youssefko2009
زيزوومى مميز
- إنضم
- 13 ديسمبر 2009
- المشاركات
- 450
- مستوى التفاعل
- 21
- النقاط
- 480
غير متصل
السلام عليكم اخواني
عندي مشكله غريبه شويه وهي
ان الويرلس بتاع الكمبيوتر كان يعمل بشكل طبيعي جدا
وفجأه توقف عن العمل حتى وصلت بسلك ايضا ما اشتغل معي
الانترنت
نوع الويندوز اكس بي عربي
نوع الجهاز سوني فايو ديسك توب
واليكم بعض التقارير
هذا الهايجك
ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:26, on 22/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ExpressFiles\EFupdater.exe
D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
D:\Program Files\PowerISO\PWRISOVM.EXE
D:\Program Files\ExpressFiles\ExpressFiles.exe
D:\Program Files\Sony\VAIO Update Common\VUAgent.exe
D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
D:\Program Files\Internet Download Manager\IDMan.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
D:\Program Files\Internet Download Manager\IEMonitor.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe
C:\AQ\supdate.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
D:\WINDOWS\system32\NOTEPAD.EXE
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R3 - URLSearchHook: Translator 3.1 Toolbar - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Translator 3.1 - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\IPS\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - D:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll (file missing)
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - D:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O3 - Toolbar: Translator 3.1 Toolbar - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O4 - HKLM\..\Run: [VAIO Update 5] "D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ExpressFiles] "D:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
O4 - HKLM\..\Run: [SMSERIAL] D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DrvUpdater] D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: SIDA.Connect.lnk = C:\AQ\supdate.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - D:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
O23 - Service: VUAgent - Sony Corporation - D:\Program Files\Sony\VAIO Update Common\VUAgent.exe
--
End of file - 7896 bytes
عندي مشكله غريبه شويه وهي
ان الويرلس بتاع الكمبيوتر كان يعمل بشكل طبيعي جدا
وفجأه توقف عن العمل حتى وصلت بسلك ايضا ما اشتغل معي
الانترنت
نوع الويندوز اكس بي عربي
نوع الجهاز سوني فايو ديسك توب
واليكم بعض التقارير
هذا الهايجك
ogfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:25:26, on 22/03/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ExpressFiles\EFupdater.exe
D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
D:\Program Files\PowerISO\PWRISOVM.EXE
D:\Program Files\ExpressFiles\ExpressFiles.exe
D:\Program Files\Sony\VAIO Update Common\VUAgent.exe
D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
D:\Program Files\Internet Download Manager\IDMan.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
D:\Program Files\Internet Download Manager\IEMonitor.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe
C:\AQ\supdate.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
D:\WINDOWS\system32\NOTEPAD.EXE
C:\Zyzoom_Forum_Tools\zHijak.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\System32\blank.htm
R3 - URLSearchHook: Translator 3.1 Toolbar - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Translator 3.1 - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\IPS\IPSBHO.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - D:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll (file missing)
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - D:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O3 - Toolbar: Translator 3.1 Toolbar - {3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - D:\Program Files\Translator_3.1\prxtbTran.dll
O4 - HKLM\..\Run: [VAIO Update 5] "D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ExpressFiles] "D:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
O4 - HKLM\..\Run: [SMSERIAL] D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IDMan] D:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DrvUpdater] D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: SIDA.Connect.lnk = C:\AQ\supdate.exe
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - D:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - D:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) -
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: البرنامج الخفي لذاكرة التخزين المؤقت لفئات المكونات - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe
O23 - Service: VUAgent - Sony Corporation - D:\Program Files\Sony\VAIO Update Common\VUAgent.exe
--
End of file - 7896 bytes
وهذه البرامج المثبته
معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3
معلومات نظام التشغيل ======
X86 WIN_XP 2600 Service Pack 3
====== قائمة البرامج المثبتة ======
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Internet Download Manager
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Motorola SM56 Speakerphone Modem
PowerISO
QQPlayer 3.0.822.400
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Shockwave
Sida Millennium 2003 1.0
Skype Toolbars
Skype™ 5.3
SmsVeloce 1.20.86
Softonic toolbar on IE and Chrome
Translator 3.1 Toolbar
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VAIO Update
VAIO Update Merge Module x86
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
WinRAR archiver
Yahoo! Messenger
برنامج إصلاح (Hotfix) لـ Windows XP (KB2633952)
برنامج إصلاح (Hotfix) لـ Windows XP (KB961118)
تحديث الأمان لـ Microsoft Windows (KB2564958)
تحديث الأمان لـ Windows Media Player (KB975558)
تحديث أمان لـ Windows Internet Explorer 8 (KB2647516)
تحديث أمان لـ Windows XP (KB2524375)
تحديث أمان لـ Windows XP (KB2544893-v2)
تحديث أمان لـ Windows XP (KB2570947)
تحديث أمان لـ Windows XP (KB2584146)
تحديث أمان لـ Windows XP (KB2585542)
تحديث أمان لـ Windows XP (KB2592799)
تحديث أمان لـ Windows XP (KB2598479)
تحديث أمان لـ Windows XP (KB2603381)
تحديث أمان لـ Windows XP (KB2618451)
تحديث أمان لـ Windows XP (KB2619339)
تحديث أمان لـ Windows XP (KB2620712)
تحديث أمان لـ Windows XP (KB2621440)
تحديث أمان لـ Windows XP (KB2624667)
تحديث أمان لـ Windows XP (KB2631813)
تحديث أمان لـ Windows XP (KB2633171)
تحديث أمان لـ Windows XP (KB2641653)
تحديث أمان لـ Windows XP (KB2646524)
تحديث أمان لـ Windows XP (KB2647518)
تحديث أمان لـ Windows XP (KB2660465)
تحديث أمان لـ Windows XP (KB2661637)
تحديث أمان لـ Windows XP (KB923789)
تحديث أمان لـ Windows XP (KB970430)
تحديث أمان لـ Windows XP (KB975467)
تحديث أمان لـ Windows XP (KB979687)
تحديث أمان لـ Windows XP (KB980195)
تحديث لـ Windows Internet Explorer 8 (KB2598845)
تحديث لـ Windows Internet Explorer 8 (KB2632503)
تحديث لـ Windows XP (KB2345886)
تحديث لـ Windows XP (KB2641690)
تحديث لـ Windows XP (KB898461)
حزمة برامج تشغيل Windows - Atheros (AR5416) Net (02/05/2010 7.7.0.481)
حزمة برامج تشغيل Windows - Atheros (AR5416) Net (02/05/2010 7.7.0.481)
حزمة برامج تشغيل Windows - Motorola Inc (smserial) Modem (06/11/2008 6.12.20)
حزمة موفر خدمة تشفير البطاقة الذكية الأساسية من Microsoft
وهذا اخر تقرير
Silent Runners.vbs", revision 61,
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by "{++}"
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Google Toolbar for Internet Explorer
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
Internet Download Manager
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Motorola SM56 Speakerphone Modem
PowerISO
QQPlayer 3.0.822.400
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Shockwave
Sida Millennium 2003 1.0
Skype Toolbars
Skype™ 5.3
SmsVeloce 1.20.86
Softonic toolbar on IE and Chrome
Translator 3.1 Toolbar
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VAIO Update
VAIO Update Merge Module x86
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
WinRAR archiver
Yahoo! Messenger
برنامج إصلاح (Hotfix) لـ Windows XP (KB2633952)
برنامج إصلاح (Hotfix) لـ Windows XP (KB961118)
تحديث الأمان لـ Microsoft Windows (KB2564958)
تحديث الأمان لـ Windows Media Player (KB975558)
تحديث أمان لـ Windows Internet Explorer 8 (KB2647516)
تحديث أمان لـ Windows XP (KB2524375)
تحديث أمان لـ Windows XP (KB2544893-v2)
تحديث أمان لـ Windows XP (KB2570947)
تحديث أمان لـ Windows XP (KB2584146)
تحديث أمان لـ Windows XP (KB2585542)
تحديث أمان لـ Windows XP (KB2592799)
تحديث أمان لـ Windows XP (KB2598479)
تحديث أمان لـ Windows XP (KB2603381)
تحديث أمان لـ Windows XP (KB2618451)
تحديث أمان لـ Windows XP (KB2619339)
تحديث أمان لـ Windows XP (KB2620712)
تحديث أمان لـ Windows XP (KB2621440)
تحديث أمان لـ Windows XP (KB2624667)
تحديث أمان لـ Windows XP (KB2631813)
تحديث أمان لـ Windows XP (KB2633171)
تحديث أمان لـ Windows XP (KB2641653)
تحديث أمان لـ Windows XP (KB2646524)
تحديث أمان لـ Windows XP (KB2647518)
تحديث أمان لـ Windows XP (KB2660465)
تحديث أمان لـ Windows XP (KB2661637)
تحديث أمان لـ Windows XP (KB923789)
تحديث أمان لـ Windows XP (KB970430)
تحديث أمان لـ Windows XP (KB975467)
تحديث أمان لـ Windows XP (KB979687)
تحديث أمان لـ Windows XP (KB980195)
تحديث لـ Windows Internet Explorer 8 (KB2598845)
تحديث لـ Windows Internet Explorer 8 (KB2632503)
تحديث لـ Windows XP (KB2345886)
تحديث لـ Windows XP (KB2641690)
تحديث لـ Windows XP (KB898461)
حزمة برامج تشغيل Windows - Atheros (AR5416) Net (02/05/2010 7.7.0.481)
حزمة برامج تشغيل Windows - Atheros (AR5416) Net (02/05/2010 7.7.0.481)
حزمة برامج تشغيل Windows - Motorola Inc (smserial) Modem (06/11/2008 6.12.20)
حزمة موفر خدمة تشفير البطاقة الذكية الأساسية من Microsoft
وهذا اخر تقرير
Silent Runners.vbs", revision 61,
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "D:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
"IDMan" = "D:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]
"Messenger (Yahoo!)" = ""D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet" ["Yahoo! Inc."]
"Skype" = ""D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
"DrvUpdater" = "D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"VAIO Update 5" = ""D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary" ["Sony Corporation"]
"Adobe ARM" = ""D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"" ["Adobe Systems Incorporated"]
"PWRISOVM.EXE" = "D:\Program Files\PowerISO\PWRISOVM.EXE -startup" ["Power Software Ltd"]
"ExpressFiles" = ""D:\Program Files\ExpressFiles\ExpressFiles.exe" -tray" ["
"]
"SMSERIAL" = "D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" ["Motorola Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDM integration (IDMIEHlprObj Class)"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMIECC.dll" ["Internet Download Manager, Tonec Inc."]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]
{3eec3c07-13c6-4b41-87c6-40b425a0b0a2}\(Default) = "Translator 3.1"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = "Norton Identity Protection"
-> {HKLM...CLSID} = "Norton Identity Protection"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Norton Vulnerability Protection"
-> {HKLM...CLSID} = "Norton Vulnerability Protection"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\IPS\IPSBHO.DLL" ["Symantec Corporation"]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = "SkypeIEPluginBHO"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
{E87806B5-E908-45FD-AF5E-957D83E58E68}\(Default) = "Softonic Helper Object"
-> {HKLM...CLSID} = "Softonic Helper Object"
\InProcServer32\(Default) = "D:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll" ["Softonic.com"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
IDM Shell Extension\(Default) = "{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "D:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "D:\WINDOWS\system32\shdocvw.dll" [MS]
"{CDC95B92-E27C-4745-A8C5-64A52A78855D}" = "IDM Shell Extension"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
"{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" = "PowerISO"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "أجهزة التوصيل والتشغيل العالمي"
-> {HKLM...CLSID} = "أجهزة التوصيل والتشغيل العالمي"
\InProcServer32\(Default) = "D:\WINDOWS\system32\upnpui.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "D:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Aedebug\
<<!>> "Debugger" = "Drwtsn32 -p %ld -e %ld" [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
<<!>> skype-ie-addon-data\CLSID = "{91774881-D725-4E58-B298-07617B9B86A8}"
-> {HKLM...CLSID} = "Skype IE add-on Pluggable Protocol"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\NavShExt.dll"" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\NavShExt.dll"" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "D:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" ["Google Inc."]
"IDMan" = "D:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]
"Messenger (Yahoo!)" = ""D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet" ["Yahoo! Inc."]
"Skype" = ""D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
"DrvUpdater" = "D:\Documents and Settings\youssef\Application Data\DRPSu\DrvUpdater.exe" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"VAIO Update 5" = ""D:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary" ["Sony Corporation"]
"Adobe ARM" = ""D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"" ["Adobe Systems Incorporated"]
"PWRISOVM.EXE" = "D:\Program Files\PowerISO\PWRISOVM.EXE -startup" ["Power Software Ltd"]
"ExpressFiles" = ""D:\Program Files\ExpressFiles\ExpressFiles.exe" -tray" ["
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
"SMSERIAL" = "D:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" ["Motorola Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDM integration (IDMIEHlprObj Class)"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMIECC.dll" ["Internet Download Manager, Tonec Inc."]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]
{3eec3c07-13c6-4b41-87c6-40b425a0b0a2}\(Default) = "Translator 3.1"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = "Norton Identity Protection"
-> {HKLM...CLSID} = "Norton Identity Protection"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Norton Vulnerability Protection"
-> {HKLM...CLSID} = "Norton Vulnerability Protection"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\IPS\IPSBHO.DLL" ["Symantec Corporation"]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = "SkypeIEPluginBHO"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
{E87806B5-E908-45FD-AF5E-957D83E58E68}\(Default) = "Softonic Helper Object"
-> {HKLM...CLSID} = "Softonic Helper Object"
\InProcServer32\(Default) = "D:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll" ["Softonic.com"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
IDM Shell Extension\(Default) = "{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "D:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "D:\WINDOWS\system32\shdocvw.dll" [MS]
"{CDC95B92-E27C-4745-A8C5-64A52A78855D}" = "IDM Shell Extension"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
"{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" = "PowerISO"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}" = "أجهزة التوصيل والتشغيل العالمي"
-> {HKLM...CLSID} = "أجهزة التوصيل والتشغيل العالمي"
\InProcServer32\(Default) = "D:\WINDOWS\system32\upnpui.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "D:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Aedebug\
<<!>> "Debugger" = "Drwtsn32 -p %ld -e %ld" [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
<<!>> skype-ie-addon-data\CLSID = "{91774881-D725-4E58-B298-07617B9B86A8}"
-> {HKLM...CLSID} = "Skype IE add-on Pluggable Protocol"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\NavShExt.dll"" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
PowerISO\(Default) = "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}"
-> {HKLM...CLSID} = "PowerISO"
\InProcServer32\(Default) = "D:\Program Files\PowerISO\PWRISOSH.DLL" ["Power Software Ltd"]
Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\NavShExt.dll"" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "D:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "%APPDATA%\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\Documents and Settings\youssef\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp"
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "%APPDATA%\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "D:\Documents and Settings\youssef\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp"
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "D:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "D:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]
Startup items in "youssef" & "All Users" startup folders:
---------------------------------------------------------
D:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل
"SIDA.Connect" -> shortcut to: "C:\AQ\supdate.exe" ["Autosoft Multimedia srl"]
---------------------------------------------------------
D:\Documents and Settings\All Users\قائمة ابدأ\البرامج\بدء التشغيل
"SIDA.Connect" -> shortcut to: "C:\AQ\supdate.exe" ["Autosoft Multimedia srl"]
Enabled Scheduled Tasks:
------------------------
"Express Files Updater" -> launches: "D:\Program Files\ExpressFiles\EFupdater.exe" ["
"]
"User_Feed_Synchronization-{0A0FE6D5-F5E8-4BD4-A1ED-4BC854E43E53}" -> launches: "D:\WINDOWS\system32\msfeedssync.exe sync" [MS]
------------------------
"Express Files Updater" -> launches: "D:\Program Files\ExpressFiles\EFupdater.exe" ["
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
"User_Feed_Synchronization-{0A0FE6D5-F5E8-4BD4-A1ED-4BC854E43E53}" -> launches: "D:\WINDOWS\system32\msfeedssync.exe sync" [MS]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 14 - 15
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 13
%SystemRoot%\system32\rsvpsp.dll [MS], 14 - 15
Toolbars, Explorer Bars, Extensions:
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
"{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2}"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" = "Norton Toolbar"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
"{DFEFCDEE-CF1A-4FC8-89AF-189327213627}" = (no title provided)
-> {HKLM...CLSID} = "toolplugin"
\InProcServer32\(Default) = "D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll" [file not found]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}" = "Softonic Toolbar"
-> {HKLM...CLSID} = "Softonic Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll" ["Softonic.com"]
"{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2}" = "Translator 3.1 Toolbar"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
Explorer Bars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\(Default) = "toolplugin"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll" [file not found]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
"ButtonText" = "Skype Plug-In"
"MenuText" = "Skype Plug-In"
"CLSIDExtension" = "{898EA8C8-E7FF-479B-8935-AEC46303B9E5}"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]
------------------------------------
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
"{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2}"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" = "Norton Toolbar"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\coIEPlg.dll" ["Symantec Corporation"]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "d:\program files\google\googletoolbar1.dll" ["Google Inc."]
"{DFEFCDEE-CF1A-4FC8-89AF-189327213627}" = (no title provided)
-> {HKLM...CLSID} = "toolplugin"
\InProcServer32\(Default) = "D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll" [file not found]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}" = "Softonic Toolbar"
-> {HKLM...CLSID} = "Softonic Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll" ["Softonic.com"]
"{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2}" = "Translator 3.1 Toolbar"
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
Explorer Bars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}\(Default) = "toolplugin"
Implemented Categories\{00021494-0000-0000-C000-000000000046}\ [horizontal bar]
InProcServer32\(Default) = "D:\Documents and Settings\youssef\Application Data\toolplugin\toolbar.dll" [file not found]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
"ButtonText" = "Skype Plug-In"
"MenuText" = "Skype Plug-In"
"CLSIDExtension" = "{898EA8C8-E7FF-479B-8935-AEC46303B9E5}"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]
Miscellaneous IE Hijack Points
------------------------------
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{3eec3c07-13c6-4b41-87c6-40b425a0b0a2}" = (no title provided)
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> "Tabs" = "
=" [file not found]
------------------------------
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\
<<H>> "{3eec3c07-13c6-4b41-87c6-40b425a0b0a2}" = (no title provided)
-> {HKLM...CLSID} = "Translator 3.1 Toolbar"
\InProcServer32\(Default) = "D:\Program Files\Translator_3.1\prxtbTran.dll" ["Conduit Ltd."]
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> "Tabs" = "
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Norton Internet Security, NIS, ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe" /s "NIS" /m "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\diMaster.dll" /prefetch:1" ["Symantec Corporation"]
VUAgent, VUAgent, ""D:\Program Files\Sony\VAIO Update Common\VUAgent.exe"" ["Sony Corporation"]
------------------------------------------------------------------
Norton Internet Security, NIS, ""D:\Program Files\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe" /s "NIS" /m "D:\Program Files\Norton Internet Security\Engine\19.6.1.8\diMaster.dll" /prefetch:1" ["Symantec Corporation"]
VUAgent, VUAgent, ""D:\Program Files\Sony\VAIO Update Common\VUAgent.exe"" ["Sony Corporation"]
---------- (launch time: 2012-03-22 18:15:34)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 41 seconds, including 10 seconds for message boxes)
وهذه صوره انظر كيف انه الويرلس معرف وما يشتغل
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 41 seconds, including 10 seconds for message boxes)
وهذه صوره انظر كيف انه الويرلس معرف وما يشتغل
