  C:\Windows\System32\msxml6.dll
MD5: 5f610783fbf01f9885d80a1db1a2f220  C:\Windows\system32\NCI.dll
MD5: a4cc7227a452c4909f9499d91b184364  C:\Windows\system32\NCObjAPI.DLL
MD5: 3f2deafc463d75611cb9c5e36a8ccf15  c:\windows\system32\ncsi.dll
MD5: 6dcfaec6d1334aa6cdf8961db4633cbf  C:\Windows\system32\negoexts.DLL
MD5: c5b5ccdbf8ed1475240313ed88234e3f  C:\Windows\system32\netcfgx.dll
MD5: c1ae600c554a0ebc6cd211541fa6815f  C:\Windows\system32\netjoin.dll
MD5: eaa75d9000b71f10eec04d2ae6c60e81  C:\Windows\system32\netlogon.DLL
MD5: ba387e955e890c8a88306d9b8d06bf17  c:\windows\system32\nsisvc.dll
MD5: 2e92b666a7cc8af174d4445be8fdb0ed  C:\Windows\SYSTEM32\ntdll.dll
MD5: 8213b024ae8dc1d6e9c84a198d5ec86b  C:\Windows\system32\nvapi.dll
MD5: 28258611658971a2ec462742edd66e59  C:\Windows\system32\nvd3dum.dll
MD5: 83b67c5b62b6acaaa38744d4dd0d4003  C:\Windows\system32\nvshext.dll
MD5: d122f7c5f79c68868f5dc28cefeb2ecf  C:\Windows\system32\nvvsvc.exe
MD5: 5764c381949147ebcfb9a7134e2abf06  C:\Windows\system32\ODBC32.dll
MD5: e2c2d8c982316c8abf800c6ce3f28fab  C:\Windows\system32\ole32.dll
MD5: 4d59a5b6ef0af6f9fdf3d157534380af  C:\Windows\system32\OLEACC.dll
MD5: 705c210efc5564be49eb026bd7aff27a  C:\Windows\system32\OLEAUT32.dll
MD5: 7e82616bee76bf5eaa5b30f681414e21  C:\Windows\system32\perftrack.dll
MD5: 37cc990d4e2cdfae12ac47f6b620fc13  C:\Windows\system32\pku2u.DLL
MD5: 2862a3819bbc9757dd27bac41a4e0a3e  C:\Windows\System32\pnidui.dll
MD5: 3a2bdd76e7d2a5f40a7174793d1ba794  C:\Windows\System32\PnkBstrA.exe
MD5: dda6cfd632dcb8d9c72ada58799bf776  C:\Windows\System32\PrintIsolationProxy.dll
MD5: 7ffd52d73352806969d424ef327d10a7  C:\Windows\system32\radardt.dll
MD5: 75dd1448b57d1f9382a8b59ed8e3790b  C:\Windows\System32\raschap.dll
MD5: 98963bd29723a373009b017e87be9ce8  C:\Windows\system32\rasppp.dll
MD5: 9015ee5171bcb15653da27024bd27128  C:\Windows\system32\RESUTILS.DLL
MD5: 4bef53964dc519550ee030253fc1e25e  C:\Windows\system32\SAMSRV.dll
MD5: 26073302daea83cc5b944c546d6b47d2  C:\Windows\system32\scecli.DLL
MD5: 1c9cdbdf895a556e66aebfd93a36b536  C:\Windows\system32\SCESRV.dll
MD5: 3369d021265e369d57317d61fa86dd79  C:\Windows\system32\scext.dll
MD5: 83041697ae93aa4b783ae8746904edd2  C:\Windows\system32\schannel.DLL
MD5: df1e5c82e4d09cf8105cc644980c4803  c:\windows\system32\schedsvc.dll
MD5: 71402c7923f6b7f8acb48e50f35463e7  C:\Windows\system32\SearchIndexer.exe
MD5: b4c246937bdb3e50b24698ee811074bf  C:\Windows\system32\secur32.dll
MD5: 5f1b6a9c35d3d5ca72d6d6fdef9747d6  C:\Windows\System32\services.exe
MD5: 16742790895960690237a5143cedec8b  C:\Windows\System32\smss.exe
MD5: 4b9e4ce667df26ada061aa81e9aa841d  C:\Windows\system32\SPFILEQ.dll
MD5: dbd10464e7246c9e722025debc093d01  C:\Windows\system32\spool\PRTPROCS\W32X86\winprint.dll
MD5: 629181c26a78eb66b0b4e774e5ac2882  C:\Windows\System32\SPOOLSS.DLL
MD5: d1bb750eb51694de183e08b9c33be5b2  C:\Windows\System32\spoolsv.exe
MD5: 4c287f9069fedbd791178876ee9de536  C:\Windows\system32\sppsvc.exe
MD5: 8f6bf790d3168224c16f2af68a84438c  c:\windows\system32\srvsvc.dll
MD5: 2f94e3709f029512a1bd8f6c108d7b62  C:\Windows\system32\SSCORE.DLL
MD5: 361bf6f1988f4effdb9bf6747d530015  C:\Windows\System32\SspiCli.dll
MD5: 16a5a583ba6f4160eed2b630f0cfc122  C:\Windows\system32\SspiSrv.dll
MD5: 364455805e64882844ee9acb72522830  C:\Windows\system32\sxssrv.DLL
MD5: 8c7fe6b9559204765849bff308764fa5  C:\Windows\System32\SyncCenter.dll
MD5: 04105c8da62353589c29bdaeb8d88bd8  c:\windows\system32\sysmain.dll
MD5: ba51ffe170c5b3ae8ec4f5bd2581a29e  C:\Windows\system32\SYSNTFY.dll
MD5: ef8808fea65723214d79734bdb79ebf6  C:\Windows\system32\taskcomp.dll
MD5: f8952e80b7f778da2f7aa8393ca2d30e  C:\Windows\System32\taskeng.exe
MD5: 21012407e8c74aa72bbb485b0fc197fe  C:\Windows\system32\taskschd.dll
MD5: eafc149cd3bd78c443e31bb157841197  C:\Windows\system32\tbs.dll
MD5: b390c1d825c7687493bede237c6c2f25  C:\Windows\System32\tcpmon.dll
MD5: a739793f1a4f04b66e2444e90ae9e694  C:\Windows\system32\tspkg.DLL
MD5: 7222995615bf93b628dcea4bd6ccacf7  C:\Windows\system32\UBPM.dll
MD5: 91da0906b27adc98b7cc9d17f6f8227c  C:\Windows\system32\umb.dll
MD5: 71def5ec79774c798342d0ea16e41780  c:\windows\system32\umpnpmgr.dll
MD5: 6814300419c92b2b99ce4aae4d1ba17a  C:\Windows\system32\upnp.dll
MD5: 94951a18965bd4d2a42b428e8ebfad84  C:\Windows\system32\urlmon.dll
MD5: 923cdd30092db73ec4a0ebcddd16c686  C:\Windows\System32\usbmon.dll
MD5: a12829e9974f57e9b5dbfea7c93190f6  C:\Windows\system32\UXINIT.dll
MD5: 582c191f861d18b8c937fb9859b80e9c  C:\Windows\system32\vpnike.dll
MD5: 5ae88135c6a86fcd67ba16afbb1c8389  C:\Windows\system32\wbem\esscli.dll
MD5: f148865e4ac4f715e322ea06e6e21d84  C:\Windows\system32\wbem\ncprov.dll
MD5: 371e3b05894549113d07cd3081ed55ef  C:\Windows\system32\wbem\repdrvfs.dll
MD5: 801211dcfd6414ffa48bca661a76c6fa  C:\Windows\system32\wbem\wbemcore.dll
MD5: b350509b6c9296529bc464c60feeaef1  C:\Windows\system32\wbem\wbemess.dll
MD5: 0e7441be4d8c31c7f94d4e09af8339c8  C:\Windows\system32\wbem\wmidcprv.dll
MD5: b8f4a6990a6295159792b4ad189d460d  C:\Windows\system32\wbem\wmiprvsd.dll
MD5: 7790b77fe1e5ee47dcc66247095bb4c9  C:\Windows\system32\wbengine.exe
MD5: 6d9b75275c3e3a5f51aef81affadb2b6  C:\Windows\System32\wcncsvc.dll
MD5: 23d5ae191d918bb82fd8027e1ba869d4  C:\Windows\system32\wdiasqmmodule.dll
MD5: bb5ec38f8d4600119b4720bc5d4211f1  C:\Windows\System32\webclnt.dll
MD5: a86a1c5df1c662d1c75815bf4794f16d  C:\Windows\system32\webio.dll
MD5: 4262220b609ad082ce66914172597a96  C:\Windows\System32\webservices.dll
MD5: 9a6dedbe309aa0ce2c31ee6799b38e4f  C:\Windows\System32\werconcpl.dll
MD5: 2873dfe622f4a3929d93f7bc85ade13e  c:\windows\system32\wevtsvc.dll
MD5: 019c372b1a9da73a22d0d35a4d40f5c9  C:\Windows\system32\wfapigp.dll
MD5: e0fe1259d88a89493098d9269144fd5f  C:\Windows\system32\wiarpc.dll
MD5: 2f998e1fca7749e836fdfafe88de9237  C:\Windows\System32\win32spl.dll
MD5: cc9bbcfc715fbedf7ae476106fe653e9  C:\Windows\system32\WINHTTP.dll
MD5: 7f5b51faca193430346970283c50769f  C:\Windows\system32\WININET.dll
MD5: b5c5dcad3899512020d135600129d665  C:\Windows\System32\wininit.exe
MD5: 37cdb7e72eb66ba85a87cbe37e7f03fd  C:\Windows\System32\winlogon.exe
MD5: 008f51ae989c3df1cbaf8b39dc423ccc  C:\Windows\system32\winsrv.DLL
MD5: 633c2c060cf857099f6c4f8d75c952b1  C:\Windows\system32\wls0wndh.dll
MD5: d412b1b72c5ab020218e9a047d90ca05  C:\Windows\system32\WMsgAPI.dll
MD5: 374b26395852a9092bde2e4c8d4d0c8d  C:\Windows\System32\WSCAPI.dll
MD5: a661a76333057b383a06e65f0073222f  c:\windows\system32\wscsvc.dll
MD5: 7fd5532c142db6c9cc47aa4dcf71fdec  C:\Windows\System32\wscui.cpl
MD5: 206eccf79765e9f3fc6cca04114ee058  C:\Windows\System32\wsdapi.dll
MD5: a8eb761de499242becf153b2b34f020e  C:\Windows\System32\WSDMon.dll
MD5: 596371a825c6abb55e436b6f0966a24f  C:\Windows\System32\wsnmp32.dll
MD5: dd4400813589985677a363f8a589cd02  C:\Windows\system32\wuapi.dll
MD5: b0da80ff42a0819d162a86612896aaf2  C:\Windows\System32\wuauclt.exe
MD5: a33408cc036f9c08142b11be5e93f0a1  c:\windows\system32\wuaueng.dll
MD5: f6ad68cc45f5630a01ac4178cef10384  C:\Windows\system32\wucltux.dll
MD5: 2b3d64e795f6080e02cfcd9b8553ae2f  C:\Windows\system32\wups2.dll
MD5: 0c2ae180d8c35f723ba13a16aa9ac453  C:\Windows\System32\XmlLite.dll
MD5: 5b3d1c528cd6674ff6bd1f6720f5a686  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\cbscore.dll
MD5: 4ccf86aad1b67168fb51a477307ec288  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
MD5: 8896ef6deba34c5507a488729a1d3af2  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
MD5: c9b89e87cb6d87fa4cc3f04ebc9f3d1c  C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
MD5: d3ead1cf16ba729a7f7c9a5d94aa7c05  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\COMCTL32.dll
MD5: 4b8dd8541c0e26602005dd0137333615  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\COMCTL32.dll


لم يتم تحميل اي ملف

انتهاء المسح - تم الاتصال خلال 2 ثواني
الحجم الاجمالي - تم ارسال 0.01 ميجابايت و تم استقبال 1.29
تم مسح 875 ملف و برنامج - 86 ثواني

==============================================================================

نوااف123 · 26 يناير 2012

للاسف رجع الفايروس قبل قليل

زيزوومى متألق

زيزوومى فضى

توقيع : البارون

زيزوومى متألق

زيزوومى محترف

توقيع : علي كيوان

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومى متألق

زيزوومى متألق

عضوشرف

توقيع : محب المدينه

زيزوومى متألق

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومى متألق

زيزوومى فضى

توقيع : البارون

زيزوومى متألق

زيزوومى فضى

توقيع : البارون

زيزوومى متألق

زيزوومى فضى

توقيع : البارون

زيزوومى متألق

زيزوومى متألق

زيزوومى متألق