مشكلة تعليق اللاب توب

22abadi22 · 19 أبريل 2012

السلام عليكم

انا عندي مشكلة في تعليق اللاب توب في اول مايشتغل اللاب توب على سطح المكتب

ولازم اعيد التشغيل

وانا الحين داخل بالوضع الامن (safe mode)

وهذي مواصفات الاب توب

win 7 home premium

رام 3 جيجا

معالج 2 جيجا

وهذا تقرير الـ Hijack

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 05:16:40 م, on 17/04/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
D:\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.3\iobitToolbarIE.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.3\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\3D7D~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\5.3\iobitToolbarIE.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avlibrary.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avlibrary.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avlibrary.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: AVRedirector - Unknown owner - C:\Program Files\Invisible IP Map\AVRedirector.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe

--
End of file - 11818 bytes

===============
و رن سكار

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

===============

و البرامج المثبتة

====== معلومات نظام التشغيل ======

X86 WIN_7 7600

====== قائمة البرامج المثبتة ======

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0 ME
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
Ashampoo HDD Control 1.12
AVG 2011
AVG 2011
Bing Bar
Bonjour
Bully Scholarship Edition
Bully Scholarship Edition
CCleaner
Cheat Engine 6.1
Complitly
Driver Genius Professional Edition
Fraps
Game Booster 3
Garmin MapSource
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Intel PROSet Wireless
Intel(R) Graphics Media *********** Driver
Intel(R)‎ PROSet/Wireless WiFi برنامج
Intel(R) Rapid Storage Technology
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 31
K-Lite Codec Pack 5.7.0 (Full)
League of Legends
MapSource - WorldMap v3.01
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 11.0 (x86 ar)
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Nexon Game Manager
Nexon Game Manager
Nokia PC Suite
PaltalkScene
Pando Media Booster
PC Connectivity Solution
REACTOR
RealPlayer
RealUpgrade 1.0
RESIDENT EVIL 5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2478663)
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2518870)
Skype Click to Call
Skype™ 5.8
Spelling Dictionaries Support For Adobe Reader 9
Steam
SweetIM for Messenger 3.6
SweetPacks Toolbar for Internet Explorer 4.5
Synaptics Pointing Device Driver
System Requirements Lab CYRI
System Requirements Lab for Intel
TuneUp Utilities Language Pack (en-US)
Tunngle beta
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
VCRedistSetup
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
WinRAR 4.11 (32-bit)
Your Uninstaller! 7
أداة التحميل Windows Live Upload Tool
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
حزمة اللغة العربية لـ Microsoft .NET Framework 4
حزمة برامج تشغيل Windows - Nokia Modem (06/01/2009 7.01.0.4)
حزمة برامج تشغيل Windows - Nokia Modem (10/05/2009 4.2)
حزمة برامج تشغيل Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

22abadi22 · 19 أبريل 2012

وهذا نقاط بدء التشغيل

"Silent Runners.vbs", revision 61,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Operating System: Windows 7
Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"IDMan" = "C:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"bdinstaller" = ""C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"" [file not found]
"vProt" = ""C:\Program Files\AVG Secure Search\vprot.exe"" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDM integration (IDMIEHlprObj Class)"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Internet Download Manager, Tonec Inc."]

{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "************ Toolbar"
\InProcServer32\(Default) = "C:\Program Files\************\tb4sha.dll" ["Conduit Ltd."]

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]

{3049C3E9-B461-4BC5-8870-4C09146192CA}\(Default) = (no title provided)
-> {HKLM...CLSID} = "RealPlayer Download and Record Plugin for Internet Explorer"
\InProcServer32\(Default) = "C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll" ["RealPlayer"]

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\(Default) = "WormRadar.com IESiteBlocker.NavFilter"
-> {HKLM...CLSID} = "AVG Safe Search"
\InProcServer32\(Default) = "C:\Program Files\AVG\AVG10\avgssie.dll" ["AVG Technologies CZ, s.r.o."]

{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Norton Vulnerability Protection"
-> {HKLM...CLSID} = "Norton Vulnerability Protection"
\InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\IPS\IPSBHO.DLL" ["Symantec Corporation"]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\ssv.dll" ["Sun Microsystems, Inc."]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Windows Live ID Sign-in Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]

{95B7759C-8C7F-4BF1-B163-73684A933233}\(Default) = (no title provided)
-> {HKLM...CLSID} = "AVG Security Toolbar"
\InProcServer32\(Default) = "C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [null data]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = "SkypeIEPluginBHO"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
\InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll" ["Google Inc."]

{CA4520F3-AE13-4FB1-A513-58E23991C86D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Help the General-Search Project"
\InProcServer32\(Default) = "C:\Users\3D7D~1\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL" [empty string]

{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Bing Bar Helper"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft\BingBar\BingExt.dll"" ["لإَّ‎M*çr*s*ft C*rpôr*t***. _*¯* _*¯* لإَّ" (unwritable string)]

{D4027C7F-154A-4066-A1AD-4243D8127440}\(Default) = "Ask Toolbar BHO"
-> {HKLM...CLSID} = "CrowdStar Gamebar"
\InProcServer32\(Default) = "C:\Program Files\Ask.com\GenericAskToolbar.dll" [file not found]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = "{99FD978C-D287-4F50-827F-B2C658EDA8E7}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = "{920E6DB1-9907-4370-B3A0-BAFC03D81399}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = "{16F3DD56-1AF5-4347-846D-7C10C4192619}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

IDM Shell Extension\(Default) = "{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "*Nokia Phone Browser*" (unwritable string)
-> {HKLM...CLSID} = "*Nokia Phone Browser*" (unwritable string)
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]

"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" = "Groove GFS Browser Helper"
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar"
-> {HKLM...CLSID} = "Groove Folder Synchronization"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler"
-> {HKLM...CLSID} = "Groove GFS Stub Icon Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler"
-> {HKLM...CLSID} = "Groove XML Icon Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office12\OLKFSTUB.DLL" [MS]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office12\MLSHEXT.DLL" [MS]

"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
-> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS]

"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
-> {HKLM...CLSID} = "Microsoft Office Metadata Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
-> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

"{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2}" = "NeroCoverEd Live Icons"
-> {HKLM...CLSID} = "NeroCoverEdLiveIcons Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll" [file not found]

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {HKLM...CLSID} = "RealOne Player Context Menu Class"
\InProcServer32\(Default) = "c:\program files\real\realplayer\rpshell.dll" ["RealNetworks, Inc."]

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {HKLM...CLSID} = "iTunes"
\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Inc."]

"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll" [file not found]

"{4838CD50-7E5D-4811-9B17-C47A85539F28}" = "TuneUp Disk Space Explorer Shell Extension"
-> {HKLM...CLSID} = "TuneUp Disk Space Explorer Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll" [file not found]

"{CDC95B92-E27C-4745-A8C5-64A52A78855D}" = "IDM Shell Extension"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]

"{B98A2BEA-7D42-4558-8BD1-832F41BAC6FD}" = (no title provided)
-> {HKLM...CLSID} = "Backup And Restore"
\InProcServer32\(Default) = "C:\Windows\System32\shdocvw.dll" [MS]

"{F3F5824C-AD58-4728-AF59-A1EBE3392799}" = "StickyNotes Namespace"
-> {HKLM...CLSID} = "Sticky Notes Namespace Extension for Windows Desktop Search"
\InProcServer32\(Default) = "C:\Windows\system32\SNTSearch.dll" [MS]

"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}" = "Auto Update Property Sheet Extension"
-> {HKLM...CLSID} = "Auto Update Property Sheet Extension"
\InProcServer32\(Default) = "C:\Windows\system32\wuaucpl.cpl" [file not found]

"{2F603045-309F-11CF-9774-0020AFD0CFF6}" = "Synaptics Control Panel"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll" ["Synaptics, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\Windows\system32\wpdshserviceobj.dll" [MS]

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\
<<!>> ("livessp" [MS]) "Security Packages" = "kerberos"|"msv1_0"|"schannel"|"wdigest"|"tspkg"|"pku2u"|"livessp"

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\

{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}\(Default) = "WLIDCredentialProvider"
-> {HKLM...CLSID} = "WLIDCredentialProvider"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> grooveLocalGWS\CLSID = "{88FED34C-F0CA-4636-A375-3CB6248B04CD}"
-> {HKLM...CLSID} = "Local Groove Web Services Protocol"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll" [MS]

<<!>> linkscanner\CLSID = "{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}"
-> {HKLM...CLSID} = "XPLPPFilter Class"
\InProcServer32\(Default) = "C:\Program Files\AVG\AVG10\avgpp.dll" ["AVG Technologies CZ, s.r.o."]

<<!>> livecall\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL" [MS]

<<!>> ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}"
-> {HKLM...CLSID} = "HxProtocol Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll" [MS]

<<!>> msnim\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL" [MS]

<<!>> skype-ie-addon-data\CLSID = "{91774881-D725-4E58-B298-07617B9B86A8}"
-> {HKLM...CLSID} = "Skype IE add-on Pluggable Protocol"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]

<<!>> viprotocol\CLSID = "{B658800C-F66E-4EF3-AB85-6C0C227862A9}"
-> {HKLM...CLSID} = "ViProtocolOLE Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll" [null data]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Advanced SystemCare\(Default) = "{9486A9B2-D787-4eca-A25C-4A0086BB4154}"
-> {HKLM...CLSID} = "CExtMenu Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll" [null data]

Cover Designer\(Default) = "{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}"
-> {HKLM...CLSID} = "NeroCoverEdContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll" [file not found]

IObit Malware Fighter\(Default) = "{0BB81440-5F42-4480-A5F7-770A6F439FC8}"
-> {HKLM...CLSID} = "BlueBirdShell Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll" ["IObit"]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\NavShExt.dll"" ["Symantec Corporation"]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll" [file not found]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

{100BD527-7304-4b7f-BEE2-26D97B04EBA4}\(Default) = (no title provided)
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll" [file not found]

HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\

NBShellHook\(Default) = "{100BD527-7304-4b7f-BEE2-26D97B04EBA4}"
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll" [file not found]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

GB3ContextMenu\(Default) = "{3A488FE8-9916-4F36-BDFF-3DED559142E5}"
-> {HKLM...CLSID} = "GBContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\Game Booster 3\GBV3ContextMenu.dll" ["IObit"]

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Users\بو محمد\AppData\Local\temp\zxq2\mbamext.dll" ["Malwarebytes Corporation"]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

Advanced SystemCare\(Default) = "{9486A9B2-D787-4eca-A25C-4A0086BB4154}"
-> {HKLM...CLSID} = "CExtMenu Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll" [null data]

IObit Malware Fighter\(Default) = "{0BB81440-5F42-4480-A5F7-770A6F439FC8}"
-> {HKLM...CLSID} = "BlueBirdShell Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll" ["IObit"]

TuneUp Disk Space Explorer Shell Extension\(Default) = "{4838CD50-7E5D-4811-9B17-C47A85539F28}"
-> {HKLM...CLSID} = "TuneUp Disk Space Explorer Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll" [file not found]

TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll" [file not found]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\

Nokia\(Default) = "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}"
-> {HKLM...CLSID} = "*Nokia Phone Browser*" (unwritable string)
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

igfxcui\(Default) = "{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}"
-> {HKLM...CLSID} = "GraphicsShellExt Class"
\InProcServer32\(Default) = "C:\Windows\system32\igfxpph.dll" ["Intel Corporation"]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

IObit Malware Fighter\(Default) = "{0BB81440-5F42-4480-A5F7-770A6F439FC8}"
-> {HKLM...CLSID} = "BlueBirdShell Class"
\InProcServer32\(Default) = "C:\Program Files\IObit\IObit Malware Fighter\IMFShellExt.dll" ["IObit"]

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Users\بو محمد\AppData\Local\temp\zxq2\mbamext.dll" ["Malwarebytes Corporation"]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\NavShExt.dll"" ["Symantec Corporation"]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

{100BD527-7304-4b7f-BEE2-26D97B04EBA4}\(Default) = (no title provided)
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll" [file not found]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

NBShellHook\(Default) = "{100BD527-7304-4b7f-BEE2-26D97B04EBA4}"
-> {HKLM...CLSID} = "NBShellHook Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero8\Nero BackItUp\NBShell.dll" [file not found]

WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]

Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Users\بو محمد\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg"

Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

iTunesBurnCDOnArrival\
"Provider" = "iTunes"
"InvokeProgID" = "iTunes.BurnCD"
"InvokeVerb" = "burn"
HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = ""C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L"" ["Apple Inc."]

iTunesImportSongsOnArrival\
"Provider" = "iTunes"
"InvokeProgID" = "iTunes.ImportSongsOnCD"
"InvokeVerb" = "import"
HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = ""C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L"" ["Apple Inc."]

iTunesPlaySongsOnArrival\
"Provider" = "iTunes"
"InvokeProgID" = "iTunes.PlaySongsOnCD"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = ""C:\Program Files\iTunes\iTunes.exe" /playCD "%L"" ["Apple Inc."]

iTunesShowSongsOnArrival\
"Provider" = "iTunes"
"InvokeProgID" = "iTunes.ShowSongsOnCD"
"InvokeVerb" = "showsongs"
HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = ""C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L"" ["Apple Inc."]

MPCPlayCDAudioOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayCDAudio"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd" ["MPC-HC Team"]

MPCPlayDVDMovieOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayDVDMovie"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd" ["MPC-HC Team"]

MPCPlayMusicFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayMusicFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1" ["MPC-HC Team"]

MPCPlayVideoFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayVideoFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1" ["MPC-HC Team"]

MSEnhancedStorageHandler\
"Provider" = "Authorize to the disk access"
"ProgID" = "EhStorShell.AutoplayHandler"
"InitCmdLine" = "Authorize"
HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler\CLSID\(Default) = "{36F54939-CD3B-4C73-92D5-F9A389ED631C}"
-> {HKLM...CLSID} = "Enhanced Storage Autoplay Handler Class"
\InProcServer32\(Default) = "C:\Windows\system32\EhStorShell.dll" [MS]

NeroAutoPlay8VideoCapture\
"Provider" = "Nero Vision"
"ProgID" = "Shell.HWEventHandlerShellExecute"
"InitCmdLine" = ""C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe" /New:VideoCapture"
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = "{FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}"
-> {HKLM...CLSID} = "Shell Execute Hardware Event Handler"
\LocalServer32\(Default) = "C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}" [MS]

RPCDBurningOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.CDBurn.6"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\RealPlayer.CDBurn.6\shell\open\command\(Default) = ""c:\program files\real\realplayer\\RealPlay.exe" /burn "%1"" ["RealNetworks, Inc."]

RPDVDBurningOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.DVDBurn.6"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\RealPlayer.DVDBurn.6\shell\open\command\(Default) = ""c:\program files\real\realplayer\\RealPlay.exe" /burndvd "%1"" ["RealNetworks, Inc."]

RPPlayCDAudioOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AudioCD.6"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\RealPlayer.AudioCD.6\shell\play\command\(Default) = ""c:\program files\real\realplayer\\RealPlay.exe" /play %1 " ["RealNetworks, Inc."]

RPPlayDVDMovieOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.DVD.6"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\RealPlayer.DVD.6\shell\play\command\(Default) = ""c:\program files\real\realplayer\\RealPlay.exe" /dvd %1 " ["RealNetworks, Inc."]

RPPlayMediaOnArrival\
"Provider" = "RealPlayer"
"InvokeProgID" = "RealPlayer.AutoPlay.6"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\RealPlayer.AutoPlay.6\shell\open\command\(Default) = ""c:\program files\real\realplayer\\RealPlay.exe" /autoplay "%1"" ["RealNetworks, Inc."]

WIA_{BD7D8513-56D9-4401-B2BB-53FD746C058B}\
"Provider" = "Microsoft Office Word"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = "/WiaCmd;C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /IMG_WIA;"
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\Windows\system32\WPDShextAutoplay.exe" [MS]

Non-disabled Scheduled Tasks:
-----------------------------

C:\Users\بو محمد\AppData\Local\Microsoft\Windows Sidebar\Settings.ini

C:\Windows\System32\Tasks
"Adobe online update program" -> launches: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ["Adobe Systems Incorporated"]
"Game_Booster_Startup" -> launches: "C:\Program Files\IObit\Game Booster\gbtray.exe" [file not found]
"GoogleUpdateTaskMachineCore" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /c" [file not found]
"GoogleUpdateTaskMachineUA" -> launches: "C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler" [file not found]
"GoogleUpdateTaskUserS-1-5-21-768840598-2454648268-1992524899-1007Core" -> launches: "C:\Users\بو محمد\AppData\Local\Google\Update\GoogleUpdate.exe /c" ["Google Inc."]
"GoogleUpdateTaskUserS-1-5-21-768840598-2454648268-1992524899-1007UA" -> launches: "C:\Users\بو محمد\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler" ["Google Inc."]
"Java Update Scheduler" -> launches: "C:\Program Files\Common Files\Java\Java Update\jusched.exe" ["Sun Microsystems, Inc."]
"Norton Security Scan for بو محمد" -> (HIDDEN!) launches: "C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe /scan-quick /scheduled" [file not found]
"Real Player online update program" -> launches: "C:\Program Files\Real\realplayer\update\realsched.exe -osboot" [file not found]
"RealUpgradeLogonTaskS-1-5-21-768840598-2454648268-1992524899-1000" -> launches: "C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck" [file not found]
"RealUpgradeScheduledTaskS-1-5-21-768840598-2454648268-1992524899-1000" -> launches: "C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck" [file not found]
"RegistryBooster" -> launches: "C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe" [file not found]
"RunAsStdUser Task" -> launches: ""C:\Users\بو محمد\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe"" [file not found]
"Scheduled Update for Ask Toolbar" -> launches: "C:\Program Files\Ask.com\UpdateTask.exe" [file not found]
"SidebarExecute" -> launches: "C:\Program Files\Windows Sidebar\sidebar.exe /addGadget" [MS]
"TuneUpUtilities_Task_BkGndMaintenance2012" -> launches: "C:\Program Files\TuneUp Utilities 2012\OneClick.exe $(Arg0)" [file not found]
"User_Feed_Synchronization-{E04C5149-82D4-4AFD-8953-E4AAB8E8DFEA}" -> (HIDDEN!) launches: "C:\Windows\system32\msfeedssync.exe sync" [MS]
"User_Feed_Synchronization-{E92186A3-0EEB-48C6-B1D1-48F86EDE5396}" -> (HIDDEN!) launches: "C:\Windows\system32\msfeedssync.exe sync" [MS]
"{00E00F33-D45A-42B6-9AED-AACF71BFA4C3}" -> launches: "C:\Users\بو محمد\Documents\Downloads\Compressed\xpadder_5.3.By_D.LUFFY\xpadder_5.3.By D.LUFFY\xpadder_gamepad_profiler\Xpadder.exe" [file not found]
"{0510DDB2-E700-4BA0-A4D0-F6A77C99DB0B}" -> launches: "C:\Users\بو محمد\Downloads\Office2003SP3-KB923618-FullFile-ENU.exe" [file not found]
"{23B99355-CF70-42BB-A9BD-8E195ED351F7}" -> launches: "C:\Users\بو محمد\Downloads\181.22_geforce_winxp_32bit_english_whql.exe" [file not found]
"{30EDF0E0-5CFB-4B4D-B712-694E93E76CCA}" -> launches: "C:\Users\بو محمد\Downloads\MUI2003SP3-KB923618-FullFile-ARA.exe" [file not found]
"{33DDDDBA-76A4-4C05-801F-4633FA7DE5E4}" -> launches: "C:\Windows\system32\pcalua.exe -a "C:\Users\بو محمد\Downloads\iPhone_PC_Suite2.8.0.118\iPhone PC Suite\iPhone\PkgInstaller.exe" -d "C:\Users\بو محمد\Downloads\iPhone_PC_Suite2.8.0.118\iPhone PC Suite\iPhone"" [MS]
"{41ED85E8-E226-4D81-B902-9F84789EB556}" -> launches: "C:\Users\بو محمد\Downloads\MUI2003SP3-KB923618-FullFile-ARA.exe" [file not found]
"{4A141C7C-FE20-4DF7-A4B3-F44006C0DA57}" -> launches: "C:\Users\بو محمد\Downloads\iPhone_PC_Suite2.8.0.118\iPhone PC Suite\iPhone\iPhone PC Suite.exe" [file not found]
"{4DC5C02E-33C4-4DBF-B4E4-F3546E33FEDF}" -> launches: "C:\Windows\system32\pcalua.exe -a G:\exe\FlockSetup.exe -d G:\exe" [MS]
"{63F39750-531B-476B-B077-52523297C636}" -> launches: "C:\Program Files\Cheat Engine 6.1\cheatengine-x86_64.exe" ["Cheat Engine"]
"{69A01B2D-23C7-44B4-8923-015136F4D49F}" -> launches: "C:\Windows\system32\pcalua.exe -a "G:\Call of Duty - Black Ops\Call of Duty - Black Ops .exe" -d "G:\Call of Duty - Black Ops"" [MS]
"{799BF3B0-1463-4303-8985-59BBD97E65EC}" -> launches: "C:\Program Files\Cheat Engine 6.1\cheatengine-x86_64.exe" ["Cheat Engine"]
"{7D9A98D4-1CEB-465A-818E-2B12F8AD6D71}" -> launches: "C:\Windows\system32\pcalua.exe -a "C:\Users\بو محمد\Documents\Downloads\iPhone_PC_Suite2.8.0.118\iPhone PC Suite\iPhone\PkgInstaller.exe" -d "C:\Users\بو محمد\Documents\Downloads\iPhone_PC_Suite2.8.0.118\iPhone PC Suite\iPhone"" [MS]
"{87DC211A-ACD1-4636-AF02-338B7EF79F87}" -> launches: "E:\Setup.exe" [file not found]
"{87E96BE7-1795-41C2-B438-7E5D62FF341B}" -> launches: "C:\Windows\system32\pcalua.exe -a "D:\Call of Duty - Black Ops sgp\Redist\vcredist_x86.exe" -d "D:\Call of Duty - Black Ops sgp\Redist"" [MS]
"{91DB0B25-2166-4D9C-8961-ACE4316445FE}" -> launches: "C:\Users\بو محمد\Downloads\Office2003SP3-KB923618-FullFile-ENU.exe" [file not found]
"{B1228017-6ABA-45DF-8EBE-392C2431EDC6}" -> launches: "C:\Windows\system32\pcalua.exe -a "G:\Call of Duty - Black Ops\Call of Duty - Black Ops .exe" -d "G:\Call of Duty - Black Ops"" [MS]
"{C0F373B4-9FC5-4792-9E09-39076B172568}" -> launches: "E:\Setup.exe" [file not found]
"{F9385E76-0FC3-4A2D-AD8B-1756FF1B95ED}" -> launches: "C:\Windows\system32\pcalua.exe -a "D:\Call of Duty - Black Ops\Redist\vcredist_x86.exe" -d "D:\Call of Duty - Black Ops\Redist"" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
"AD RMS Rights Policy Template Management (Manual)" -> launches: "{BF5CB148-7C77-4d8a-A53E-D81C70CF743C}"
-> {HKLM...CLSID} = "AD RMS Rights Policy Template Management (Manual) Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\msdrm.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
"AitAgent" -> launches: "aitagent" [MS]
"ProgramDataUpdater" -> launches: "%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
"Proxy" -> launches: "%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
"UninstallDeviceTask" -> launches: "BthUdTask.exe $(Arg0)" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
"SystemTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}"
-> {HKLM...CLSID} = "Certificate Services Client Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS]
"UserTask" -> launches: "{58fb76b9-ac85-4e55-ac04-427593b1d060}"
-> {HKLM...CLSID} = "Certificate Services Client Task Handler"
\InProcServer32\(Default) = "C:\Windows\system32\dimsjob.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
"Consolidator" -> launches: "%SystemRoot%\System32\wsqmcons.exe" [MS]
"KernelCeipTask" -> (HIDDEN!) launches: "{e7ed314f-2816-4c26-aeb5-54a34d02404c}"
-> {HKLM...CLSID} = "KernelCeipCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\kernelceip.dll" [MS]
"UsbCeip" -> (HIDDEN!) launches: "{c27f6b1d-fe0b-45e4-9257-38799fa69bc8}"
-> {HKLM...CLSID} = "UsbCeip"
\InProcServer32\(Default) = "C:\Windows\System32\usbceip.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
"ScheduledDefrag" -> launches: "%windir%\system32\defrag.exe -c" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
"Scheduled" -> (HIDDEN!) launches: "{c1f85ef8-bcc2-4606-bb39-70c523715eb3}"
-> {HKLM...CLSID} = "ScheduledDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\sdiagschd.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
"Notifications" -> launches: "%windir%\System32\LocationNotifications.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
"WinSAT" -> launches: "{A9A33436-678B-4C9C-A211-7CC38785E79D}"
-> {HKLM...CLSID} = "WinSAT Task Manger Task"
\InProcServer32\(Default) = "C:\Windows\system32\WinSATAPI.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
"ActivateWindowsSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch" [MS]
"ConfigureInternetTimeService" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService" [MS]
"DispatchRecoveryTasks" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)" [MS]
"ehDRMInit" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DRMInit" [MS]
"InstallPlayReady" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)" [MS]
"mcupdate" -> launches: "%SystemRoot%\ehome\mcupdate $(Arg0)" [MS]
"MediaCenterRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask" [MS]
"ObjectStoreRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask" [MS]
"OCURActivate" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate" [MS]
"OCURDiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)" [MS]
"PBDADiscovery" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery" [MS]
"PBDADiscoveryW1" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery" [MS]
"PBDADiscoveryW2" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery" [MS]
"PvrRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask" [MS]
"PvrScheduleTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -PvrSchedule" [MS]
"RegisterSearch" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)" [MS]
"ReindexSearchRoot" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot" [MS]
"SqlLiteRecoveryTask" -> launches: "%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask" [MS]
"StartRecording" -> launches: "%SystemRoot%\ehome\ehrec /StartRecording" [MS]
"UpdateRecordPath" -> launches: "%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
"CorruptionDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}"
-> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS]
"DecompressionFailureDetector" -> (HIDDEN!) launches: "{190BA3F6-0205-4f46-B589-95C6822899D2}"
-> {HKLM...CLSID} = "MemoryDiagnosticCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\memdiag.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
"HotStart" -> launches: "{06DA0625-9701-43da-BFD7-FBEEA2180A1E}"
-> {HKLM...CLSID} = "HotStart User Agent"
\InProcServer32\(Default) = "C:\Windows\System32\HotStartUserAgent.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
"LPRemove" -> launches: "%windir%\system32\lpremove.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
"SystemSoundsService" -> launches: "{2DEA658F-54C1-4227-AF9B-260AB5FC3543}"
-> {HKLM...CLSID} = "Microsoft PlaySoundService Class"
\InProcServer32\(Default) = "C:\Windows\System32\PlaySndSrv.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
"GatherNetworkInfo" -> launches: "%windir%\system32\gatherNetworkInfo.vbs" [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
"AnalyzeSystem" -> launches: "%SystemRoot%\System32\powercfg.exe -energy -auto" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
"RacTask" -> (HIDDEN!) launches: "{42060D27-CA53-41f5-96E4-B1E8169308A6}"
-> {HKLM...CLSID} = "ReliabilityAnalysisCustomHandler"
\InProcServer32\(Default) = "C:\Windows\system32\RacEngn.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
"MobilityManager" -> launches: "{c463a0fc-794f-4fdf-9201-01938ceacafa}"
-> {HKLM...CLSID} = "RasMobilityManager"
\InProcServer32\(Default) = "C:\Windows\system32\rasmbmgr.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
"RegIdleBackup" -> (HIDDEN!) launches: "{ca767aa8-9157-4604-b64b-40747123d5f2}"
-> {HKLM...CLSID} = "RegistryIdleBackupHandler"
\InProcServer32\(Default) = "C:\Windows\System32\regidle.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
"RemoteAssistanceTask" -> (HIDDEN!) launches: "%windir%\system32\RAServer.exe /offerraupdate" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
"GadgetManager" -> launches: "{FF87090D-4A9A-4f47-879B-29A80C355D61}"
-> {HKLM...CLSID} = "GadgetsManager Class"
\InProcServer32\(Default) = "C:\Windows\System32\AuxiliaryDisplayServices.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore
"SR" -> launches: "%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
"Interactive" -> (HIDDEN!) launches: "{855fec53-d2e4-4999-9e87-3414e9cf0ff4}"
-> {HKLM...CLSID} = "RunTask"
\InProcServer32\(Default) = "C:\Windows\system32\wdc.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
"IpAddressConflict1" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem" [MS]
"IpAddressConflict2" -> launches: "%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework
"MsCtfMonitor" -> (HIDDEN!) launches: "{01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}"
-> {HKLM...CLSID} = "MsCtfMonitor task handler"
\InProcServer32\(Default) = "C:\Windows\system32\MsCtfMonitor.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
"SynchronizeTime" -> launches: "%windir%\system32\sc.exe start w32time task_started" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
"UPnPHostConfig" -> launches: "sc.exe config upnphost start= auto" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
"ResolutionHost" -> (HIDDEN!) launches: "{900be39d-6be8-461a-bc4d-b0fa71f5ecb1}"
-> {HKLM...CLSID} = "DiagnosticInfrastructureCustomHandler"
\InProcServer32\(Default) = "C:\Windows\System32\wdi.dll" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
"QueueReporting" -> launches: "%windir%\system32\wermgr.exe -queuereporting" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
"BfeOnServiceStartTypeChange" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
"UpdateLibrary" -> launches: ""%ProgramFiles%\Windows Media Player\wmpnscfg.exe"" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
"AutomaticBackup" -> launches: "%systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup" [MS]
"Windows Backup Monitor" -> launches: "%systemroot%\system32\sdclt.exe /CHECKSKIPPED" [MS]

C:\Windows\System32\Tasks\WPD
"SqmUpload_S-1-5-21-768840598-2454648268-1992524899-1000" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe portabledeviceapi.dll,#1" [MS]
"SqmUpload_S-1-5-21-768840598-2454648268-1992524899-1007" -> (HIDDEN!) launches: "%windir%\system32\rundll32.exe portabledeviceapi.dll,#1" [MS]

Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\system32\NLAapi.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000004\LibraryPath = "%SystemRoot%\system32\napinsp.dll" [MS]
000000000005\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS]
000000000006\LibraryPath = "%SystemRoot%\system32\pnrpnsp.dll" [MS]
000000000007\LibraryPath = "C:\Program Files\Bonjour\mdnsNSP.dll" ["Apple Inc."]
000000000008\LibraryPath = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL" [MS]
000000000009\LibraryPath = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 39

Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}"
-> {HKLM...CLSID} = "************ Toolbar"
\InProcServer32\(Default) = "C:\Program Files\************\tb4sha.dll" ["Conduit Ltd."]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"
-> {HKLM...CLSID} = "CrowdStar Gamebar"
\InProcServer32\(Default) = "C:\Program Files\Ask.com\GenericAskToolbar.dll" [file not found]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "Google Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{D4027C7F-154A-4066-A1AD-4243D8127440}" = (no title provided)
-> {HKLM...CLSID} = "CrowdStar Gamebar"
\InProcServer32\(Default) = "C:\Program Files\Ask.com\GenericAskToolbar.dll" [file not found]

"{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}" = "************ Toolbar"
-> {HKLM...CLSID} = "************ Toolbar"
\InProcServer32\(Default) = "C:\Program Files\************\tb4sha.dll" ["Conduit Ltd."]

"{8DCB7100-DF86-4384-8842-8FA844297B3F}" = "Bing"
-> {HKLM...CLSID} = "Bing Bar"
\InProcServer32\(Default) = ""C:\Program Files\Microsoft\BingBar\BingExt.dll"" ["لإَّ‎M*çr*s*ft C*rpôr*t***. _*¯* _*¯* لإَّ" (unwritable string)]

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll" ["Google Inc."]

"{95B7759C-8C7F-4BF1-B163-73684A933233}" = (no title provided)
-> {HKLM...CLSID} = "AVG Security Toolbar"
\InProcServer32\(Default) = "C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [null data]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "أب&حاث"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{2670000A-7350-4F3C-8081-5663EE0C6C49}\
"ButtonText" = "إرسال إلى OneNote"
"MenuText" = "إر&سال إلى OneNote"
"CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}"
-> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll" [MS]

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\
"ButtonText" = "@C:\Windows\WindowsMobile\INetRepl.dll,-222"
"CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}"
-> {HKLM...CLSID} = "Create Mobile Favorite"
\InProcServer32\(Default) = "C:\Windows\WindowsMobile\INetRepl.dll" [MS]

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\
"MenuText" = "@C:\Windows\WindowsMobile\INetRepl.dll,-223"
"CLSIDExtension" = "{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}"
-> {HKLM...CLSID} = "Create Mobile Favorite"
\InProcServer32\(Default) = "C:\Windows\WindowsMobile\INetRepl.dll" [MS]

{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE}\
"ButtonText" = "PalTalk"
"Exec" = "C:\Program Files\Paltalk Messenger\Paltalk.exe" [file not found]

{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\
"ButtonText" = "Skype Click to Call"
"MenuText" = "Skype Click to Call"
"CLSIDExtension" = "{898EA8C8-E7FF-479B-8935-AEC46303B9E5}"
-> {HKLM...CLSID} = "Skype Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll" ["Skype Technologies S.A."]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

Miscellaneous IE Hijack Points
------------------------------

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\
<<H>> "Tabs" = "http://isearch.avg.com/tab?cid={F9AE9D4F-D6EA-408E-B4C1-A18F68CB9525}&mid=0c4f8392552747d1929dd1577561dfb5-229740834eee3c476e481e6bf6815390dd8e985e&lang=en&ds=AVG&pr=fr&d=2012-04-19 15:46:56&v=10.0.0.7&sap=nt" [file not found]

All Non-Disabled Services (Display Name, Service Name, Path {Service DLL}):
---------------------------------------------------------------------------

Advanced SystemCare Service 5, AdvancedSystemCareService5, "C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe" ["IObit"]
Apple Mobile Device, Apple Mobile Device, ""C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"" [file not found]
Application Updater, Application Updater, ""C:\Program Files\Application Updater\ApplicationUpdater.exe"" ["Spigot, Inc."]
AVG WatchDog, avgwd, ""C:\Program Files\AVG\AVG10\avgwdsvc.exe"" ["AVG Technologies CZ, s.r.o."]
BBUpdate, BBUpdate, ""C:\Program Files\Microsoft\BingBar\SeaPort.EXE"" [MS]
Bing Bar Update Service, BBSvc, ""C:\Program Files\Microsoft\BingBar\BBSvc.EXE"" ["Microsoft Corporation."]
Bonjour Service, Bonjour Service, ""C:\Program Files\Bonjour\mDNSResponder.exe"" ["Apple Inc."]
Defragmentation-Service, DfSdkS, ""C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe"" ["mst software GmbH, Germany"]
IMF Service, IMFservice, "C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe" ["IObit"]
Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service, BTHSSecurityMgr, ""C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"" ["Intel(R) Corporation"]
Intel(R) PROSet/Wireless Registry Service, RegSrvc, "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" ["Intel(R) Corporation"]
Intel(R) Rapid Storage Technology, IAStorDataMgrSvc, ""C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"" [null data]
Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service, AMPPALR3, "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe" ["Intel Corporation"]
Internet Connection Sharing (ICS), SharedAccess, "C:\Windows\System32\svchost.exe -k netsvcs" {"C:\Windows\System32\ipnathlp.dll" [MS]}
iPod Service, iPod Service, ""C:\Program Files\iPod\bin\iPodService.exe"" ["Apple Inc."]
Ma-Config Service, maconfservice, ""C:\Program Files\ma-config.com\maconfservice.exe"" ["CybelSoft"]
McciCMService, McciCMService, ""C:\Program Files\Common Files\Motive\McciCMService.exe"" ["Alcatel-Lucent"]
Microsoft .NET Framework NGEN v4.0.30319_X86, clr_optimization_v4.0.30319_32, "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe" [MS]
Microsoft Office Diagnostics Service, odserv, ""C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"" [MS]
Microsoft Office Groove Audit Service, Microsoft Office Groove Audit Service, ""C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"" [MS]
Norton AntiVirus, NAV, ""C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\ccSvcHst.exe" /s "NAV" /m "C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\diMaster.dll" /prefetch:1" ["Symantec Corporation"]
nProtect GameGuard Service, npggsvc, "C:\Windows\system32\GameMon.des -service" ["INCA Internet Co., Ltd."]
Office Source Engine, ose, ""C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"" [MS]
PLFlash DeviceIoControl Service, PLFlash DeviceIoControl Service, "C:\Windows\system32\IoctlSvc.exe" ["Prolific Technology Inc."]
ServiceLayer, ServiceLayer, ""C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"" [file not found]
Skype Updater, SkypeUpdate, ""C:\Program Files\Skype\Updater\Updater.exe"" ["Skype Technologies"]
TuneUp Utilities Service, TuneUp.UtilitiesSvc, ""C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe"" [file not found]
TunngleService, TunngleService, "C:\Program Files\Tunngle\TnglCtrl.exe" ["Tunngle.net GmbH"]
vToolbarUpdater, vToolbarUpdater, "C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe" [null data]
Windows Live ID Sign-in Assistant, wlidsvc, ""C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"" [MS]
Windows Mobile-2003-based device connectivity, WcesComm, "C:\Windows\system32\svchost.exe -k WindowsMobile" {"C:\Windows\WindowsMobile\wcescomm.dll" [MS]}
Windows Mobile-based device connectivity, RapiMgr, "C:\Windows\system32\svchost.exe -k WindowsMobile" {"C:\Windows\WindowsMobile\rapimgr.dll" [MS]}
Wireless PAN DHCP Server, MyWiFiDHCPDNS, "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe" [null data]
خدمة Windows Activation Technologies, WatAdminSvc, "C:\Windows\system32\Wat\WatAdminSvc.exe" [MS]

Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> IMFservice, "Service"

Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS]

---------- (launch time: 2012-04-19 19:08:15)
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 62 seconds, including 2 seconds for message boxes)

techno · 19 أبريل 2012

أهلا بك أحي العزيز نورت المنتدى
بالنسبه لمشكلتك ان شاء الله خير
طبق التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعدها

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند اإنتهاء
ألصق التقارير بردك القادم

22abadi22 · 20 أبريل 2012

SUPERAntiSpyware

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 04/20/2012 at 03:50 AM

Application Version : 5.0.1146

Core Rules Database Version : 8485
Trace Rules Database Version: 6297

Scan type : Complete Scan
Total Scan Time : 01:14:51

Operating System Information
Windows 7 Home Premium 32-bit (Build 6.01.7600)
UAC Off - Administrator

Memory items scanned : 447
Memory threats detected : 0
Registry items scanned : 37140
Registry threats detected : 0
File items scanned : 41028
File threats detected : 262

Trojan.Agent/Gen-ClickDownload
C:\USERS\بو محمد\DOWNLOADS\CALL_OF_DUTY_BLACK_OPS_STEAM_KEY_TXT (1).EXE
C:\USERS\بو محمد\DOWNLOADS\CALL_OF_DUTY_BLACK_OPS_STEAM_KEY_TXT.EXE
C:\USERS\بو محمد\DOWNLOAD CALL_OF_DUTY_BLACK_OPS_STEAM_KEY_TXT.LNK
C:\SYSTEM VOLUME INFORMATION\SYSTEMRESTORE\FRSTAGING\USERS\بو محمد\DESKTOP\DOWNLOAD CALL_OF_DUTY_BLACK_OPS_STEAM_KEY_TXT(585).LNK
C:\SYSTEM VOLUME INFORMATION\SYSTEMRESTORE\FRSTAGING\USERS\بو محمد\DOWNLOAD CALL_OF_DUTY_BLACK_OPS_STEAM_KEY_TXT(907).LNK

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.game-advertising-online.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.avgtechnologies.112.2o7.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
forexyard.advertserve.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fl01.ct2.comclick.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s07.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s05.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adnetwork.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
oneclickad.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.alhilal.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.readserver.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s09.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.content.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.multiplayercrack.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.multiplayercrack.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hotlog.ru [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.kat.ph [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s04.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tradefx.advertserve.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.harrenmedianetwork.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s08.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s07.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.uk.at.atwola.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sonypanasia.112.2o7.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s06.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.g22g.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.g22g.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gametracker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
d.clickmena.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.emediate.dk [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad1.emediate.dk [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.readserver.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad3.adfarm1.adition.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
count.asnetworks.de [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adfarm1.adition.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbank.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ox-d.clickmena.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serials.be [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serials.be [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracknet.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracknet.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
7.rotator.wigetmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warez-files.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warez-files.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gamesexploited.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gamesexploited.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gamesexploited.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.ohost.de [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.footballmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adscendmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adscendmedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitepvpers.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitepvpers.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitepvpers.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftwlsearchcrm.112.2o7.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webstatschecker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.webstatschecker.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s09.flagcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c1.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myroitracking.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clicksor.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\بو محمد\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-HackPatch
C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\PATCH 5.XX (2008-12-06).EXE

المالووو بيت

Malwarebytes Anti-Malware 1.61.0.1400

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة قاعدة البيانات : v2012.04.04.08

Windows 7 x86 NTFS (الوضع الآمن/عمليات الشبكة)
Internet Explorer 8.0.7600.16385
بو محمد :: بومحمد-PC [مدير]

28/05/33 02:39:22 ص
mbam-log-2012-04-20 (02-39-22).txt

نوع الفحص : فحص كامل
خيارت الفحص الممكنة: الذاكرة | بدء التشغيل | الريجستري | نظام الملفات | أساليب بحثية/غير ذلك | PUP | PUM
خيارات الفحص المعطلة: Shuriken/أساليب بحثية | P2P
الكائنات المفحوصة : 404874
الوقت المنقضي : 1 ساعة, 2 دقيقة, 28 ثانية

عمليات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

وحدات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

مفاتيح الريجستري المصابة : 6
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> تم بنجاح العزل و الحذف
HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> تم بنجاح العزل و الحذف
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> تم بنجاح العزل و الحذف

قيم الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)

مواد بيانات الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)

المجلدات المصابة : 4
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\bin (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\bin\1.0.11.0 (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\data (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف

الملفات المصابة : 20
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsApp(21).dll (PUP.FunMoods) -> لم ينفذ أي إجراء
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsEng(22).dll (PUP.FunMoods) -> لم ينفذ أي إجراء
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\funmoodssrv(23).exe (PUP.FunMoods) -> لم ينفذ أي إجراء
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsTlbr(24).dll (PUP.FunMoods) -> لم ينفذ أي إجراء
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\uninstall(25).exe (PUP.FunMoods) -> لم ينفذ أي إجراء
C:\System Volume Information\SystemRestore\FRStaging\Program Files\Funmoods\funmoods\1.5.11.16\bh\funmoods(20).dll (PUP.Funmoods) -> لم ينفذ أي إجراء
C:\Users\بو محمد\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll (Trojan.Downloader) -> تم بنجاح العزل و الحذف
C:\Program Files\Internet Download Manager\Patch 5.xx (2008-12-06).exe (Riskware.Tool.CK) -> تم بنجاح العزل و الحذف
C:\System Volume Information\SystemRestore\FRStaging\Users\بو محمد\Documents\Downloads\Fahes2010\Vista\Software\SSM\content\AGB(886).exe (Adware.BHO) -> تم بنجاح العزل و الحذف
C:\System Volume Information\SystemRestore\FRStaging\Users\بو محمد\Documents\Downloads\Fahes2010\Vista\Software\SSM\content\CDB(888).exe (Adware.BHO) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Downloads\mzgame.exe (PUP.BundleInstaller.IB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Downloads\مجلد جديد ‫‬\SoftonicDownloader_for_bumptop.exe (PUP.ToolbarDownloader) -> تم بنجاح العزل و الحذف
D:\downloads\Call of Duty Black Ops (2010) [PCDVD9][Spanish][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

(Trojan.Agent) -> تم بنجاح العزل و الحذف
D:\downloads\Call of Duty Black Ops (2010) [PCDVD9][Spanish][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

(Trojan.Agent) -> تم بنجاح العزل و الحذف
D:\downloads\Call of Duty Black Ops (2010) [PCDVD9][Spanish][

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

(Backdoor.Bot) -> تم بنجاح العزل و الحذف
D:\بو محمد\22abadi22\Desktop\Mohamed_1\eblsm.vxe (Trojan.FakeAlert) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\data\RavenBleuSA.dat (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\data\RavenBleuSAau.dat (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف
C:\Users\بو محمد\Local Settings\Application Data\RAVENBLEUSA\data\RavenBleuSA_kyf.dat (Adware.Hotbar.RB) -> تم بنجاح العزل و الحذف

(و)

techno · 20 أبريل 2012

تقريرهايجيك جديد+البرامج المثبته

22abadi22 · 20 أبريل 2012

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:02:57 م, on 20/04/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe" /args:"/after_restart"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

--
End of file - 11810 bytes

====== معلومات نظام التشغيل ======

X86 WIN_7 7600

====== قائمة البرامج المثبتة ======

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0 ME
Adobe Reader 9.5.0
Adobe Shockwave Player 11.5
Ashampoo HDD Control 1.12
AVG 2011
AVG 2011
Bing Bar
Bonjour
Bully Scholarship Edition
Bully Scholarship Edition
CCleaner
Cheat Engine 6.1
Complitly
Driver Genius Professional Edition
Fraps
Game Booster 3
Garmin MapSource
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Intel PROSet Wireless
Intel(R) Graphics Media *********** Driver
Intel(R)‎ PROSet/Wireless WiFi برنامج
Intel(R) Rapid Storage Technology
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 31
K-Lite Codec Pack 5.7.0 (Full)
League of Legends
Malwarebytes Anti-Malware النسخة 1.61.0.1400
MapSource - WorldMap v3.01
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile ARA Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Arabic) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Arabic) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (Arabic) 2007
Microsoft Office InfoPath MUI (Arabic) 2007
Microsoft Office OneNote MUI (Arabic) 2007
Microsoft Office Outlook MUI (Arabic) 2007
Microsoft Office PowerPoint MUI (Arabic) 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proofing (Arabic) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Arabic) 2007
Microsoft Office Shared MUI (Arabic) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Word MUI (Arabic) 2007
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 11.0 (x86 ar)
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Nexon Game Manager
Nexon Game Manager
Nokia PC Suite
Norton AntiVirus
PaltalkScene
Pando Media Booster
PC Connectivity Solution
REACTOR
RealPlayer
RealUpgrade 1.0
RESIDENT EVIL 5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2478663)
Security Update for حزمة اللغة العربية لـ Microsoft .NET Framework 4 (KB2518870)
Skype Click to Call
Skype™ 5.8
Spelling Dictionaries Support For Adobe Reader 9
Steam
SUPERAntiSpyware
SweetIM for Messenger 3.6
SweetPacks Toolbar for Internet Explorer 4.5
Synaptics Pointing Device Driver
System Requirements Lab CYRI
System Requirements Lab for Intel
TuneUp Utilities Language Pack (en-US)
Tunngle beta
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
VCRedistSetup
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
WinRAR 4.11 (32-bit)
Your Uninstaller! 7
أداة التحميل Windows Live Upload Tool
تحديث لـ Microsoft Office Excel 2007 Help (KB963678)
تحديث لـ Microsoft Office Powerpoint 2007 Help (KB963669)
تحديث لـ Microsoft Office Word 2007 Help (KB963665)
حزمة اللغة العربية لـ Microsoft .NET Framework 4
حزمة برامج تشغيل Windows - Nokia Modem (06/01/2009 7.01.0.4)
حزمة برامج تشغيل Windows - Nokia Modem (10/05/2009 4.2)
حزمة برامج تشغيل Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

techno · 20 أبريل 2012

عندك النورتن والأيفيجي والبيتديفندر عالق
:d:
بالهايجيك احذف القيم التاليه

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)

R3 - URLSearchHook: (no name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)

O2 - BHO: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)

O3 - Toolbar: ************ Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\************\tb4sha.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [bdinstaller] "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setu plauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setu pdownloader.exe" /args:"/after_restart"

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

من قائمة البرامج احذف التالي
AVG 2011

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Bing Bar
Bonjour
Game Booster 3
Google Earth
Google Toolbar
Google Update Helper
Pando Media Booster
SUPERAntiSpyware
SweetPacks Toolbar

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد الإنتهاء
هايجيك جديد

22abadi22 · 20 أبريل 2012

اخوي انا ماعندي برنامج الاكسبلورر واذا جيت اثبته يطلعلي كذا

22abadi22 · 20 أبريل 2012

Hijack This

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:48:28 م, on 20/04/12
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Windows\system32\ctfmon.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\بو محمد\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\mspaint.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-lsf?lic=OUxTRlJFRS1WUFVaNy1HMkNNWC1SWFBXQS1QM05aSC05RDIwQy0zN1RT"&"inst=NzctMTI0NDEyMzI4OS1TVDEwT0krMS1ERFQrMC1TVDEwQVBQKzEtRDM4MUwrNi1JMTArMQ"&"prod=55"&"ver=10.0.1424
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (file missing)
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.1.0.28\ccSvcHst.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 8983 bytes

techno · 20 أبريل 2012

22abadi22 قال:
اخوي انا ماعندي برنامج الاكسبلورر واذا جيت اثبته يطلعلي كذا

الرساله عاديه لأنك وافقت على ترقية متصفح الإكسبلورر للنسخه 9 ولم يكتمل ذلك
جرب الترقيه لاحقا
:kmj-by0000 (72):

techno · 20 أبريل 2012

سؤال هل هذا البرنامج عندك ام انك حذفته

Advanced SystemCare Service 5

بالهايجيك احذف التالي
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

1HMkNNWC1SWFBXQS1QM05aSC 05RDIwQy0zN1RT"&"inst=NzctMTI0NDEyMzI4OS1TVDEwT0kr MS1ERFQrMC1TVDEwQVBQKzEtRDM4MUwrNi1JMTArMQ"&"prod= 55"&"ver=10.0.1424

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)

اعطيني تقرير ران سكانر

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

22abadi22 · 20 أبريل 2012

techno قال:
الرساله عاديه لأنك وافقت على ترقية متصفح الإكسبلورر للنسخه 9 ولم يكتمل ذلك
جرب الترقيه لاحقا
:kmj-by0000 (72):

مشكووووووووور على الحل والله يجعلها في ميزان حسناتك ؤؤ

22abadi22 · 20 أبريل 2012

techno قال:
سؤال هل هذا البرنامج عندك ام انك حذفته

Advanced SystemCare Service 5

بالهايجيك احذف التالي
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي
1HMkNNWC1SWFBXQS1QM05aSC 05RDIwQy0zN1RT"&"inst=NzctMTI0NDEyMzI4OS1TVDEwT0kr MS1ERFQrMC1TVDEwQVBQKzEtRDM4MUwrNi1JMTArMQ"&"prod= 55"&"ver=10.0.1424

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)

اعطيني تقرير ران سكانر

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Advanced SystemCare Service 5

ماهو موجود في قائمة البرامج

القيمة الاولى الي عطتني ايها ماهي موجودة

ران سكانر

هذا الرابط

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

22abadi22 · 20 أبريل 2012

اخوي جاتني مشكلة الشاشة الزرقاء واذا اعدة تشغيله تجيني رسالة ويندوز

techno · 20 أبريل 2012

فضلا ارفع ملف ران سكانر على موقع آخر
لأن الرابط لايفتح معي تبع الميديافاير

22abadi22 · 20 أبريل 2012

techno قال:
فضلا ارفع ملف ران سكانر على موقع آخر
لأن الرابط لايفتح معي تبع الميديافاير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

او

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

معليش الرابط غلط خذ هذا

techno · 20 أبريل 2012

حمل الملف التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

قم بتحميله وشغله ثم اتبع الخطوات التالية للتنظيف

فقط

زيزوومي جديد

زيزوومي جديد

عضو شرف

توقيع : techno

زيزوومي جديد

عضو شرف

توقيع : techno

زيزوومي جديد

عضو شرف

توقيع : techno

زيزوومي جديد

زيزوومي جديد

عضو شرف

توقيع : techno

عضو شرف

توقيع : techno

زيزوومي جديد

زيزوومي جديد

زيزوومي جديد

عضو شرف

توقيع : techno

زيزوومي جديد

عضو شرف

توقيع : techno