جهازي مخترق , الحقوني يا ناس !!

[ReD_F0X]

السلام عليكم

مثل ماقريتوا بالعنوان , جهازي مخترق وجاتني شاشة فيها علم السعودية وتقول ان عندي مقاطع فيديو عنف للأطفال ومقاطع اباحية ولابد اني ادفع مبلغ قيمة 300 دولار والا سوف تحول هذه الملفات للمحكمة الشرعية , طبعاً هو نصب في نصب لأن ماعندي اي شيء من القبيل بس يحاول يبتزني !

طيب وش الحل الأن , كيف اعرف وين الثغرات واسدها ؟

والأفضل اني احلها الأن ولا اسوي فورمات واريح راسي !!

هذا تقرير الجهاز !

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:52:36 PM, on 08/02/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\YCIII\YankClip.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Mansour\iy4zowdz16.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [iy4zowdz16] C:\Users\Mansour\iy4zowdz16.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yankee Clipper III.lnk = C:\Program Files\YCIII\YankClip.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe (file missing)

--
End of file - 9495 bytes


وهذا رابط Runscanner

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

QuickScan 32-bit v0.9.9.105
---------------------------
تاريخ المسح: Wed Feb 08 13:48:47 2012
عنوان الحاسب: 569D1C0D



لم يتم العثور على عدوى
----------------------



البرامج
-------
Avira Antivirus Premium 2012 3560 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Firefox 13512 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 8516 C:\Program Files\Mozilla Firefox\plugin-container.exe
Firefox 11692 C:\Program Files\Mozilla Firefox\plugin-container.exe
IEMonitor Application 4000 C:\Program Files\Internet Download Manager\IEMonitor.exe
Internet Download Manager (IDM) 3592 C:\Program Files\Internet Download Manager\IDMan.exe
Microsoft® Windows® Operating System 3100 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 6040 C:\Windows\System32\slui.exe
Microsoft® Windows® Operating System 2920 C:\Windows\System32\taskhost.exe
Synaptics Pointing Device Driver 3536 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yankee Clipper III 3744 C:\Program Files\YCIII\YankClip.exe
تم تفقده Microsoft® Windows® Operating System 3004 C:\Windows\System32\dwm.exe


انشطة الشبكة
------------
البرنامج firefox.exe (13512) موصول على معبر 443 (HTTP over SSL) --> 173.194.70.83
البرنامج firefox.exe (13512) موصول على معبر 443 (HTTP over SSL) --> 84.235.77.80



الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Avira Antivirus Premium 2012 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yankee Clipper III C:\Program Files\YCIII\YankClip.exe


وصلات المتصفح
-------------
AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
Avira Antivirus Premium 2012 C:\Program Files\Avira\AntiVir Desktop\avsda.dll
Babylon IE Addin c:\program files\babylon\babylon-pro\utils\babyloniepi.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
hssie.dll c:\program files\hotspot shield\hssie\hssie.dll
Internet Download Manager Module c:\program files\internet download manager\idmiecc.dll
Java Deployment Toolkit 7.0.0.147 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java(TM) Platform SE 7 c:\program files\java\jre7\bin\jp2ssv.dll
Java(TM) Platform SE 7 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files\microsoft office\office14\urlredir.dll
Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Skype Toolbars c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.DLL
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


الملفات الناقصة
---------------
الملف C:\Users\Mansour\iy4zowdz16.exe غيرموجود
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"iy4zowdz16"

الملف C:\Windows\system32\regedit.exe غيرموجود
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Regedit32"


مسح
---
MD5: 8082f66dc9c8167ff1aa548736f58457 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 25b2e79c22171a84b1a4c339c3da5df7 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
MD5: dbb40b2415e5422c12c9976a1f50e68b C:\Program Files\Avira\AntiVir Desktop\avguard.exe
MD5: a3ce36db0f4043695d1dfcf05ee58623 C:\Program Files\Avira\AntiVir Desktop\avipc.dll
MD5: b0bca3b6a95d02287bb9a48224e39b5a C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
MD5: 679526eb47e16b592a38c88207b3e024 C:\Program Files\Avira\AntiVir Desktop\avsda.dll
MD5: 834070ebf5d387cf22df76ec2e30e899 C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
MD5: 38bb3a957479be6c30d773b0283b6bc2 c:\program files\avira\antivir desktop\ccgen.dll
MD5: 488f1dc78753e74310728a76881ac649 c:\program files\avira\antivir desktop\ccgenrc.dll
MD5: 7b142a25150c9dcd485a0774af1dfe70 c:\program files\avira\antivir desktop\ccgrdrc.dll
MD5: 1149fd74ca024ffe3875b412e8054e2c c:\program files\avira\antivir desktop\ccgrdw.dll
MD5: 6ecb96e157527c88868302f0968a4431 c:\program files\avira\antivir desktop\ccguard.dll
MD5: 6c8193b775982e72464f62cdd1ea1129 c:\program files\avira\antivir desktop\cclic.dll
MD5: ab025ddbecb0f371cecdfffefd1fe952 c:\program files\avira\antivir desktop\cclicrc.dll
MD5: 112fc772de6cedca5946aa2bc99e79f2 c:\program files\avira\antivir desktop\ccmainrc.dll
MD5: 2dd7a4be600cefe373dd3bc1ed062cb1 c:\program files\avira\antivir desktop\ccmgrdrc.dll
MD5: a49378f454286b6312b18a1a881f3898 c:\program files\avira\antivir desktop\ccmguard.dll
MD5: 839429fc240fe66ae33b29f88c071e13 c:\program files\avira\antivir desktop\ccmsg.dll
MD5: 3733d0055891e27e7a3aa26f6f63b5ca c:\program files\avira\antivir desktop\ccmsgrc.dll
MD5: 320989a731d24c081c9abc46895d3047 c:\program files\avira\antivir desktop\ccupdate.dll
MD5: 9678ae557078136d1894f7472408a7dd c:\program files\avira\antivir desktop\ccupdrc.dll
MD5: 1fb558c3871120be1073dd4b6a169fed c:\program files\avira\antivir desktop\ccwgrd.dll
MD5: b62ee5ab021a9d54cd94d63c236b0cbb c:\program files\avira\antivir desktop\ccwgrdrc.dll
MD5: 136d02d851e35e5baf38ed0d17d963c2 c:\program files\avira\antivir desktop\ccwgrdw.dll
MD5: 5b2fd4a971e132bc8b1a1195505f323d C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
MD5: 15143de858fc6b33bcdd7d9afd7d2541 c:\program files\avira\antivir desktop\cfglib.dll
MD5: c9f14eafc5e20e19acf50928f554889e c:\program files\avira\antivir desktop\gpipc.dll
MD5: 87ee0f0cd8ef04630b7b955a1bed36b6 C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
MD5: d8a28e0fca1d620df4ff581b937adf13 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
MD5: d2ca88edb24bb59a830eb2d404c1915c C:\Program Files\Avira\AntiVir Desktop\sched.exe
MD5: f476c9fa7ac26ed83a673e797d68f27f C:\Program Files\Avira\AntiVir Desktop\shlext.dll
MD5: d31766c4aa42ae828b3e1d9a382fc413 c:\program files\babylon\babylon-pro\utils\babyloniepi.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 8a3ba48b5be893e1d81bfac17a3c1b1f c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 62b7936f9036dd6ed36e6a7efa805dc0 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: 5d60c9fbd6cbd192c91a3a4ed1759af9 C:\Program Files\Common Files\Ahead\DSFilter\NeBDGraphic.ax
MD5: 2e9a323b863aec4e5afbb18ac2979dad C:\Program Files\Common Files\Ahead\DSFilter\NeBDThumbnail.ax
MD5: d409df65b6f791f58f090c73cb21bf5a C:\Program Files\Common Files\Ahead\DSFilter\NeFLVSplitter.ax
MD5: e6da46eb36bc8dd25cd6c84e228dbf2a C:\Program Files\Common Files\Ahead\DSFilter\NeMP4Splitter.ax
MD5: 816afb8a76d1f9e2f7291d95a3a42eac C:\Program Files\Common Files\Ahead\DSFilter\NeOggSplitter.ax
MD5: 66979e2fb8afeef8d590015bebb68c6c C:\Program Files\Common Files\Ahead\DSFilter\NeQTDec.ax
MD5: c1ca3c165e9d831f5363cef417df5d73 C:\Program Files\Common Files\Ahead\DSFilter\NeResize.ax
MD5: 0be0516f15d564afb6a39fbc7695e5e5 C:\Program Files\Common Files\Ahead\DSFilter\NeSplitter.ax
MD5: 45d47bc6dc0dabccc062f78eac0cb39a C:\Program Files\Common Files\Ahead\DSFilter\NeSubpicture.ax
MD5: a328a46d87bb92ce4d8a4528e9d84787 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MD5: 61980095ae5d02b1e9d2ed604a90c1bf c:\program files\google\google toolbar\googletoolbar_32.dll
MD5: 27626506e07795bb6357f7f2ef78a90b C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
MD5: 6b1dc08d22231c9e508a715f07fce7fb C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
MD5: 564bab77cd96ce0e3fd5bbcdded142df C:\Program Files\Hotspot Shield\bin\hsswd.exe
MD5: 44452f7a09d00573dc6e714874257cc9 C:\Program Files\Hotspot Shield\bin\openvpnas.exe
MD5: dd56e3271d8d63d655454b3f5c0f5c01 c:\program files\hotspot shield\hssie\hssie.dll
MD5: 2cfea9c337b699aca38487e8a7438f35 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
MD5: 61341439b1d325cac99613062892c7d8 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 5c98d62e888cbcac78ce27a0e855f4fa C:\Program Files\Internet Download Manager\idmcchandler.dll
MD5: 46ec6d0d65fd03d36f9b750d11c22639 c:\program files\internet download manager\idmiecc.dll
MD5: 706dd70fe7ea8b4362e7a4817ff6baf8 C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: 718335f6e466d4f03e9995300d756d42 C:\Program Files\Internet Download Manager\IDMNetMon.DLL
MD5: 7232b8747e3884f8715290187eb6611e C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 53fe2d34b143efdb80685281e751b91c C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: ca1972397b845b2f53f5dc63c22fd98a C:\Program Files\iPod\bin\iPodService.exe
MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 1dda8c123f1ed811d32aeddbc69bd740 c:\program files\java\jre7\bin\jp2ssv.dll
MD5: c617e32f8ba7eaf1245290ce70fa3568 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
MD5: 4326e350beea92c0555ec6318af85a07 C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MD5: dd4401190884dadbd4a5acf4267fba6b C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MD5: e8913ec08f74efa6b810f7273888d7d5 C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkx.dll
MD5: 8ef0fec8ea55674dced3a0202fc2b47e C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MD5: 80988e29b182d7c0b5d1d941f4ea3928 C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MD5: 04e6c60e6a81e5ab0eba5f5cb89dda7a C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MD5: f608e666ad4156d0f08db6f5298c8b91 C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll
MD5: 5c1731ac593d9e62a501c15615b6f60d C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MD5: 8714a0c12077f85cf09c93cd5e56c608 C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVAudio.ax
MD5: fb54c658a63bc6391b5ff55a481ad015 C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVSplitter.ax
MD5: 77203bb21ab09b4d3fd73336737ea4ed C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVVideo.ax
MD5: be5a5db7d36383e09162d09ddd16dd09 C:\Program Files\K-Lite Codec Pack\Filters\LAV\libbluray.dll
MD5: 49d150d307f938e10ce69964560b5cbb C:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
MD5: 5c3739f97d09caf8abcc0a1f14c82a49 C:\Program Files\K-Lite Codec Pack\Filters\libFlac.dll
MD5: a6549e3d8196829311bca50da7c2699b C:\Program Files\K-Lite Codec Pack\Filters\madFlac.ax
MD5: a2680035053554d8a893e806fda79049 C:\Program Files\K-Lite Codec Pack\Filters\mmamr.ax
MD5: c9c0b335d920e6cc4c38f397017c0dc2 C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdec.ax
MD5: c4289b35c71a401567bf5931f5d82cf9 C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdmx.ax
MD5: 085574f70323b1842f076e6de899a78b C:\Program Files\K-Lite Codec Pack\Filters\vp7dec.ax
MD5: b3995d7631a0ad20241a58e84fcaaf9b C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll
MD5: 7fba60e461326274ff354f7537481027 C:\Program Files\K-Lite Codec Pack\Filters\WavPackDSDecoder.ax
MD5: 707cb15443f8915701c3b0b747c2b799 C:\Program Files\K-Lite Codec Pack\Filters\WavPackDSSplitter.ax
MD5: 676ccc08d9e9a3f4ca39cb04e97048df C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MD5: 26fef9aac9f9f265dee995547d84c055 C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
MD5: fb8c6a46eaf7585d2ca8583c4c9a8edf C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 c:\program files\microsoft office\office14\urlredir.dll
MD5: a7057e1fb47203ff55bced30572f2664 C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MD5: 58ef42056bab230268143e15ab4509bf C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor80.dll
MD5: 4cb4054659abeeef925b153e2290e634 C:\Program Files\Mozilla Firefox\firefox.exe
MD5: d08d8b6306638a0ea7d95666165bb7fe C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: 69793b6f19bdc9c5ae671e89adcfa226 C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: 674ad9717fe2026f484bf232fc47e28f C:\Program Files\Mozilla Firefox\MOZCPP19.dll
MD5: 89d0ef2f8282b36bea6ce3482e8c577f C:\Program Files\Mozilla Firefox\MOZCRT19.dll
MD5: 47a91e11a42f115d094dee60ec144ad7 C:\Program Files\Mozilla Firefox\mozjs.dll
MD5: f56c38796e2d3a82517bd9c55a6107a7 C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MD5: 2016d8e53579693fbcf59718dde836b4 C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: 70307aaa18fcc82c1b73f82107da9d76 C:\Program Files\Mozilla Firefox\nss3.dll
MD5: 1985fe5d5022dec52e030e01e129ffec C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: 1b732fb5914612e596f0d57ff9c0f5bd C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: ffad522e94add9fd60d5fa6d41d237ea C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 770f78dbd5c76dcea4968c936e836ad4 C:\Program Files\Mozilla Firefox\plc4.dll
MD5: a374095556e72de21174173e6800b7fc C:\Program Files\Mozilla Firefox\plds4.dll
MD5: fd67e2c52f62995c3cf1d6d720eeb66f C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
MD5: 8830a12fa2b2f7b9b1d7b04b56e7469f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 53fe2d34b143efdb80685281e751b91c C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 35a2c59e2f1963a9afcac9a959f076a6 C:\Program Files\Mozilla Firefox\smime3.dll
MD5: c35b493f498764e43b35b313b51f5f08 C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: d4b4f877ee533e8b766c67ff54e73d5d C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: 79b19878f2240152c0e5ea8202e12003 C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: 848d0c1ac744b36501eede14d0bb72d8 C:\Program Files\Mozilla Firefox\xul.dll
MD5: 5836b9e91863a00ec1b8e785efd86ecb C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: b2ed04ee6c687d260a2e3e7830330961 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
MD5: cc057f3eb4f9cff12b2e61a48c518d00 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
MD5: bad6a333613786540454044d8cd94524 c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 6e240d6c2f0db74bed13ad723d3ab0a1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: 3b40d3a61aa8c21b88ae57c58ab3122e C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: f11fe030158f8ef14a56a3ea9e9bd47d C:\Program Files\WinRAR\rarext.dll
MD5: 046bcdf0793e96dc6d7a4c780ee73ce6 C:\Program Files\YCIII\YankClip.exe
MD5: 9ebb2e95501396554e7eb414fff02a90 C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\mozilla_cc@internetdownloadmanager.com\components6\idmmzcc.dll
MD5: 6b9ecf45d72b1b47bea6fbfd62925634 C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}\components\RadioWMPCoreGecko8.dll
MD5: 5edc8bd84719baeec3683e35c15ee75e C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll
MD5: 777d526938bbe233dbd46a10eb934dfa C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: a8c362018efc87beb013ee28f29c0863 C:\Windows\ehome\ehRecvr.exe
MD5: 26f2383a97cd632e883f0644f3bff700 C:\Windows\ehome\ehtrace.dll
MD5: 220cb0483df610a1b9be9a38145b1de8 C:\Windows\ehome\MSTVCapn.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\explorer.exe
MD5: c521d7eb6497bb1af6afa89e322fb43c C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
MD5: f476ec40033cdb91efbe73eb99b8362d C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
MD5: 2c49b175aee1d4364b91b531417fe583 C:\Windows\servicing\TrustedInstaller.exe
MD5: 9a39a2a5f443a756c568c6ed5748afe4 C:\Windows\System32\Actioncenter.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\system32\actxprxy.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\system32\ADVAPI32.dll
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: fb1959012294d6ad43e5304df65e3c26 C:\Windows\System32\appinfo.dll
MD5: b19505648f033393e907e2e419fde8b3 C:\Windows\system32\atiesrxx.exe
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: ce3b4e731638d2ef62fcb419be0d39f0 C:\Windows\System32\Audiosrv.dll
MD5: cdd35c1ce1ebfe80c055691cdc8df443 C:\Windows\system32\authui.dll
MD5: 6e30d02aac9cac84f421622e3a2f6178 C:\Windows\System32\AxInstSV.dll
MD5: 67c1b58706b47eeba4e117ac197289e6 C:\Windows\system32\BatMeter.dll
MD5: 1e2bac209d184bb851e1a187d8a29136 C:\Windows\System32\bfe.dll
MD5: 45760eecc8b74b251171be4f247f17cb C:\Windows\system32\browcli.dll
MD5: 6e11f33d14d020f58d5e02e4d67dfa19 C:\Windows\System32\browser.dll
MD5: e3d5e244807ad655787fcd25477cc1bc C:\Windows\System32\bthprops.cpl
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: 319c6b309773d063541d01df8ac6f55f C:\Windows\System32\certprop.dll
MD5: 3ffaea12666e565ff51bf2fca674f543 C:\Windows\system32\CFGMGR32.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\system32\comdlg32.dll
MD5: 92fb57d9d865019d26346eb13e15cd75 C:\Windows\System32\CPFilters.dll
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\system32\CRYPT32.dll
MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\CRYPTUI.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\CSCAPI.dll
MD5: 57a51217581614de07f30e34d6bb4993 C:\Windows\System32\CSCDLL.dll
MD5: cf4274ceea9f7791fb7fc40a066bc2c7 C:\Windows\System32\cscobj.dll
MD5: 15f93b37f6801943360d9eb42485d5d3 C:\Windows\System32\cscsvc.dll
MD5: 3ec541c196de18ed9a0d0ac82a694d4c C:\Windows\System32\cscui.dll
MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 284b59d7b56fc76c80e622ab856b1fab C:\Windows\System32\davclnt.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 33ef4861f19a0736b11314aad9ae28d0 C:\Windows\System32\dnsrslvr.dll
MD5: 366ba8fb4b7bb7435e3b9eacb3843f67 C:\Windows\System32\dot3svc.dll
MD5: 8ec04ca86f1d68da9e11952eb85973d6 C:\Windows\system32\dps.dll
MD5: 7713e4eb0276702faa08e52a6e23f2a6 C:\Windows\system32\DRIVERS\avgntflt.sys
MD5: c9fb8c3d650ef8bd76865ec20a19a5bc C:\Windows\system32\DShowRdpFilter.dll
MD5: 497e59d9f01c6f247e72222a61835119 C:\Windows\system32\dwmcore.dll
MD5: 754afc50022c95da7c86b7020db78136 C:\Windows\system32\dwmredir.dll
MD5: 0a5c7253183a6f956d10a3a4bbc96288 C:\Windows\system32\dwrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: addb05c93272a62606599b24730bd645 C:\Windows\system32\dxp.dll
MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\Windows\system32\EhStorAPI.dll
MD5: 813845d5c5d8325ca5e8b1f547016378 C:\Windows\System32\EncDec.dll
MD5: 53af1750fd45ddd705c9b68c7dc58827 C:\Windows\System32\EVR.dll
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\EXPLORERFRAME.dll
MD5: 1e8d06aae74fed674c1156b3fea911c2 C:\Windows\system32\Faultrep.dll
MD5: b3a5ec6b6b6673db7e87c2bcdbddc074 C:\Windows\system32\FntCache.dll
MD5: d0481fb85beedd30a0884be327880f80 C:\Windows\System32\framedynos.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: 967ea5b213e9984cbe270205df37755b C:\Windows\system32\fxssvc.exe
MD5: 19bc13711ac403feb830522e4831701b C:\Windows\System32\gameux.dll
MD5: e87f5393f7d8ce2facc4dff703531392 C:\Windows\system32\GDI32.dll
MD5: e897eaf5ed6ba41e081060c9b447a673 C:\Windows\System32\gpsvc.dll
MD5: c7952d0a4c43a965a1741916bb134751 C:\Windows\System32\hgcpl.dll
MD5: 7319102526bd11b45fd66335cf90ca12 C:\Windows\System32\HotStartUserAgent.dll
MD5: 691e93028b8723e05b4a637be77380dd C:\Windows\system32\ieframe.DLL
MD5: 1416ab557be700fa117323b6b8f32882 C:\Windows\system32\iertutil.dll
MD5: f95622f161474511b8d80d6b093aa610 C:\Windows\System32\ikeext.dll
MD5: b2fd31e20b423335fe3273b4bf95813c C:\Windows\system32\imagehlp.dll
MD5: 2d11bc8b460957e62e4420373a0d8bda C:\Windows\system32\imapi2.dll
MD5: 4a8e2f20809cc161107faa94f6cf2685 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\System32\IPHLPAPI.DLL
MD5: 4d65a07b795d6674312f879d09aa7663 C:\Windows\System32\iphlpsvc.dll
MD5: 53946b69ba0836bd95b03759530c81ec C:\Windows\System32\ipsecsvc.dll
MD5: 00f48a9d03f672f7ebe601ffa9bb6f28 C:\Windows\System32\itvdata.dll
MD5: e570cbd732848438eac574eb3442a2a8 C:\Windows\system32\kernel32.dll
MD5: a9f8e23c1fc00190376b11ffad9de6c6 C:\Windows\system32\KERNELBASE.dll
MD5: 196b4e3f4cccc24af836ce58facbb699 C:\Windows\system32\kmsvc.dll
MD5: 6658f4404de03d75fe3ba09f7aba6a30 C:\Windows\system32\ListSvc.dll
MD5: 81951f51e318aecc2d68559e47485cc4 C:\Windows\System32\lsass.exe
MD5: de3745a51b7ac7fedc356a83f76c8023 C:\Windows\system32\Macromed\Flash\NPSWF32.dll
MD5: 477b711ebf491226fa40301290f66bac C:\Windows\System32\MCEWMDRMNDBootstrap.DLL
MD5: bfb9ee8ee977efe85d1a3105abef6dd1 C:\Windows\system32\Mcx2Svc.dll
MD5: 3206adc4d06bb764c9a4936c8e22708c C:\Windows\System32\mediametadatahandler.dll
MD5: 2a2c442f00b45e01d4c882eea69a01bc C:\Windows\system32\MFC100ENU.DLL
MD5: f3de10aabd5c7a1a186c9966f037d0c0 C:\Windows\system32\mfc100u.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\system32\MMDevAPI.DLL
MD5: bc10595fb4ca9d9c07a08ef1a736f301 C:\Windows\System32\mp43decd.dll
MD5: 44e27c2346456b3618600bdd05207031 C:\Windows\System32\mp4sdecd.dll
MD5: e9aef26aeebfaab901fab3d93677df98 C:\Windows\System32\Mpeg2Data.ax
MD5: 246560c5b7995489f25bf9175f2b6380 C:\Windows\System32\mpg2splt.ax
MD5: 5c84a43fefe565bbba574c552e3a56c8 C:\Windows\System32\mpg4decd.dll
MD5: 9835584e999d25004e1ee8e5f3e3b881 C:\Windows\system32\mpssvc.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\system32\MSASN1.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 7069aab8536f29ed7323140973a2894b C:\Windows\system32\msdmo.dll
MD5: 3a16ea01fcfaab40882db5bfee632322 C:\Windows\system32\MsftEdit.dll
MD5: 0ce4d3bd306da6d1f6f233c403f5b667 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 3de43bfdaf3f8979699650202aa18b12 C:\Windows\System32\msmpeg2vdec.dll
MD5: 56ceed370508f69a1ba04939bd1badda C:\Windows\system32\MSUTB.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\system32\MSVCP100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\system32\MSVCR100.dll
MD5: c335ec1182ac10b188705554e0bc1186 C:\Windows\system32\MSVFW32.dll
MD5: 59d16c3d5cc0d573256a01783ed5ccb4 C:\Windows\System32\msvidctl.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
MD5: 8ce1a6d16b9077e91e192499eb611c5f C:\Windows\system32\NETAPI32.dll
MD5: eab975db4c2805927fe5bd047d05c9aa C:\Windows\System32\netshell.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\Windows\system32\NetworkExplorer.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\System32\nlaapi.dll
MD5: c30a91ade8c9cb91e4281ec83c4500c6 C:\Windows\SYSTEM32\ntdll.dll
MD5: d7b7159bc8374e87d8c45a30377a3440 C:\Windows\System32\ntlanman.dll
MD5: eb77db354791a5932ca559b6f6374e95 C:\Windows\system32\ntshrui.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\system32\ole32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\system32\OLEAUT32.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\OLEPRO32.DLL
MD5: f748f53fe09d21d8ecbb6421e6792024 C:\Windows\system32\OneX.DLL
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 3d6f22551d422f97aacb0bb927e4c846 C:\Windows\System32\pnidui.dll
MD5: e98278865e8daba21cfe5fe4be34210a C:\Windows\system32\PortableDeviceApi.dll
MD5: c8333f1f77a1b2e25f2202e892caf634 C:\Windows\system32\prnfldr.dll
MD5: 43ca4ccc22d52fb58e8988f0198851d0 C:\Windows\system32\profsvc.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\System32\provsvc.dll
MD5: 68dca1777d7224a79a9dc3d47bed6d32 C:\Windows\System32\psisrndr.ax
MD5: 02530b0b7e048dd5ac8d52daeacaeb2b C:\Windows\System32\QAgent.dll
MD5: 61d57a5d7c6d9afe10e77dae6e1b445e C:\Windows\system32\qagentRT.dll
MD5: a54e92ae753d4bc63fe71f010f76ef04 C:\Windows\system32\qasf.dll
MD5: 92df43a9cdd39c67f2b2d2f98799e086 C:\Windows\system32\qdv.dll
MD5: 68783e77d401e6392ea6579ebcef16c8 C:\Windows\system32\qdvd.dll
MD5: 44b13b356c737b628e73833b07cbbf72 C:\Windows\System32\qedit.dll
MD5: e585445d5021971fae10393f0f1c3961 C:\Windows\System32\qmgr.dll
MD5: 0ae0c4955e1de29ccdc9da1b816fe5ee C:\Windows\system32\quartz.dll
MD5: bd626ef05967d14c772b8096292731a3 C:\Windows\System32\QUtil.dll
MD5: cb9e04dc05eacf5b9a36ca276d475006 C:\Windows\System32\rasmans.dll
MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RICHED20.dll
MD5: b5506b451bfe7148eca7056bda2970bd C:\Windows\system32\RICHED32.DLL
MD5: 6400774e903729add0a62a24a334ee56 C:\Windows\system32\RPCRT4.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 7660f01d3b38aca1747e397d21d790af C:\Windows\system32\rpcss.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\samcli.dll
MD5: 1affb765af1fdcc0c185c38e9ddddaee C:\Windows\system32\schannel.DLL
MD5: a04bb13f8a72f8b6e8b4071723e4e336 C:\Windows\system32\schedsvc.dll
MD5: 08236c4bce5edd0a0318a438af28e0f7 C:\Windows\System32\SDRSVC.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 69678722290c78d5d7198c60b5a4e3e8 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\system32\SETUPAPI.dll
MD5: f14a9b1778376d0b1788e402ac1f831a C:\Windows\System32\shacct.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
MD5: 699b9dda17581b8e7f50a0ff05c7e102 C:\Windows\system32\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\system32\SHLWAPI.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 8d556c98576bf35c7a0c81429e0f7530 C:\Windows\System32\slui.exe
MD5: 788a402d0fcc43662ba8b73c85c63c7f C:\Windows\system32\slwga.dll
MD5: 2cfa4569350b7f84f815e9ec34e85766 C:\Windows\system32\SndVolSSO.DLL
MD5: 866a43013535dc8587c258e43579c764 C:\Windows\System32\spoolsv.exe
MD5: 8e4b58e12b3fa65ed1462846906e0b59 C:\Windows\System32\SPPC.DLL
MD5: 7a3afe50417b94910a6dae1d07df6e3a C:\Windows\system32\sppcext.dll
MD5: e3ae23569749de12d45ba3b489a036ae C:\Windows\system32\sppcomapi.dll
MD5: 00ffc4b151593d4f188ae12c5ee7014a C:\Windows\System32\sppcommdlg.dll
MD5: cf87a1de791347e75b98885214ced2b8 C:\Windows\system32\sppsvc.exe
MD5: 7773ad40221ecbbd18053ec75aff229b C:\Windows\system32\sppuinotify.dll
MD5: ce292c4c10b8db6070f262ea2733f0dc C:\Windows\System32\sqmapi.dll
MD5: 674b0c0f6a448eb185caab9c51d44032 C:\Windows\System32\srchadmin.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: d64af876d53eca3668bb97b51b4e70ab C:\Windows\system32\srvsvc.dll
MD5: 4a054c853031616d161a84becf281f47 C:\Windows\system32\SspiCli.dll
MD5: 912649a1b3f9e6acb3899fbdaba2ed5f C:\Windows\system32\stobject.dll
MD5: 6a1e8deb746912df47cf651e138401d7 C:\Windows\System32\StructuredQuery.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 2ddea2c345da5bc589efd398f220db0e C:\Windows\System32\SyncCenter.dll
MD5: 390951d528c971215ac220ba12f60dec C:\Windows\system32\SynCOM.dll
MD5: 20a20a911cd79a6f6839167149a05668 C:\Windows\system32\syncui.dll
MD5: a7fa423e62ca375d0b12b752c446568f C:\Windows\system32\SynTPAPI.dll
MD5: 36650d618ca34c9d357dfd3d89b2c56f C:\Windows\system32\sysmain.dll
MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\Windows\system32\t2embed.dll
MD5: 763fecdc3d30c815fe72dd57936c6cd1 C:\Windows\System32\TabSvc.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 7fa8ba5a780e4757964ac9d4238302b9 C:\Windows\System32\taskhost.exe
MD5: 544eff88ac6c85df5a4d6f18dfe08cfc C:\Windows\system32\taskschd.dll
MD5: 382c804c92811be57829d8e550a900e2 C:\Windows\System32\termsrv.dll
MD5: 672d7c5080acb003343006405da2e621 C:\Windows\system32\thumbcache.dll
MD5: 83c9840cf87a0ca55526327801716d27 C:\Windows\system32\timedate.cpl
MD5: b4cddaff4d69b0e9edbf5751db5a5193 C:\Windows\System32\tvratings.dll
MD5: c9708c9f3dba3dbfb1d2fee1e9dabad0 C:\Windows\system32\twext.dll
MD5: ec7bc28d207da09e79b3e9faf8b232ca C:\Windows\system32\umpnpmgr.dll
MD5: f87d30e72e03d579a5199ccb3831d6ea C:\Windows\system32\umpo.dll
MD5: 409994a8eaceee4e328749c0353527a0 C:\Windows\System32\umrdp.dll
MD5: 814638f572f497d96b17bf254113d9a4 C:\Windows\system32\urlmon.dll
MD5: be8c64439f1e2af088063218c16eb9fe C:\Windows\system32\USER32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\system32\USP10.dll
MD5: 370349f79315d4db86cd992cacefee61 C:\Windows\system32\van.dll
MD5: 4d6262d5cffa7d932126d2b85c373f87 C:\Windows\System32\VBICodec.ax
MD5: 373a87dbfd387ddc54375f547834fbbd C:\Windows\System32\vbisurf.ax
MD5: c3cd30495687c2a2f66a65ca6fd89be9 C:\Windows\System32\vds.exe
MD5: 209a3b1901b83aeb8527ed211cce9e4c C:\Windows\system32\vssvc.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 691e3285e53dca558e1a84667f13e15a C:\Windows\system32\wbengine.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\System32\webio.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\System32\wer.dll
MD5: 1869bd251211fb6275067372a45682d6 C:\Windows\System32\werconcpl.dll
MD5: e1fb3706030fb4578a0d72c2fc3689e4 C:\Windows\System32\wiaservc.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\System32\WINHTTP.dll
MD5: 02f98b5c0e397ad06124d84428cf8f1a C:\Windows\system32\WININET.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9419abf3163b6f0e3ad3dd2b381c879f C:\Windows\system32\WinSCard.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: 2d0d2da87bea7144f2a17f19d0d17e4c C:\Windows\system32\WINTRUST.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: 58405e4f68ba8e4057c6e914f326aba2 C:\Windows\System32\wkssvc.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\system32\WLDAP32.dll
MD5: ff3c5379de4fd18498c255d096fed3f5 C:\Windows\System32\WMADMOD.DLL
MD5: 394117608eb031e622d4812e67746f09 C:\Windows\System32\WMDRMSDK.DLL
MD5: 65b76f79ba94cf8837d556d4c9067773 C:\Windows\system32\WMSPDMOD.DLL
MD5: 402d0425a26a0660bc1299a5854a4785 C:\Windows\System32\wmvdecod.dll
MD5: 9e44d3d2d1d2da5ed565d471e350f1cd C:\Windows\System32\wmvsdecd.dll
MD5: aa53356d60af47eacc85bc617a4f3f66 C:\Windows\system32\wpdbusenum.dll
MD5: 735263da17bf5baf9ccd483843bf9d5a C:\Windows\system32\wpdshserviceobj.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\system32\WS2_32.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\System32\WSCAPI.dll
MD5: 7fd5532c142db6c9cc47aa4dcf71fdec C:\Windows\System32\wscui.cpl
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: 3026418a50c5b4761befa632cedb7406 C:\Windows\system32\wuaueng.dll
MD5: 8d1e1e529a2c9e9b6a85b55a345f7629 C:\Windows\System32\WUDFSvc.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\xmllite.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 0029eba325f2fc9b6ba46bee33f32a09 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll


لم يتم تحميل اي ملف

انتهاء المسح - تم الاتصال خلال 2 ثواني
الحجم الاجمالي - تم ارسال 0.02 ميجابايت و تم استقبال 1.49
تم مسح 647 ملف و برنامج - 38 ثواني

==============================================================================






====== معلومات نظام التشغيل ======

X86 WIN_7 7601 Service Pack 1


====== قائمة البرامج المثبتة ======

µTorrent
1Click DVD Converter 2.2.0.5
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira Antivirus Premium 2012
Babylon
Bonjour
CCleaner
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Folder Marker Pro v 3.2
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Hotspot Shield 2.24
Infix 5.07
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 7
JDownloader 0.9
K-Lite Mega Codec Pack 7.7.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 8.0 (x86 en-US)
Nero 7 Ultra Edition
QuickTime
Recover My Files
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Skype Click to Call
Skype™ 5.5
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update for Microsoft Outlook Social Connector (KB2583935)
VLC media player 1.1.11
Web2Pic Pro
Windows Media Player Firefox Plugin
WinRAR archiver
Yankee Clipper III
Your Uninstaller! 7

 

[علي همر]

من رخصة اخي البارون

طبق التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

 

[البارون]

اخوي ارسلت لك رسالة طبق الفحص

 

[ReD_F0X]

طيب يا اخوان , انا الأن سويت حاجات كثيرة وقريت رسالة الأخ في الرسائل الخاصة وحاولت اطبق تقريباً 90 % من الي موجود في الموضوع القديم

الي سويته :

1- سويت هايجاك للكمبيوتر وحاولت ادور بعض الأمور الي لازم احذفها

2- سويت runscanner واي حاجه تحتاج لها فيكس سويت لها تصليح !

3- استخدمت برنامج المولويربايت وحذفت كل الملفات الخطره

4- حذفت كل برامج التولبار

5- حاولت اني استخدم برنامج Tdsskiller لكن لما يشتغل يجني زي العداد يمشي لما يوصل لين 40% يقولي can't load driver , ولما اسوي بحث يستمر لمدة ثانيه ويطفي ! , ولما احاول اخليه يشتغل كالمسؤول مو راضي !

6- نزلت kaspersky viruse removal ولما احاول اثبت البرنامج يجيني خطأ يقول " في خطأ في الريجستري اعمل ريستارات " , نزلت برنامج حق ريجستري وسويت تعديل ولا زال مو راضي يثبت
بعدين رحت خليت الكمبيوتر في Safe Mode وثبت البرنامج وسويت بحث على النظام ولما تحصل على ملفات خطرة حذفتها كلها , لكن لما اسوي بحث مرة ثانيه تجيني نفس الملفات الي حذفتها !

7- سويت حركة الدوس الي مكتوبه في الموضوع الماضي !

8- حذفت كل برامج الحماية ولما احاول انزل واحد يثبت في الجهاز لكن ما يشتغل معاي ابداً !!

9- نزلت برنامج superantispyware , ولما استخدمته طلع ملفات خطره وحذفت الملفات

10 اخيراً لما سويت ريستارات تفاجأت بشاشة زرقاء والكمبيوتر مو راضي يشتغل رحت في النهايه وضغط على f8 وحطيت على Last known configration ورجع معاي يشتغل !



بعد كل هـ الخطوات اتمنى من احد الاخوان ان يكون معاي حبه حبه ويقرا كل تقرير ويطالع الموضوع من اوله !

والله اني عارف اني انزعجتكم كثير بس وش اسوي , ما ودي اسوي فورمات ومعتمد على الله ثم عليكم والله

 

[ReD_F0X]

الأن بسوي تقارير حقت الهاجيك و رن سكانر و البرامج المثبته

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:57 PM, on 12/02/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\YCIII\YankClip.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\Mansour\AppData\Local\Temp\zxq2\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yankee Clipper III.lnk = C:\Program Files\YCIII\YankClip.exe
O4 - Startup: _uninst_.lnk = C:\Users\Mansour\AppData\Local\Temp\_uninst_.bat
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS4\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe (file missing)

--
End of file - 8784 bytes

 

[ReD_F0X]

up.....................

 

[البارون]

لا خطاء اللي سويته بملف الرن سكنر ممكن تكون حذفت شيء له علاقة بالدريفرات او النظام

طبق التالي عشان تسوي استعادة للملفات


وهنا لا قدر الله حذفت بل خطأ ملف مهم تستطيع استعادته لان البرنامج يقوم بحفظ الملفات ألمجذوفة بل تاريخ والساعة

انا كنت ابيك تسوي اللي في الرابط حق الخطوات اللي ادرجته في الرساله

المهم

رجاء تابع معي ورح اتابع موضوعك ان شاء الله لحد ماتنتهي​

 

[ReD_F0X]

ياخي تعبت وانا احاول اضيف الهاجاك والأن لي نص ساعه احاول انزل الرنسكانير ومو راضي كلا يعلق المنتدى ! , في مشكلة ولا حاجه ؟

 

[البارون]

ماشاء الله جهازك نظيف تقريبا مابقي شيء

باقي خطوات ننفذها تكفى امشي معي خطوة خطوة

عندك اسطوانة وندوز سفن اخوي​

 

[ReD_F0X]

اي معاي , بس مو اصليه طبعاً

 

[ReD_F0X]

Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/02/2012 7:10:37 PM
mbam-log-2012-02-12 (19-10-37).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 326596
Time elapsed: 47 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

[ReD_F0X]

====== معلومات نظام التشغيل ======
X86 WIN_7 7601 Service Pack 1
====== قائمة البرامج المثبتة ======
µTorrent
1Click DVD Converter 2.2.0.5
Active@ Password Changer Professional
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Apple Application Support
Apple Mobile Device Support
Babylon
Bonjour
CCleaner
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Folder Marker Pro v 3.2
Google Update Helper
Hotspot Shield 2.24
Infix 5.07
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 7
JDownloader 0.9
K-Lite Mega Codec Pack 7.7.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 8.0 (x86 en-US)
Nero 7 Ultra Edition
QuickTime
Recover My Files
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Skype Click to Call
Skype™ 5.5
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update for Microsoft Outlook Social Connector (KB2583935)
Web2Pic Pro
Windows Media Player Firefox Plugin
WinRAR archiver
Yankee Clipper III
Your Uninstaller! 7

 

[ReD_F0X]

up

 

[البارون]

اخوي صلى على النبي والامور بروية العجله لا خير فيها

ابي تقرير رن سكنر​

 

[ReD_F0X]

Runscanner logfile

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

* = signed file
- = file not found

General info
------------
Computer name : MANSOUR-PC
Creation time : 12/02/2012 5:16:10 PM
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 9.0.8112.16421
OS : Windows 7 Ultimate
OS Build : 7601
OS SP : Service Pack 1
RunScanner Version : 2.0.0.50
User Language : Arabic (Saudi Arabia)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
* C:\Windows\System32\atieclxx.exe (AMD)
* C:\Windows\System32\atiesrxx.exe (AMD)
* C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
* C:\Program Files\Hotspot Shield\bin\hsswd.exe
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
* C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
* C:\Windows\System32\notepad.exe (Microsoft Corporation)
* C:\Program Files\Hotspot Shield\bin\openvpnas.exe
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics, Inc.)
* C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
* C:\Windows\System32\audiodg.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
C:\Program Files\YCIII\YankClip.exe (inteleXual.com)
C:\Zyzoom_Forum_Tools\zyzoom.exe

Unrated items
-------------
002 * C:\Users\Mansour\AppData\Local\Temp\zxq2\mbam.exe (Malwarebytes Corporation)
004 C:\Program Files\YCIII\YankClip.exe (inteleXual.com)
007 C:\Program Files\YCIII\YankClip.exe (inteleXual.com)
010 * C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (hsssrv.exe)
010 * C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE (HssTrayService.EXE)
010 * C:\Program Files\Hotspot Shield\bin\hsswd.exe (hsswd.exe)
010 * C:\Program Files\Hotspot Shield\bin\openvpnas.exe (openvpnas.exe)
011 c:\windows\system32\drivers\1394ohci.sys (1394ohci.sys)
011 c:\windows\system32\drivers\ACPI.sys (ACPI.sys)
011 c:\windows\system32\drivers\acpipmi.sys (acpipmi.sys)
011 c:\windows\system32\DRIVERS\adp94xx.sys (adp94xx)
011 c:\windows\system32\DRIVERS\adpahci.sys (adpahci)
011 c:\windows\system32\DRIVERS\adpu320.sys (adpu320)
011 C:\Windows\system32\drivers\afd.sys (afd.sys)
011 c:\windows\system32\DRIVERS\AgileVpn.sys (AgileVpn.sys)
011 c:\windows\system32\drivers\agp440.sys (agp440.sys)
011 c:\windows\system32\DRIVERS\AGRSM.sys (AGRSM.sys)
011 c:\windows\system32\DRIVERS\djsvs.sys (aic78xx)
011 c:\windows\system32\drivers\aliide.sys (aliide)
011 c:\windows\system32\drivers\amdagp.sys (amdagp.sys)
011 c:\windows\system32\drivers\amdide.sys (amdide)
011 c:\windows\system32\DRIVERS\amdk8.sys (amdk8.sys)
011 c:\windows\system32\DRIVERS\amdppm.sys (amdppm.sys)
011 c:\windows\system32\drivers\amdsata.sys (amdsata)
011 c:\windows\system32\DRIVERS\amdsbs.sys (amdsbs)
011 c:\windows\system32\drivers\amdxata.sys (amdxata)
011 c:\windows\system32\DRIVERS\arc.sys (arc)
011 c:\windows\system32\DRIVERS\arcsas.sys (arcsas)
011 c:\windows\system32\drivers\atapi.sys (atapi.sys)
011 c:\windows\system32\DRIVERS\atikmdag.sys (atikmdag)
011 c:\windows\system32\DRIVERS\b57nd60x.sys (b57nd60x.sys)
011 C:\Windows\system32\drivers\Beep.sys (Beep.sys)
011 c:\windows\system32\DRIVERS\blbdrive.sys (blbdrive)
011 c:\windows\system32\DRIVERS\BrFiltLo.sys (BrFiltLo.sys)
011 c:\windows\system32\DRIVERS\BrFiltUp.sys (BrFiltUp.sys)
011 c:\windows\System32\Drivers\Brserid.sys (Brserid.sys)
011 c:\windows\System32\Drivers\BrSerWdm.sys (BrSerWdm.sys)
011 c:\windows\System32\Drivers\BrUsbMdm.sys (BrUsbMdm.sys)
011 c:\windows\System32\Drivers\BrUsbSer.sys (BrUsbSer.sys)
011 c:\windows\system32\drivers\BthEnum.sys (BthEnum.sys)
011 c:\windows\system32\DRIVERS\bthmodem.sys (bthmodem.sys)
011 c:\windows\system32\DRIVERS\bthpan.sys (bthpan.sys)
011 c:\windows\System32\Drivers\BTHport.sys (BTHport.sys)
011 c:\windows\System32\Drivers\BTHUSB.sys (BTHUSB.sys)
011 c:\windows\system32\DRIVERS\bxvbdx.sys (bxvbdx.sys)
011 c:\windows\system32\drivers\cdrom.sys (cdrom.sys)
011 c:\windows\system32\DRIVERS\circlass.sys (circlass.sys)
011 C:\Windows\system32\clfs.sys (clfs.sys)
011 c:\windows\system32\DRIVERS\CmBatt.sys (CmBatt.sys)
011 c:\windows\system32\drivers\cmdide.sys (cmdide)
011 c:\windows\system32\DRIVERS\compbatt.sys (compbatt.sys)
011 c:\windows\system32\drivers\CompositeBus.sys (CompositeBus.sys)
011 C:\Windows\system32\drivers\dfsc.sys (dfsc.sys)
011 C:\Windows\system32\drivers\discache.sys (discache.sys)
011 c:\windows\system32\DRIVERS\disk.sys (disk.sys)
011 c:\windows\system32\drivers\drmkaud.sys (drmkaud.sys)
011 c:\windows\System32\drivers\dxgkrnl.sys (dxgkrnl.sys)
011 c:\windows\system32\DRIVERS\elxstor.sys (elxstor)
011 c:\windows\system32\drivers\errdev.sys (errdev.sys)
011 c:\windows\system32\DRIVERS\evbdx.sys (evbdx.sys)
011 C:\Windows\system32\drivers\exfat.sys (exfat.sys)
011 C:\Windows\system32\drivers\fastfat.sys (fastfat.sys)
011 c:\windows\system32\DRIVERS\fdc.sys (fdc.sys)
011 C:\Windows\system32\drivers\fileinfo.sys (fileinfo.sys)
011 C:\Windows\system32\drivers\filetrace.sys (filetrace.sys)
011 c:\windows\system32\DRIVERS\flpydisk.sys (flpydisk.sys)
011 C:\Windows\system32\drivers\fltmgr.sys (fltmgr.sys)
011 C:\Windows\system32\drivers\fsdepends.sys (fsdepends.sys)
011 C:\Windows\system32\drivers\fvevol.sys (fvevol.sys)
011 c:\windows\system32\DRIVERS\gagp30kx.sys (gagp30kx.sys)
011 c:\windows\system32\DRIVERS\GEARAspiWDM.sys (GEARAspiWDM.sys)
011 c:\windows\system32\drivers\hcw85cir.sys (hcw85cir.sys)
011 c:\windows\system32\drivers\HDAudBus.sys (HDAudBus.sys)
011 c:\windows\system32\drivers\HdAudio.sys (HdAudio.sys)
011 c:\windows\system32\DRIVERS\HidBatt.sys (HidBatt.sys)
011 c:\windows\system32\DRIVERS\hidbth.sys (hidbth.sys)
011 c:\windows\system32\DRIVERS\hidir.sys (hidir.sys)
011 c:\windows\system32\DRIVERS\hidusb.sys (hidusb.sys)
011 c:\windows\system32\drivers\HpSAMD.sys (HpSAMD)
011 c:\windows\system32\DRIVERS\HssDrv.sys (HssDrv.sys)
011 C:\Windows\system32\drivers\http.sys (http.sys)
011 C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy.sys)
011 c:\windows\system32\drivers\i8042prt.sys (i8042prt.sys)
011 c:\windows\system32\drivers\iaStorV.sys (iaStorV.sys)
011 c:\windows\system32\DRIVERS\idmwfp.sys (idmwfp.sys)
011 c:\windows\system32\DRIVERS\iirsp.sys (iirsp)
011 c:\windows\system32\drivers\intelide.sys (intelide)
011 c:\windows\system32\DRIVERS\intelppm.sys (intelppm.sys)
011 c:\windows\system32\drivers\IPMIDrv.sys (IPMIDRV)
011 C:\Windows\system32\drivers\irenum.sys (irenum.sys)
011 c:\windows\system32\drivers\isapnp.sys (isapnp)
011 c:\windows\system32\drivers\kbdclass.sys (kbdclass.sys)
011 c:\windows\system32\drivers\kbdhid.sys (kbdhid.sys)
011 c:\windows\system32\DRIVERS\lltdio.sys (lltdio.sys)
011 c:\windows\system32\DRIVERS\lsi_fc.sys (LSI_FC)
011 c:\windows\system32\DRIVERS\lsi_sas.sys (LSI_SAS)
011 c:\windows\system32\DRIVERS\lsi_sas2.sys (LSI_SAS2)
011 c:\windows\system32\DRIVERS\lsi_scsi.sys (LSI_SCSI)
011 C:\Windows\system32\drivers\luafv.sys (luafv.sys)
011 c:\windows\system32\DRIVERS\megasas.sys (megasas)
011 c:\windows\system32\DRIVERS\MegaSR.sys (MegaSR)
011 c:\windows\system32\drivers\modem.sys (modem.sys)
011 c:\windows\system32\DRIVERS\monitor.sys (monitor.sys)
011 c:\windows\system32\drivers\mouclass.sys (mouclass.sys)
011 c:\windows\system32\DRIVERS\mouhid.sys (mouhid.sys)
011 C:\Windows\system32\drivers\mountmgr.sys (mountmgr.sys)
011 c:\windows\system32\drivers\mpio.sys (mpio.sys)
011 c:\windows\system32\drivers\msahci.sys (msahci)
011 c:\windows\system32\drivers\msdsm.sys (msdsm.sys)
011 C:\Windows\system32\drivers\Msfs.sys (Msfs)
011 C:\Windows\system32\drivers\mshidkmdf.sys (mshidkmdf.sys)
011 c:\windows\system32\drivers\msisadrv.sys (msisadrv)
011 c:\windows\system32\drivers\msiscsi.sys (msiscsi.sys)
011 c:\windows\system32\drivers\MSKSSRV.sys (MSKSSRV.sys)
011 c:\windows\system32\drivers\MSPCLOCK.sys (MSPCLOCK.sys)
011 c:\windows\system32\drivers\MSPQM.sys (MSPQM.sys)
011 C:\Windows\system32\drivers\MsRPC.sys (MsRPC)
011 c:\windows\system32\drivers\mssmbios.sys (mssmbios.sys)
011 c:\windows\system32\drivers\MSTEE.sys (MSTEE.sys)
011 c:\windows\system32\DRIVERS\MTConfig.sys (MTConfig.sys)
011 C:\Windows\system32\drivers\mup.sys (mup.sys)
011 C:\Windows\system32\drivers\NDProxy.sys (NDIS Proxy)
011 C:\Windows\system32\drivers\ndis.sys (ndis.sys)
011 c:\windows\system32\DRIVERS\ndiscap.sys (ndiscap.sys)
011 c:\windows\system32\DRIVERS\ndisuio.sys (ndisuio.sys)
011 c:\windows\system32\DRIVERS\netbios.sys (netbios.sys)
011 C:\Windows\system32\drivers\netbt.sys (netbt.sys)
011 c:\windows\system32\DRIVERS\NETw5s32.sys (NETw5s32.sys)
011 c:\windows\system32\DRIVERS\netw5v32.sys (netw5v32.sys)
011 c:\windows\system32\DRIVERS\nfrd960.sys (nfrd960)
011 C:\Windows\system32\drivers\Npfs.sys (Npfs)
011 C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy.sys)
011 C:\Windows\system32\drivers\Ntfs.sys (Ntfs.sys)
011 C:\Windows\system32\drivers\Null.sys (Null)
011 c:\windows\system32\drivers\nv_agp.sys (nv_agp.sys)
011 c:\windows\system32\drivers\nvraid.sys (nvraid)
011 c:\windows\system32\drivers\nvstor.sys (nvstor)
011 c:\windows\system32\DRIVERS\nwifi.sys (nwifi.sys)
011 c:\windows\system32\drivers\ohci1394.sys (ohci1394.sys)
011 C:\Windows\System32\drivers\pacer.sys (pacer.sys)
011 c:\windows\system32\DRIVERS\parport.sys (parport.sys)
011 C:\Windows\system32\drivers\partmgr.sys (partmgr.sys)
011 c:\windows\system32\DRIVERS\parvdm.sys (Parvdm)
011 c:\windows\system32\drivers\pci.sys (pci.sys)
011 c:\windows\system32\drivers\pciide.sys (pciide)
011 c:\windows\system32\DRIVERS\pcmcia.sys (pcmcia)
011 c:\windows\system32\drivers\peauth.sys (peauth.sys)
011 c:\windows\system32\DRIVERS\processr.sys (processr.sys)
011 c:\windows\system32\DRIVERS\ql2300.sys (ql2300)
011 c:\windows\system32\DRIVERS\ql40xx.sys (ql40xx)
011 C:\Windows\system32\drivers\qwavedrv.sys (qwavedrv.sys)
011 c:\windows\system32\DRIVERS\rdpbus.sys (rdpbus.sys)
011 C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD.sys)
011 C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD.sys)
011 C:\Windows\system32\drivers\RdpRefMp.sys (RdpRefMp.sys)
011 C:\Windows\system32\drivers\RDPWD.sys (RDPWD.sys)
011 c:\windows\system32\DRIVERS\rfcomm.sys (rfcomm.sys)
011 c:\windows\system32\DRIVERS\rimmptsk.sys (rimmptsk)
011 c:\windows\system32\DRIVERS\rimsptsk.sys (rimsptsk)
011 c:\windows\system32\DRIVERS\rixdptsk.sys (rixdptsk.sys)
011 c:\windows\system32\DRIVERS\rspndr.sys (rspndr.sys)
011 c:\windows\system32\DRIVERS\Rt86win7.sys (Rt86win7.sys)
011 c:\windows\system32\drivers\vms3cap.sys (s3cap)
011 * C:\Users\Mansour\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS (SASDIFSV.SYS)
011 * C:\Users\Mansour\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS (SASKUTIL.SYS)
011 c:\windows\system32\drivers\sbp2port.sys (sbp2port.sys)
011 C:\Windows\System32\drivers\scfilter.sys (scfilter.sys)
011 c:\windows\system32\drivers\sdbus.sys (sdbus)
011 C:\Windows\system32\drivers\secdrv.sys (secdrv.sys)
011 c:\windows\system32\DRIVERS\serenum.sys (serenum.sys)
011 c:\windows\system32\DRIVERS\serial.sys (serial.sys)
011 c:\windows\system32\DRIVERS\sermouse.sys (sermouse.sys)
011 c:\windows\system32\drivers\sffdisk.sys (sffdisk.sys)
011 c:\windows\system32\drivers\sffp_mmc.sys (sffp_mmc.sys)
011 c:\windows\system32\drivers\sffp_sd.sys (sffp_sd.sys)
011 c:\windows\system32\DRIVERS\sfloppy.sys (sfloppy.sys)
011 c:\windows\system32\drivers\sisagp.sys (sisagp.sys)
011 c:\windows\system32\DRIVERS\SiSRaid2.sys (SiSRaid2)
011 c:\windows\system32\DRIVERS\sisraid4.sys (SiSRaid4)
011 C:\Windows\system32\drivers\spldr.sys (spldr.sys)
011 c:\windows\system32\DRIVERS\stexstor.sys (stexstor)
011 c:\windows\system32\drivers\storvsc.sys (storvsc)
011 c:\windows\system32\drivers\swenum.sys (swenum.sys)
011 c:\windows\system32\DRIVERS\SynTP.sys (SynTP.sys)
011 c:\windows\system32\DRIVERS\taphss.sys (taphss.sys)
011 c:\windows\system32\DRIVERS\tcpip.sys (tcpip.sys)
011 c:\windows\system32\drivers\tdpipe.sys (tdpipe.sys)
011 c:\windows\system32\drivers\tdtcp.sys (tdtcp.sys)
011 c:\windows\system32\drivers\termdd.sys (termdd.sys)
011 C:\Windows\System32\DRIVERS\tssecsrv.sys (tssecsrv.sys)
011 C:\Windows\system32\drivers\tsusbflt.sys (tsusbflt.sys)
011 c:\windows\system32\DRIVERS\tunnel.sys (tunnel.sys)
011 c:\windows\system32\DRIVERS\TVALZ_O.SYS (TVALZ_O.SYS)
011 c:\windows\system32\DRIVERS\uagp35.sys (uagp35.sys)
011 c:\windows\system32\drivers\uliagpkx.sys (uliagpkx.sys)
011 c:\windows\system32\DRIVERS\umbus.sys (umbus.sys)
011 c:\windows\system32\DRIVERS\umpass.sys (umpass.sys)
011 c:\windows\system32\drivers\usbaudio.sys (usbaudio.sys)
011 c:\windows\system32\DRIVERS\usbccgp.sys (usbccgp.sys)
011 c:\windows\system32\drivers\usbcir.sys (usbcir.sys)
011 c:\windows\system32\DRIVERS\usbehci.sys (usbehci.sys)
011 c:\windows\system32\DRIVERS\usbhub.sys (usbhub.sys)
011 c:\windows\system32\drivers\usbohci.sys (usbohci.sys)
011 c:\windows\system32\DRIVERS\usbprint.sys (usbprint.sys)
011 c:\windows\system32\DRIVERS\USBSTOR.SYS (USBSTOR.SYS)
011 c:\windows\system32\DRIVERS\usbuhci.sys (usbuhci.sys)
011 c:\windows\System32\Drivers\usbvideo.sys (usbvideo.sys)
011 c:\windows\system32\drivers\vdrvroot.sys (vdrvroot.sys)
011 c:\windows\system32\DRIVERS\vgapnp.sys (vga)
011 c:\windows\System32\drivers\vga.sys (vga.sys)
011 c:\windows\system32\drivers\vhdmp.sys (vhdmp)
011 c:\windows\system32\drivers\viaagp.sys (viaagp.sys)
011 c:\windows\system32\DRIVERS\viac7.sys (viac7.sys)
011 c:\windows\system32\drivers\viaide.sys (viaide)
011 c:\windows\system32\drivers\vmbus.sys (vmbus.sys)
011 c:\windows\system32\drivers\VMBusHID.sys (VMBusHID)
011 c:\windows\system32\drivers\vmstorfl.sys (vmstorfl.sys)
011 c:\windows\system32\drivers\volmgr.sys (volmgr.sys)
011 C:\Windows\system32\drivers\volmgrx.sys (volmgrx.sys)
011 c:\windows\system32\drivers\volsnap.sys (volsnap.sys)
011 c:\windows\system32\DRIVERS\vsmraid.sys (vsmraid)
011 c:\windows\system32\DRIVERS\vwifibus.sys (vwifibus.sys)
011 c:\windows\system32\DRIVERS\vwififlt.sys (vwififlt.sys)
011 c:\windows\system32\DRIVERS\wacompen.sys (wacompen.sys)
011 c:\windows\system32\DRIVERS\wd.sys (Wd)
011 c:\windows\system32\DRIVERS\wdcsam.sys (wdcsam.sys)
011 c:\windows\system32\drivers\Wdf01000.sys (Wdf01000.sys)
011 c:\windows\system32\DRIVERS\wfplwf.sys (wfplwf.sys)
011 c:\windows\system32\drivers\wimmount.sys (wimmount.sys)
011 c:\windows\system32\DRIVERS\WinUsb.sys (WinUsb.sys)
011 c:\windows\system32\drivers\wmiacpi.sys (wmiacpi.sys)
011 c:\windows\system32\drivers\WudfPf.sys (WudfPf.sys)
011 c:\windows\system32\DRIVERS\WUDFRd.sys (WUDFRd)
042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {898EA8C8-E7FF-479B-8935-AEC46303B9E5}
042 GUID / CLSID not found {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}
052 * C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.) {F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
052 * C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
064 C:\Windows\system32\user32.dll (Microsoft Corporation)
100 SearchAssistant HKLM : http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
104 * C:\Program Files\Java\jre7\bin\jp2iexp.dll {8AD9C840-044E-11D1-B3E9-00805F499D93}
104 * C:\Program Files\Java\jre7\bin\jp2iexp.dll {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
104 * C:\Program Files\Java\jre7\bin\npjpi170.dll (Oracle Corporation) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
105 Download all links with IDM : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 Download FLV video content with IDM : C:\Program Files\Internet Download Manager\IEGetVL.htm
105 Download with IDM : C:\Program Files\Internet Download Manager\IEExt.htm
105 E&xport to Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
105 Google Sidewiki... : res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
105 Se&nd to OneNote : res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
105 Translate this web page with Babylon : res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
105 Translate with Babylon : res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
120 NameServer {010A6F81-7497-48D2-9DCF-0FACBEC884FA} : 10.71.0.1
145 C:\Windows\system32\drivers\kbdclass.sys
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Users\Mansour\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\Folder Marker\ShellExt.dll (ArcticLine Software) {47C91696-894C-46A1-B196-2C7CA1952F45}
225 C:\Program Files\Folder Marker\ShellExt.dll (ArcticLine Software) {47C91696-894C-46A1-B196-2C7CA1952F45}
225 * C:\Users\Mansour\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Users\Mansour\AppData\Local\Temp\zxq2\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
004 C:\Users\Mansour\AppData\Local\Temp\_uninst_.bat
007 C:\Users\Mansour\AppData\Local\Temp\_uninst_.bat
010 C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
010 C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe
011 System32\Drivers\cng.sys
011 System32\drivers\ipnat.sys
011 System32\Drivers\ksecdd.sys
011 System32\Drivers\ksecpkg.sys
011 C:\Windows\system32\drivers\mbamswissarmy.sys
011 System32\drivers\pcw.sys
011 System32\DRIVERS\rasacd.sys
011 System32\drivers\rdpdr.sys
011 System32\drivers\rdpvideominiport.sys
011 System32\drivers\rdvgkmd.sys
011 System32\drivers\rdyboost.sys
011 System32\Drivers\RimUsb.sys
011 System32\DRIVERS\srvnet.sys
011 System32\drivers\synth3dvsc.sys
011 System32\drivers\tcpipreg.sys
011 C:\Windows\system32\drivers\tsusbhub.sys
011 System32\Drivers\usbaapl.sys

 

[البارون]

طبق الصور لحفظ التقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[ReD_F0X]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[Ahmed Alqurashi]

بعد اذنك اخي البارون
أخي احذف الـ Hotspot Shield

 

[ReD_F0X]

حذفته , بعدين وش اسوي ؟

 

[ReD_F0X]

up

 

[ReD_F0X]

up