فتحت ملف تروقان عن طريق الخطأ , ماهو الحل ؟

Dr.YaaSer · 15 يونيو 2012

السلام عليكم و رحمة الله و بركاته , كيفكم ان شاء الله بخير و عافية ؟

أنا عن طريق الخطأ فتحت ملف تروقان , كنت احاول نقله الى سلة المهملات و لكني فوجئت بفتحه

الآن من المؤكد ان التروقان بدأ يعمل , و ينسخ نفسه في اماكن معينة لاستكمال التجسس

لا اعلم ما هو عمله هل هو فايروس لنسخ كلمات السر أم فايروس لبرنامج يتحكم بكامل الجهاز

رفعت الملف على الفايروس توتال فوجدت انه مكشوف من 9 حمايات فقط و مشفر عن الباقية و برنامج الحماية لدي أحد هذه البرامج التي لم تكتشفه

و هذا تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

و هذا هو تقرير الهايجاك

أتمنى منكم سرعة الإستجابة قبل فوات الأون !! :no:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:52:43 م, on 06/15/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Shop To Win\ShopToWin.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Messenger Plus Saudi Toolbar - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {086e63ec-0830-bb34-e51e-716c6eda635f} - C:\Program Files (x86)\Shop to Win 36\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: FCTBPos00Pos - {028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} - C:\Program Files (x86)\Shop to Win 36\Shop to Win 36.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browse For Change BHO - {912C156F-05CF-4B62-851A-96E167A677B0} - mscoree.dll (file missing)
O2 - BHO: Messenger Plus Saudi - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Messenger Plus Saudi Toolbar - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - (no file)
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Amer\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Users\Amer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Shop To Win] C:\Program Files (x86)\Shop To Win\ShopToWin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17705 bytes

الخفـوق · 15 يونيو 2012

حمل هذا البرنامج

رابط مباشر ،، محمول وبدون تثبيت
محدث
8 \ 4 \ 2012

ينصح بإغلاق برنامج الحماية قبل تحميل البرنامج
مستخدمي وندوز فيستا وسفن >>> كلك يمين وتشغيل كمسؤل

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

انسخ ما بداخل التقرير والصقه بمشاركتك القادمة

Dr.YaaSer · 15 يونيو 2012

طبعا على ما اظن حصلت الملف المقصود

كان ناسخ نفسه في مجلد البرامج في مجلد اسمه i want this

و اسم الملف كان uninstall

و هذا التقرير

Malwarebytes' Anti-Malware 1.51.2.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

06/15/2012 06:02:32 م
mbam-log-2012-06-15 (18-02-31).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 489525
Time elapsed: 1 hour(s), 7 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\i want this\uninstall.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\Users\Amer\AppData\Local\Temp\is1373634743\iwantthis_us.exe (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
c:\Users\Amer\AppData\LocalLow\iBryte\implementations\browseforchange\assemblies\1\browserobjects.dll (Adware.IBryte) -> Quarantined and deleted successfully.
c:\Users\Amer\downloads\downloadsetup.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.
c:\Users\Amer\downloads\ultrasurf - u99 jan-2010\u1017.exe (Trojan.Agent) -> Quarantined and deleted successfully.

الوفاء طبعي · 15 يونيو 2012

اعمل الفحص التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Dr.YaaSer · 16 يونيو 2012

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 06/15/2012 at 08:37 PM

Application Version : 5.1.1002

Core Rules Database Version : 8742
Trace Rules Database Version: 6554

Scan type : Complete Scan
Total Scan Time : 01:13:04

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned : 733
Memory threats detected : 0
Registry items scanned : 69227
Registry threats detected : 0
File items scanned : 63053
File threats detected : 288

Adware.Tracking Cookie
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\XGRBMIF6.txt [ /adserver.zonemedia.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\7EJKB3BL.txt [ /adtech.de ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\C7R0UYJT.txt [ /serving-sys.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\BUZFGVS1.txt [ /ad.yieldmanager.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\GFMAZE47.txt [ /tradefx.advertserve.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\8RJOQFGB.txt [ /bs.serving-sys.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\D3Q4LGHL.txt [ /microsoftwllivemkt.112.2o7.net ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\NQH0YM2A.txt [ /atdmt.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\1CD69FE2.txt [ /c.atdmt.com ]
C:\Users\Amer\AppData\Roaming\Microsoft\Windows\Cookies\WLN62IHQ.txt [ /doubleclick.net ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\4M17JEB2.txt [ Cookie:amer@adtech.de/ ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z310GYIO.txt [ Cookie:amer@media6degrees.com/ ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ZBWXPHF.txt [ Cookie:amer@ad.yieldmanager.com/ ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\8LZWDH72.txt [ Cookie:amer@www.google.com/accounts ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQSEM2WL.txt [ Cookie:amer@tradefx.advertserve.com/ ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\XH9702LD.txt [ Cookie:amer@invitemedia.com/ ]
C:\USERS\AMER\AppData\Roaming\Microsoft\Windows\Cookies\Low\8FYMN4MO.txt [ Cookie:amer@doubleclick.net/ ]
C:\USERS\AMER\Cookies\XGRBMIF6.txt [ Cookie:amer@adserver.zonemedia.com/ ]
C:\USERS\AMER\Cookies\7EJKB3BL.txt [ Cookie:amer@adtech.de/ ]
C:\USERS\AMER\Cookies\C7R0UYJT.txt [ Cookie:amer@serving-sys.com/ ]
C:\USERS\AMER\Cookies\BUZFGVS1.txt [ Cookie:amer@ad.yieldmanager.com/ ]
C:\USERS\AMER\Cookies\GFMAZE47.txt [ Cookie:amer@tradefx.advertserve.com/ ]
C:\USERS\AMER\Cookies\8RJOQFGB.txt [ Cookie:amer@bs.serving-sys.com/ ]
C:\USERS\AMER\Cookies\D3Q4LGHL.txt [ Cookie:amer@microsoftwllivemkt.112.2o7.net/ ]
C:\USERS\AMER\Cookies\NQH0YM2A.txt [ Cookie:amer@atdmt.com/ ]
C:\USERS\AMER\Cookies\WLN62IHQ.txt [ Cookie:amer@doubleclick.net/ ]
.doubleclick.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
oneclickad.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ittihadnet.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.kat.ph [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gottracked.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.octofinder.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dg.specificclick.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.blog.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.blog.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.blog.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracker.icerocket.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s07.flagcounter.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
s10.flagcounter.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads2.alhilal.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.adotube.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.adserve.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.adserve.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.adserve.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultfriendfinder.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.mediafire.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
flagcounter.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
s06.flagcounter.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
s04.flagcounter.com [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]
.acronis.122.2o7.net [ C:\USERS\AMER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GXFUMF7O.DEFAULT\COOKIES.SQLITE ]

PUP.CNETInstaller
C:\USERS\AMER\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_ASHAMPOO_BURNING_STUDIO_6_FREE_6_80_4312_EXE.EXE
C:\USERS\AMER\DOWNLOADS\PROGRAMS\CNET2_ASHAMPOO_BURNING_STUDIO_6_FREE_6_80_4312_EXE.EXE

Trojan.Agent/Gen-SoftonicDownloader
C:\USERS\AMER\DOWNLOADS\SOFTONICDOWNLOADER_FOR_KMPLAYER.EXE
C:\USERS\AMER\DOWNLOADS\SOFTONICDOWNLOADER_FOR_ULTRASURF.EXE

هذا تقرير البرنامج أخي الوفاء طبعي , أشكرك على التجاوب

البارون · 16 يونيو 2012

تقرير رن سكنر

Dr.YaaSer · 16 يونيو 2012

أخي البارون , مع الأسف موقع Eupload لا يعمل فرفعت الملف على الـ Mediafire

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بانتظار الرد

format · 16 يونيو 2012

حمل الملف التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة

اعمل كما بالشرح ...

ثم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

format · 16 يونيو 2012

ثم هايجك جديد لاهنت

Dr.YaaSer · 16 يونيو 2012

تم

هذا هو التقرير

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:49:14 م, on 06/16/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Shop To Win\ShopToWin.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Amer\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\Downloads\Programs\fg729p.exe
C:\Users\Amer\Downloads\uTorrent.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Amer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8580
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Messenger Plus Saudi Toolbar - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {086e63ec-0830-bb34-e51e-716c6eda635f} - C:\Program Files (x86)\Shop to Win 36\Helper.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: FCTBPos00Pos - {028E5C1E-E93A-FBA4-F949-AFB8EC7A5B86} - C:\Program Files (x86)\Shop to Win 36\Shop to Win 36.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browse For Change BHO - {912C156F-05CF-4B62-851A-96E167A677B0} - mscoree.dll (file missing)
O2 - BHO: Messenger Plus Saudi - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Messenger Plus Saudi Toolbar - {9e1b5c68-1ab5-49fe-97a9-d3f777c51663} - C:\Program Files (x86)\Messenger_Plus_Saudi\prxtbMess.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - (no file)
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\Amer\AppData\Local\Temp\zxq2\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Amer\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Users\Amer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Shop To Win] C:\Program Files (x86)\Shop To Win\ShopToWin.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira FireWall (AntiVirFirewallService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: خدمة Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: خدمة Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16086 bytes

format · 16 يونيو 2012

حمل هذا البرنامج من هنا

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

طبق الخطوات التاليه

واعطيني الصوره الثانيه كامله من جهازك

Dr.YaaSer · 17 يونيو 2012

شكرا أخ فورمات

و هذي هي الصورة

Dr.YaaSer · 17 يونيو 2012

يرفع للأهمية القصوى

الوفاء طبعي · 17 يونيو 2012

هلا فيك اخوي

تابع الصورة القادمة واي سطر وضعت قدامه خط احمر قفل الزر اللي عنده اللي هو بالاخضر روح فيه يسار وبعد ماتقفلها جميعا شوف فوق يسار فيه خيار Apply دوس عليه واعد تشغيل الجهاز وبعدها هات تقرير البرامج المثبته

Dr.YaaSer · 19 يونيو 2012

فضلا لا أمرا اخي الوفاء طبعي , ليش أحذف الـ Gadgets من قائمة الـ Start up ؟

هي تعمل لدي و مهمة جدا بالنسبة لي

Dr.YaaSer · 19 يونيو 2012

يرفع للأهمية القصوى

الوفاء طبعي · 19 يونيو 2012

انا ما احب اي اضافات على الوندوز سوا شريط ادوات او غيره ع العموم اتركه مو لازم تقفله لكن انا كنت ابي الاشياء الاساسية فقط هي اللي تشتغل

اهم شي هات تقرير البرامج المثبته

Dr.YaaSer · 19 يونيو 2012

سم , معليش ثقلنا عليك يالغالي ..

Dr.YaaSer · 20 يونيو 2012

يرفع للأهمية القصوى

الخفـوق · 20 يونيو 2012

بالنسبه للتروجان اللي تم تشغيله
تم ازالته بالمالوير بايت عند الفحص
مثل مانشوف

Dr.YaaSer قال:
.
c:\Users\Amer\downloads\ultrasurf - u99 jan-2010\u1017.exe (Trojan.Agent) -> Quarantined and deleted successfully.

بخصوص بدء التشغيل
مثل ما اشار لك اخوي ..
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

احتفظ ب Gadgets

وطبق الباقي من رد اخي الوفاء طبعي
..

زيزوومي نشيط

خبراء تحليل ملفات

توقيع : الخفـوق

زيزوومي نشيط

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومي نشيط

زيزوومى فضى

توقيع : البارون

زيزوومي نشيط

زيزوومي ماسى

توقيع : format

زيزوومي ماسى

توقيع : format

زيزوومي نشيط

زيزوومي ماسى

توقيع : format

زيزوومي نشيط

زيزوومي نشيط

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومي نشيط

زيزوومي نشيط

زيزوومى فضى

توقيع : الوفاء طبعي

زيزوومي نشيط

زيزوومي نشيط

خبراء تحليل ملفات

توقيع : الخفـوق