تم حل المشكلة شاكك جهازى مفيرس! وإعلانات منبثقة تطلع

[انا بابا يلا]

شاكك جهازى مفيرس! وإعلانات منبثقة تطلع

Hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:11:16 ص, on 23/08/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Windows\PromptService.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\KeyScrambler\KeyScrambler.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Nader\AppData\Roaming\BrowserCompanion\tbhcn.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Nader\AppData\Roaming\Mozilla\Firefox\Profiles\idtc4h0e.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [VPN Direct] C:\Program Files\VPN Direct\bin\VPNStarter.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [PromptService] C:\Windows\PromptService.exe
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] "C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe"
O4 - HKLM\..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\Nader\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MediaFire Tray] "C:\Users\Nader\AppData\Local\MediaFire Express\mf_systray.exe" --boot-start
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Nader\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Startup: ImpulseNow.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
O4 - Startup: tbhcn.lnk = Nader\AppData\Roaming\BrowserCompanion\tbhcn.exe
O4 - Startup: VyprVPN for Giganews.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: &Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) - Yuna Software - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\VPN Direct\bin\openvpnserv.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe

--
End of file - 12478 bytes



​

 

[انا بابا يلا]

Runscanner

Runscanner logfile

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

* = signed file
- = file not found

General info
------------
Computer name : NADER-PC
Creation time : 23/08/2012 04:13:56 ص
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Enterprise
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : Arabic (Egypt)
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\System32\atieclxx.exe (AMD)
* C:\Windows\System32\atiesrxx.exe (AMD)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dllhost.exe (Microsoft Corporation)
C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
* C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
* C:\Program Files\KeyScrambler\KeyScrambler.exe (QFX Software Corporation)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
C:\Users\Nader\AppData\Roaming\Mozilla\Firefox\Profiles\idtc4h0e.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe (IDEVFH)
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
* C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
* C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe (Nitro PDF Software)
C:\Windows\PromptService.exe (NewSoftwares.net,Inc.)
* C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
* C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
* C:\Users\Nader\AppData\Roaming\BrowserCompanion\tbhcn.exe
* C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
* C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
* C:\Windows\system32\audiodg.exe (Microsoft Corporation)
* C:\Windows\explorer.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
* C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe

Unrated items
-------------
002 * C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Software Pty Ltd)
002 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
002 * C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
002 * C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
002 * C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Yuna Software)
002 C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
002 C:\Windows\PromptService.exe (NewSoftwares.net,Inc.)
002 * C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
002 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
002 * C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
002 * C:\Program Files\VPN Direct\bin\VPNStarter.exe (VPNDirect Limited)
003 * C:\Users\Nader\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
003 * C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
003 * C:\Users\Nader\AppData\Local\MediaFire Express\mf_systray.exe (MediaFire LLC)
003 * C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
003 * C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
003 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
004 C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
004 * C:\Users\Nader\AppData\Roaming\BrowserCompanion\tbhcn.exe
007 C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
007 * C:\Users\Nader\AppData\Roaming\BrowserCompanion\tbhcn.exe
008 * C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
010 * C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 11.3 r300)
010 C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (Core Service)
010 * C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (CyberGhost VPN Client Service)
010 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Anti-Virus)
010 * C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (maintenanceservice.exe)
010 * C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Anti-Malware)
010 * C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe (Nitro PDF Spool Service)
010 C:\Program Files\VPN Direct\bin\openvpnserv.exe (openvpnserv.exe)
010 * C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe (Service - Messenger Plus! for Skype)
010 * C:\Program Files\Skype\Updater\Updater.exe (Skype Updater Service)
010 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard Server (32 bit))
010 * C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer Remote Control Application)
010 * C:\Windows\system32\NLSSRV32.EXE (This service enables products that use the Nalpeiron Licensing System )
011 * C:\Program Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver)
011 C:\Windows\System32\drivers\wnmamk.sys (jorq)
011 * C:\Windows\System32\drivers\keyscrambler.sys (KeyScrambler)
011 * C:\Windows\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86])
011 * C:\Windows\system32\DRIVERS\klkbdflt.sys (KLKBDFLT Keyboard Device Filter [fre_wlh_x86])
011 * C:\Windows\system32\DRIVERS\klmouflt.sys (KLMOUFLT Mouse Device Filter [fre_wlh_x86])
011 * C:\Windows\system32\DRIVERS\kneps.sys (KNEPS Power)
011 * C:\Windows\system32\drivers\mbam.sys (MBAMProtector)
011 * C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SASDIFSV.SYS)
011 * C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS)
011 * C:\Windows\system32\DRIVERS\taphss.sys (TAP-Win32 Virtual Network Driver)
011 * C:\Windows\system32\DRIVERS\tap0901.sys (TAP-Win32 Virtual Network Driver)
011 * C:\Windows\system32\WinFPdrv.sys (WinFPdrv.sys)
012 * C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
031 C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) {E1D2BF42-A96B-11d1-9C6B-0000F875AC61}
031 GUID / CLSID not found {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
031 GUID / CLSID not found {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
031 C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) {E1D2BF40-A96B-11d1-9C6B-0000F875AC61}
031 GUID / CLSID not found {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
042 GUID / CLSID not found {5C106A59-CC3C-4caa-81A4-6D909B5ACE23}
042 GUID / CLSID not found {0C4CC089-D306-440D-9772-464E226F6539}
042 GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}
042 GUID / CLSID not found {CCF151D8-D089-449F-A5A4-D9909053F20F}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
052 * C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
052 * C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) {DBC80044-A445-435b-BC74-9C25C1C588A9}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) {E33CF602-D945-461A-83F0-819F76A199F8}
052 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) {73455575-E40C-433C-9784-C78DC7761455}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
061 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll (Advanced Micro Devices, Inc.) {872A9397-E0D6-4e28-B64D-52B8D0A7EA35}
061 C:\Program Files\HashTab Shell Extension\HashTab32.dll (Implbits Software) {8A56567E-A333-4843-B6E1-C3A262E41D8C}
061 C:\Program Files\MediaFire Express\mf_shell_ext_f063f.dll (MediaFire.com) {693B08DA-DA1F-4f2b-A145-C06BDF01868A}
061 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
061 * C:\Program Files\Real\RealPlayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
061 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
061 C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
061 C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL (Microsoft Corporation) {BDEADF00-C265-11D0-BCED-00A0C90AB50F}
069 * C:\Windows\system32\nitrolocalmon2.dll (Nitro PDF Software)
073 Adobe Flash Player Updater.job : C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
073 AutoKMS.job : C:\Windows\AutoKMS.exe
073 AutoKMSDaily.job : C:\Windows\AutoKMS.exe
073 FacebookUpdateTaskUserS-1-5-21-444637480-1971799622-1119589056-1001Core.job : C:\Users\Nader\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
073 FacebookUpdateTaskUserS-1-5-21-444637480-1971799622-1119589056-1001UA.job : C:\Users\Nader\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
105 Add to Anti-Banner : C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
105 إر&سال إلى OneNote : res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
105 ت&صدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
136 * C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
145 * C:\Windows\system32\drivers\keyscrambler.sys (QFX Software Corporation)
145 * C:\Windows\system32\drivers\klkbdflt.sys (Kaspersky Lab)
173 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
173 C:\Program Files\Folder Protect\FPContextMenu.dll (NewSoftwares.net,Inc.) {1FC0D81E-00A0-443B-AB4D-51DEFEB9EA54}
173 C:\Program Files\FreeTime\FormatFactory\ShellEx_101.dll (Free Time) {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
173 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
173 C:\Program Files\MediaFire Express\mf_shell_ext_f063f.dll (MediaFire.com) {693B08DA-DA1F-4f2b-A145-C06BDF01868A}
173 * C:\PROGRA~1\NITROP~1\PROFES~1\NPSHEL~1.DLL {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583}
173 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
173 C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
221 C:\Program Files\Folder Protect\FPContextMenu.dll (NewSoftwares.net,Inc.) {1FC0D81E-00A0-443B-AB4D-51DEFEB9EA54}
221 C:\Program Files\FreeTime\FormatFactory\ShellEx_101.dll (Free Time) {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
221 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
221 C:\Program Files\MediaFire Express\mf_shell_ext_f063f.dll (MediaFire.com) {693B08DA-DA1F-4f2b-A145-C06BDF01868A}
221 * C:\PROGRA~1\NITROP~1\PROFES~1\NPSHEL~1.DLL {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583}
221 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
221 C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
225 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
225 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll (Alexander Roshal) {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 GUID / CLSID not found {967B2D40-8B7D-4127-9049-61EA0C2C6DCE}
227 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}
227 C:\Program Files\Folder Protect\FPContextMenu.dll (NewSoftwares.net,Inc.) {1FC0D81E-00A0-443B-AB4D-51DEFEB9EA54}
227 C:\Program Files\FreeTime\FormatFactory\ShellEx_101.dll (Free Time) {A3777921-CFD3-4A6B-89BF-08E6B95716E8}
227 * C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\shellex.dll (Kaspersky Lab ZAO) {dd230880-495a-11d1-b064-008048ec2fc5}
227 C:\Program Files\MediaFire Express\mf_shell_ext_f063f.dll (MediaFire.com) {693B08DA-DA1F-4f2b-A145-C06BDF01868A}
227 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
227 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
229 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (Advanced Micro Devices, Inc.) {5E2121EE-0300-11D4-8D3B-444553540000}
229 C:\Program Files\MediaFire Express\mf_shell_ext_f063f.dll (MediaFire.com) {693B08DA-DA1F-4f2b-A145-C06BDF01868A}
241 GUID / CLSID not found {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
241 GUID / CLSID not found {BBACC218-34EA-4666-9D7A-C78F2274A524}
241 GUID / CLSID not found {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
251 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000}

Missing files
-------------
061 C:\Program Files\AIMP3\Modules\aimp_menu32.dll
173 C:\Program Files\AIMP3\Modules\aimp_menu32.dll
221 C:\Program Files\AIMP3\Modules\aimp_menu32.dll
227 C:\Program Files\AIMP3\Modules\aimp_menu32.dll

​

 

[انا بابا يلا]

====== معلومات نظام التشغيل ======

X86 WIN_7 7600


====== قائمة البرامج المثبتة ======

µTorrent
7-Zip 9.20
Ad Muncher v4.93.33707
Adobe AIR
Adobe AIR
Adobe Community Help
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
Ashampoo Burning Studio 11 v.11.0.4
Awesomenauts
BrowserCompanion
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
ccc-utility
CCleaner
CyberGhost VPN
D3DX10
Darksiders II
Demigod
Demigod
Driver Genius Professional Edition
Facebook Messenger 2.1.4590.0
Foreign Legion: Multi Massacre
FormatFactory 2.90
FVPN Connect
Growl for Windows
HashTab 4.0.0.2
High-Definition Video Playback
Hitman Sniper Challenge
ImageShack Uploader 2.2.0
Impulse
Impulse
Internet Download Manager
Inversion
Java Auto Updater
Java(TM) 7 Update 5
Junk Mail filter update
Kaspersky Internet Security 2013
Kaspersky Internet Security 2013
KeyScrambler
Kung Fu Strike - The Warriors Rise
LEGO® Batman™ 2: DC Super Heroes
London 2012: The Official Video Game of the Olympic Games
Malwarebytes Anti-Malware النسخة 1.62.0.1300
MediaFire Express
Messenger Plus! 5
Messenger Plus! for Skype
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Access MUI (Arabic) 2010
Microsoft Office Excel MUI (Arabic) 2010
Microsoft Office Groove MUI (Arabic) 2010
Microsoft Office InfoPath MUI (Arabic) 2010
Microsoft Office OneNote MUI (Arabic) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2010
Microsoft Office PowerPoint MUI (Arabic) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Arabic) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proofing (Arabic) 2010
Microsoft Office Publisher MUI (Arabic) 2010
Microsoft Office Shared MUI (Arabic) 2010
Microsoft Office Word MUI (Arabic) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 3.1
Microsoft_VC100_CRT_SP1_x86
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Movie Maker
Movie Maker
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MPC-HC 1.6.3.4970
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT110
Nero 11
Nero 11 Disc Menus Basic
Nero 11 Effects Basic
Nero 11 Image Samples
Nero 11 Kwik Themes Basic
Nero 11 PiP Effects Basic
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero ControlCenter 11
Nero ControlCenter 11 Help (CHM)
Nero Core Components 11
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Express 11
Nero Express 11 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SharedVideoCodecs
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
Nimbuzz 2.3.0
Nitro Pro 7
Nokia Connectivity Cable Driver
NVIDIA PhysX
OpenVPN 2.2.1
Orcs Must Die 2
Palringo
PC Connectivity Solution
PDF Settings CS5
Photo Common
Photo Gallery
Photo Gallery
proXPN 2.5.0
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Recuva
Sandboxie 3.72 (32-bit)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Skype™ 5.10
Snagit 10.0.1
Snagit 11
Spec Ops The Line
SUPERAntiSpyware
TeamViewer 7
Tower Wars
UltraISO Premium V9.52
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.1
VPN Direct 1.0.0.412
VyprVPN for Giganews
Welcome App (Start-up experience)
Winamp
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mail
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
Windows Live Writer Resources
WinRAR 4.20 (32-bit)
Yahoo! Messenger
بريد Windows Live

 

[انا بابا يلا]

====== سجل أخطاء النظام ======

Computer Name: Nader-PC
Event Code: 4227
Message: TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Record Number: 21309
Source Name: Tcpip
Time Written: 20120702211212.692116-000
Event Type: Warning
User:

Computer Name: Nader-PC
Event Code: 7023
Message: The Function Discovery Resource Publication service terminated with the following error:
%%-2147014847
Record Number: 21230
Source Name: Service Control Manager
Time Written: 20120702201852.895628-000
Event Type: Error
User:

Computer Name: Nader-PC
Event Code: 1014
Message: Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
Record Number: 21184
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20120702201722.486966-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Nader-PC
Event Code: 1014
Message: Name resolution for the name

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

timed out after none of the configured DNS servers responded.
Record Number: 21132
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20120702195616.912840-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: Nader-PC
Event Code: 4227
Message: TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint.
Record Number: 21118
Source Name: Tcpip
Time Written: 20120702191040.647352-000
Event Type: Warning
User:



===== سجل أخطاء البرامج =====

Computer Name: Nader-PC
Event Code: 20227
Message: CoId={8B0C418E-A618-4B4A-BBE1-DFFCF1CB252F}: The user Nader-PC\Nader dialed a connection named IPredator which has failed. The error code returned on failure is 0.
Record Number: 385
Source Name: RasClient
Time Written: 20120621213842.000000-000
Event Type: Error
User:

Computer Name: Nader-PC
Event Code: 1041
Message: Failed to begin a Windows Installer transaction WLSetup. Error 1618 occurred while beginning the transaction.
Record Number: 255
Source Name: MsiInstaller
Time Written: 20120621212039.000000-000
Event Type: Error
User: Nader-PC\Nader

Computer Name: Nader-PC
Event Code: 11310
Message: Product: Microsoft Visual C++ 2005 Redistributable -- Error 1310.Error writing to file: C:\Windows\Installer\804cc1.msi. System error 5. Verify that you have access to that directory.
Record Number: 211
Source Name: MsiInstaller
Time Written: 20120621195434.000000-000
Event Type: Error
User: Nader-PC\Nader

Computer Name: Nader-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 95
Source Name: Microsoft-Windows-Search
Time Written: 20120621173628.000000-000
Event Type: Warning
User:

Computer Name: Nader-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1020) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (10). User Action: Contact your application vendor for an updated version of the application.
Record Number: 92
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20120621173623.162040-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE



===== السجل الأمني =====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247D28-05$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120621173050.205648-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247D28-05$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120621173050.205648-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x23702
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120621173050.018448-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120621173049.035646-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120621173048.973246-000
Event Type: Audit Success
User:



===== تقرير انهيار البرامج =====

==================================================
Process File : proxpn.exe
Event Name : Stopped working
Event Time : 31/07/2012 06:08:00 م
User Name : All Users
Exception Code : 0xc0000005
Exception Offset : 0x0000a1ca
Fault Module Name : proxpn.exe
Fault Module Version: 2.5.0.0
Process Path : C:\Program Files\proXPN\bin\proxpn.exe
Report File Size : 10,868
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppCrash_proxpn.exe_1aeb52422f6d6b43e023b84df74f159dfce1f2_27cef9ab\Report.wer
==================================================

==================================================
Process File : a2HiJackFree.exe
Event Name : Stopped responding and was closed
Event Time : 06/08/2012 05:44:10 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Users\Nader\Downloads\Compressed\EmsisoftEmergencyKit\Run\a2HiJackFree.exe
Report File Size : 11,816
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_a2HiJackFree.exe_4b7a85111d6b0d251795619525c5668cfabf9ab_38a638e3\Report.wer
==================================================

==================================================
Process File : VyprVPN for Giganews.exe
Event Name : Stopped responding and was closed
Event Time : 24/07/2012 01:13:43 ص
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\VyprVPN for Giganews\VyprVPN for Giganews.exe
Report File Size : 16,836
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\AppHang_VyprVPN for Giga_b459567781dc176af8a323f6622193cad0d63b6b_169b77fc\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 21/07/2012 02:50:34 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,478
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0b0c033b\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 20/07/2012 05:18:51 م
User Name : All Users
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,478
Report File Path : C:\Users\All Users\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0be14b13\Report.wer
==================================================

==================================================
Process File : cnTraining.exe
Event Name : Stopped working
Event Time : 27/07/2012 05:29:23 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x00007891
Fault Module Name : cnTraining.exe
Fault Module Version: 0.0.0.0
Process Path : C:\Users\Nader\Downloads\Compressed\JTesseract\cnTraining.exe
Report File Size : 5,150
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_cnTraining.exe_973f1879d0921fb75740ec1f662cff3aa8dae_11b4a87f\Report.wer
==================================================

==================================================
Process File : Explorer.EXE
Event Name : Stopped working
Event Time : 21/07/2012 08:24:33 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x000b4c93
Fault Module Name : SHELL32.dll
Fault Module Version: 6.1.7600.16385
Process Path : C:\Windows\Explorer.EXE
Report File Size : 19,462
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Explorer.EXE_271cd12e8966a90bfce2d4294e45f3de562f8b_01e2c24b\Report.wer
==================================================

==================================================
Process File : Explorer.EXE
Event Name : Stopped working
Event Time : 21/07/2012 08:21:25 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x000b46bd
Fault Module Name : SHELL32.dll
Fault Module Version: 6.1.7600.16385
Process Path : C:\Windows\Explorer.EXE
Report File Size : 23,416
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Explorer.EXE_d799f3e09bfcb6aa9f06aa334515c78606a678_1453aa58\Report.wer
==================================================

==================================================
Process File : FlashPlayerPlugin_11_3_300_265.exe
Event Name : Stopped working
Event Time : 26/07/2012 07:14:00 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x0010a8d7
Fault Module Name : NPSWF32_11_3_300_265.dll
Fault Module Version: 11.3.300.265
Process Path : C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
Report File Size : 9,404
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_FlashPlayerPlugi_a626e3fa91ab6cb4af5d23e8a5487477b24d42a_19e8a248\Report.wer
==================================================

==================================================
Process File : KungFuStrike.exe
Event Name : APPCRASH
Event Time : 04/08/2012 02:53:44 ص
User Name : Nader
Exception Code : 0xe0434f4d
Exception Offset : 0x00009617
Fault Module Name : KERNELBASE.dll
Fault Module Version: 6.1.7600.16385
Process Path : D:\Games\Kung Fu Strike - The Warriors Rise\KungFuStrike.exe
Report File Size : 7,898
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_KungFuStrike.exe_7e716a21b5d368bd96f26d9e7ced7d6b98321e9_0f4043d0\Report.wer
==================================================

==================================================
Process File : KungFuStrike.exe
Event Name : APPCRASH
Event Time : 04/08/2012 02:53:47 ص
User Name : Nader
Exception Code : 0xe0434f4d
Exception Offset : 0x00009617
Fault Module Name : KERNELBASE.dll
Fault Module Version: 6.1.7600.16385
Process Path : D:\Games\Kung Fu Strike - The Warriors Rise\KungFuStrike.exe
Report File Size : 7,898
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_KungFuStrike.exe_7e716a21b5d368bd96f26d9e7ced7d6b98321e9_17a04e0d\Report.wer
==================================================

==================================================
Process File : KungFuStrike.exe
Event Name : APPCRASH
Event Time : 04/08/2012 02:54:33 ص
User Name : Nader
Exception Code : 0xe0434f4d
Exception Offset : 0x00009617
Fault Module Name : KERNELBASE.dll
Fault Module Version: 6.1.7600.16385
Process Path : D:\Games\Kung Fu Strike - The Warriors Rise\KungFuStrike.exe
Report File Size : 7,898
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_KungFuStrike.exe_7e716a21b5d368bd96f26d9e7ced7d6b98321e9_1b4d01c1\Report.wer
==================================================

==================================================
Process File : mf_daemon.exe
Event Name : Stopped working
Event Time : 12/08/2012 03:45:56 ص
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x006569bd
Fault Module Name : AM32-33707.dll_unloaded
Fault Module Version: 0.0.0.0
Process Path : C:\Users\Nader\AppData\Local\MediaFire Express\mf_daemon.exe
Report File Size : 9,760
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_mf_daemon.exe_a71f7e6ea761246551c61755669c755e68a5ab5_0e6e68a1\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped working
Event Time : 22/07/2012 02:51:49 ص
User Name : Nader
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 24,190
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_3eeb9719684382e326f728684bf4ec4b16bda3b_056cff71\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped working
Event Time : 23/07/2012 04:46:46 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 26,846
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_3eeb9719684382e326f728684bf4ec4b16bda3b_087b4150\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped working
Event Time : 19/07/2012 10:34:44 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 25,836
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_3eeb9719684382e326f728684bf4ec4b16bda3b_09d2fd64\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped working
Event Time : 30/07/2012 06:22:29 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 26,256
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_3eeb9719684382e326f728684bf4ec4b16bda3b_1fd3ab2f\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped working
Event Time : 12/08/2012 07:18:43 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x00034f16
Fault Module Name : ntdll.dll
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 28,634
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_msnmsgr.exe_e4dabb543631c6f4b18527ccce3332de16eef8f8_24906374\Report.wer
==================================================

==================================================
Process File : openvpntray.exe
Event Name : Stopped working
Event Time : 20/07/2012 05:20:33 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0xcb6b273a
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Hotspot Shield\bin\openvpntray.exe
Report File Size : 13,316
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_openvpntray.exe_faead645238f16d876da5d3cab5bf64d8e2d34_0e924539\Report.wer
==================================================

==================================================
Process File : OrcsMustDie2.exe
Event Name : Stopped working
Event Time : 12/08/2012 08:27:55 م
User Name : Nader
Exception Code : 0xc0000409
Exception Offset : 0x000df321
Fault Module Name : vBase90.dll
Fault Module Version: 8.1.1.0
Process Path : D:\Games\Orcs Must Die 2\build\release\OrcsMustDie2.exe
Report File Size : 12,596
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_OrcsMustDie2.exe_bfb6f669a2e0daef4d3bc7aa4768a321fddd_1afbbda6\Report.wer
==================================================

==================================================
Process File : PlusSkypeService.exe
Event Name : Stopped working
Event Time : 06/08/2012 09:52:09 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset :
Fault Module Name : StackHash_0a9e
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Yuna Software\Messenger Plus! for Skype\PlusSkypeService.exe
Report File Size : 11,288
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_PlusSkypeService_62f3b69e6c269930791399a050a508e4b584b5e_0ef8cbb7\Report.wer
==================================================

==================================================
Process File : Reaper.exe
Event Name : Stopped working
Event Time : 23/07/2012 05:45:43 م
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : D:\Cracking\Cracking Tools\Reaper 0.0.10d [BETA]\Reaper 0.0.10d [BETA]\Reaper.exe
Report File Size : 17,606
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_reaper.exe_afc8be827354a5a2d68b10a6d669a67dee2a191_16412ad5\Report.wer
==================================================

==================================================
Process File : Skype.exe
Event Name : Stopped working
Event Time : 19/07/2012 02:53:09 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x00005d98
Fault Module Name : idmmkb.dll
Fault Module Version: 6.11.2.1
Process Path : C:\Program Files\Skype\Phone\Skype.exe
Report File Size : 17,248
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Skype.exe_1c7a363e90ca6b2dd95a923a3a9b33c460b39a19_0d2a5743\Report.wer
==================================================

==================================================
Process File : Skype.exe
Event Name : Stopped working
Event Time : 19/07/2012 02:53:04 م
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x00005e40
Fault Module Name : idmmkb.dll
Fault Module Version: 6.11.2.1
Process Path : C:\Program Files\Skype\Phone\Skype.exe
Report File Size : 17,248
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Skype.exe_722519cdc54d2bd3b6d56c17d24cf9d9c79825_0ca24900\Report.wer
==================================================

==================================================
Process File : Skype.exe
Event Name : Stopped working
Event Time : 10/08/2012 05:23:59 ص
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x02575e40
Fault Module Name : AM32-33707.dll_unloaded
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\Skype\Phone\Skype.exe
Report File Size : 10,390
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_Skype.exe_f016785144dd4426a7c3fd5e74367316fe88376_1326ae09\Report.wer
==================================================

==================================================
Process File : SpecOpsTheLine.exe
Event Name : Stopped working
Event Time : 17/08/2012 08:53:34 م
User Name : Nader
Exception Code : 0x00000001
Exception Offset : 0x00009617
Fault Module Name : KERNELBASE.dll
Fault Module Version: 6.1.7600.16385
Process Path : D:\Games\Spec Ops The Line\Binaries\Win32\SpecOpsTheLine.exe
Report File Size : 13,882
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_SpecOpsTheLine.e_46341b4e8657951cbf34418becd4e9f44bff7b5_06ef36aa\Report.wer
==================================================

==================================================
Process File : SSUPDATE.EXE
Event Name : Stopped working
Event Time : 10/08/2012 05:23:59 ص
User Name : Nader
Exception Code : 0xc0000005
Exception Offset : 0x01185d98
Fault Module Name : AM32-33707.dll_unloaded
Fault Module Version: 0.0.0.0
Process Path : C:\Program Files\SUPERAntiSpyware\SSUPDATE.EXE
Report File Size : 9,806
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_SSUPDATE.EXE_aa625741721b61dfc282ba99501784d49d188b8a_12f6b94f\Report.wer
==================================================

==================================================
Process File : VPN Direct.exe
Event Name : Stopped working
Event Time : 24/07/2012 03:09:35 ص
User Name : Nader
Exception Code : 0xc0000374
Exception Offset : 0x000c283b
Fault Module Name : StackHash_2732
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\VPN Direct\bin\VPN Direct.exe
Report File Size : 12,800
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_VPN Direct.exe_51b7e790f046fb129960e8f0feeeb1af8b62642a_05b092dd\Report.wer
==================================================

==================================================
Process File : VPN Direct.exe
Event Name : Stopped working
Event Time : 20/07/2012 05:19:21 م
User Name : Nader
Exception Code : 0xc0000374
Exception Offset : 0x000c283b
Fault Module Name : StackHash_2732
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\VPN Direct\bin\VPN Direct.exe
Report File Size : 12,922
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_VPN Direct.exe_51b7e790f046fb129960e8f0feeeb1af8b62642a_10651ddc\Report.wer
==================================================

==================================================
Process File : VPN Direct.exe
Event Name : Stopped working
Event Time : 24/07/2012 03:10:21 ص
User Name : Nader
Exception Code : 0xc0000374
Exception Offset : 0x000c283b
Fault Module Name : StackHash_2732
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\VPN Direct\bin\VPN Direct.exe
Report File Size : 12,404
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_VPN Direct.exe_51b7e790f046fb129960e8f0feeeb1af8b62642a_13311065\Report.wer
==================================================

==================================================
Process File : VPN Direct.exe
Event Name : Stopped working
Event Time : 27/07/2012 05:13:22 م
User Name : Nader
Exception Code : 0xc0000374
Exception Offset : 0x000c283b
Fault Module Name : StackHash_2732
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\VPN Direct\bin\VPN Direct.exe
Report File Size : 12,922
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_VPN Direct.exe_51b7e790f046fb129960e8f0feeeb1af8b62642a_141dfe7a\Report.wer
==================================================

==================================================
Process File : VPN Direct.exe
Event Name : Stopped working
Event Time : 24/07/2012 07:43:11 م
User Name : Nader
Exception Code : 0xc0000374
Exception Offset : 0x000c283b
Fault Module Name : StackHash_2732
Fault Module Version: 6.1.7600.16385
Process Path : C:\Program Files\VPN Direct\bin\VPN Direct.exe
Report File Size : 12,800
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_VPN Direct.exe_51b7e790f046fb129960e8f0feeeb1af8b62642a_17fe5446\Report.wer
==================================================

==================================================
Process File : explorer.exe
Event Name : Stopped responding and was closed
Event Time : 23/08/2012 01:55:31 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\explorer.exe
Report File Size : 20,962
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_explorer.exe_2b32f2d399fbac971bda1e36fea666e3c4e018_0d9f3d32\Report.wer
==================================================

==================================================
Process File : explorer.exe
Event Name : Stopped responding and was closed
Event Time : 31/07/2012 02:41:37 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\explorer.exe
Report File Size : 28,970
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_explorer.exe_2b32f2d399fbac971bda1e36fea666e3c4e018_11b7144a\Report.wer
==================================================

==================================================
Process File : explorer.exe
Event Name : Stopped responding and was closed
Event Time : 28/07/2012 06:46:48 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\explorer.exe
Report File Size : 27,660
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_explorer.exe_2b32f2d399fbac971bda1e36fea666e3c4e018_140ed02d\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 17/07/2012 01:34:19 م
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 15,408
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_094ec201d9d75ef2f29fb2a7f88b9d27e433286_0b671610\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 16/07/2012 07:39:18 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 15,408
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_094ec201d9d75ef2f29fb2a7f88b9d27e433286_0b6d3ed1\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 22/08/2012 02:56:40 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 22,960
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_50d0515de95cb6d6b1bf852aea13db457e415ac_064981c9\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 12/08/2012 03:38:14 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 22,812
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_b17927a52a819e1a02264f6e8282a192c163159_2807cc33\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 21/07/2012 02:44:45 م
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 15,408
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_ed3f559c8f9a4d8fd47a775a86e8356fb3ed95a_1759cfcc\Report.wer
==================================================

==================================================
Process File : msnmsgr.exe
Event Name : Stopped responding and was closed
Event Time : 07/08/2012 04:18:05 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Windows Live\Messenger\msnmsgr.exe
Report File Size : 28,082
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_msnmsgr.exe_ce192c950ac1472665b68e6d3261cea74e924cc_0f1ce0be\Report.wer
==================================================

==================================================
Process File : notepad.exe
Event Name : Stopped responding and was closed
Event Time : 14/07/2012 02:34:47 م
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\notepad.exe
Report File Size : 6,458
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_notepad.exe_62f696d510a514a3770c151e93a69d60a1d863_02b75ded\Report.wer
==================================================

==================================================
Process File : PowerISO.exe
Event Name : Stopped responding and was closed
Event Time : 28/07/2012 06:44:18 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\PowerISO\PowerISO.exe
Report File Size : 10,240
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_PowerISO.exe_b0325177bcabd73149df61cff1146ee3ae959e7_16cc5515\Report.wer
==================================================

==================================================
Process File : sidebar.exe
Event Name : Stopped responding and was closed
Event Time : 21/08/2012 06:23:44 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Windows Sidebar\sidebar.exe
Report File Size : 13,852
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_sidebar.exe_a91fae6e2b085fc96695d941a668baabd88414_11e80cbf\Report.wer
==================================================

==================================================
Process File : SUPERANTISPYWARE.EXE
Event Name : Stopped responding and was closed
Event Time : 23/08/2012 03:50:53 ص
User Name : Nader
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Report File Size : 14,818
Report File Path : C:\Users\Nader\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_SUPERANTISPYWARE_ac87cfbc7f28956cea867331c77e23fab196cc6_1704dd88\Report.wer
==================================================

==================================================
Process File : proxpn.exe
Event Name : Stopped working
Event Time : 31/07/2012 06:08:00 م
User Name :
Exception Code : 0xc0000005
Exception Offset : 0x0000a1ca
Fault Module Name : proxpn.exe
Fault Module Version: 2.5.0.0
Process Path : C:\Program Files\proXPN\bin\proxpn.exe
Report File Size : 10,868
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_proxpn.exe_1aeb52422f6d6b43e023b84df74f159dfce1f2_27cef9ab\Report.wer
==================================================

==================================================
Process File : a2HiJackFree.exe
Event Name : Stopped responding and was closed
Event Time : 06/08/2012 05:44:10 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Users\Nader\Downloads\Compressed\EmsisoftEmergencyKit\Run\a2HiJackFree.exe
Report File Size : 11,816
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_a2HiJackFree.exe_4b7a85111d6b0d251795619525c5668cfabf9ab_38a638e3\Report.wer
==================================================

==================================================
Process File : VyprVPN for Giganews.exe
Event Name : Stopped responding and was closed
Event Time : 24/07/2012 01:13:43 ص
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\VyprVPN for Giganews\VyprVPN for Giganews.exe
Report File Size : 16,836
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppHang_VyprVPN for Giga_b459567781dc176af8a323f6622193cad0d63b6b_169b77fc\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 21/07/2012 02:50:34 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,478
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0b0c033b\Report.wer
==================================================

==================================================
Process File : WerFault.exe
Event Name : Shut down unexpectedly
Event Time : 20/07/2012 05:18:51 م
User Name :
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Windows\System32\WerFault.exe
Report File Size : 4,478
Report File Path : C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_0_0_cab_0be14b13\Report.wer
==================================================




===== تقرير الشاشة الزرقاء =====

 

[انا بابا يلا]

Malwarebytes Anti-Malware 1.62.0.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة قاعدة البيانات : v2012.08.22.07

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Nader :: NADER-PC [مدير]

22/08/2012 10:53:56 م
mbam-log-2012-08-22 (22-53-56).txt

نوع الفحص : فحص كامل (C:\|)
خيارت الفحص الممكنة: الذاكرة | بدء التشغيل | الريجستري | نظام الملفات | أساليب بحثية/غير ذلك | Shuriken/أساليب بحثية | PUP | PUM
خيارات الفحص المعطلة: P2P
الكائنات المفحوصة : 46158
الوقت المنقضي : 7 دقيقة, 11 ثانية [تمت المقاطعة]

عمليات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

وحدات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

مفاتيح الريجستري المصابة : 20
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> تم بنجاح العزل و الحذف

قيم الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)

مواد بيانات الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)

المجلدات المصابة : 0
(لم يتم إكتشاف مواد ضارة)

الملفات المصابة : 3
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> تم بنجاح العزل و الحذف

(و)

 

[انا بابا يلا]

 

[انا بابا يلا]

Emsisoft Emergency Kit - نسخة 2.0
آخر تحديث: 23/08/2012 12:04:13 ص

إعدادات الفحص:

أنواع الفحص : فحص عميق
العناصر: طقوم جذرية, الذاكرة, الآثار, C:\, D:\, E:\
فحص الملفات المضغوطة: تشغيل
ADS فحص: تشغيل

بداية الفحص: 23/08/2012 12:04:30 ص

Key: hkey_local_machine\software\classes\appid\{20edc024-43c5-423e-b7f5-fd93523e0d9f} المكتشفة: Trace.Registry.stylishprofile!E1
Key: hkey_local_machine\software\classes\appid\{373ed12d-b306-43ac-9485-a7c5133dc34c} المكتشفة: Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\{ed6535e7-f778-48a5-a060-549d30024511} المكتشفة: Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\wit4ie.dll المكتشفة: Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\tdataprotocol.dll المكتشفة: Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\updatebho.dll المكتشفة: Trace.Registry.getstyles!E1
C:\Zyzoom_Forum_Tools\1.com المكتشفة: Hoax.Win32.Agent.fp!E1
C:\Windows\AutoKMS.exe المكتشفة: possible-Threat.ActivationTool.KMS!E2
C:\Windows\KMSEmulator.exe المكتشفة: possible-Threat.Crack.MSO!E2
C:\Users\Nader\Downloads\Compressed\Apex.rar -> Apex\Apex.exe المكتشفة: Trojan.SuspectCRC!E2
C:\Users\Nader\Downloads\Compressed\desktop.lock.business.edition.7.3.0-mpt.rar -> desktop.lock.business.edition.7.3.0-mpt.exe المكتشفة: Net-Worm.Win32.Kolab!E2
C:\Users\Nader\Downloads\Compressed\EmailParser.rar -> EmailParser.exe المكتشفة: Trojan.ATRAPS!E2
C:\Users\Nader\Downloads\Compressed\HC Stealer.rar -> HC Stealer\Dissembler Lib.dll المكتشفة: Constructor.MSIL!E2
C:\Users\Nader\Downloads\Compressed\IDM.act.rar -> IDM.act\IDM.v6.xx.release.3-patch.exe المكتشفة: not-a-virus.Patch.IDM!E2
C:\Users\Nader\Downloads\Compressed\IDM.act.rar -> IDM.act\internet.download.manager.6.xxx.patch-patch.exe المكتشفة: not-a-virus.Patch.IDM!E2
C:\Users\Nader\Downloads\Compressed\IDM.act.rar -> IDM.act\Patch.exe المكتشفة: not-a-virus:Keygen.SuspectCRC!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.IDM 6.12 beta build 2.By.vibration.rar -> MyEgY.CoM.IDM 6.12 beta build 2.By.vibration\pa.myegy.com\ں«¢¦§ê ى¨ں ںé ں¢¬ ںيéں\PATCH.exe المكتشفة: Trojan.Win32.Patcher!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.IDM 6.12 beta build 2.By.vibration.rar -> MyEgY.CoM.IDM 6.12 beta build 2.By.vibration\pa.myegy.com\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch .xx 2.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration.rar -> MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration\pa.myegy.com\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch 6.xx.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration.rar -> MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration\pa.myegy.com\ں«¢¦§ê ى¨ں ںé ں¢¬ ںيéں\PATCH.exe المكتشفة: Trojan.Win32.Patcher!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration.rar -> MyEgY.CoM.idm 6.12 Beta Build 6.By.vibration\pa.myegy.com\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch .xx 2.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.IDM 6.12 beta build 2.By.vibration.rar -> MyEgY.CoM.IDM 6.12 beta build 2.By.vibration\pa.myegy.com\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch 6.xx.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.com.PowerISO 5.3.By.FOUADY.rar -> MyEgY.com.PowerISO 5.3.By.FOUADY\keygen.exe المكتشفة: possible-Threat.Keygen.LZ0!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.com.Winamp_5.63_Build_3234_Pro_.By.FOUADY.rar -> MyEgY.com.Winamp 5.63 Build 3234 Pro .By.FOUADY\KEYGEN-FFF.exe المكتشفة: not-a-virus:Keygen.SuspectCRC!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.CoM.SnagIt.11.0.1.93.Final.By.The.Marine.rar -> MyEgY.CoM.SnagIt.11.0.1.93.Final.By.The.Marine\Activation\keygen.exe المكتشفة: Trojan-Proxy.Win32.Agent!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ڑ¤§§ ں¢¬ éé¢همïé+ ¬©¥ ںé¢همïé\Patch.exe المكتشفة: not-a-virus.Patch.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\ں«¢¦§ê ى¨ں ںé ں¢¬ ںيéں\SnDk&p.exe المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch .xx 2.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY_2.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ڑ¤§§ ں¢¬ éé¢همïé+ ¬©¥ ںé¢همïé\Patch.exe المكتشفة: not-a-virus.Patch.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY_2.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\ں«¢¦§ê ى¨ں ںé ں¢¬ ںيéں\SnDk&p.exe المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY_2.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch .xx 2.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY_2.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY_2.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch 6.xx.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b9.FOUADY.rar -> MyEgy.IDM6.12b9.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ڑ¤§§ ں¢¬ éé¢همïé+ ¬©¥ ںé¢همïé\Patch.exe المكتشفة: not-a-virus.Patch.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b9.FOUADY.rar -> MyEgy.IDM6.12b9.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\ں«¢¦§ê ى¨ں ںé ں¢¬ ںيéں\SnDk&p.exe المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b9.FOUADY.rar -> MyEgy.IDM6.12b9.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch .xx 2.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b9.FOUADY.rar -> MyEgy.IDM6.12b9.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch 6.xx.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b9.FOUADY.rar -> MyEgy.IDM6.12b9.FOUADY\New.pa.myegy.com.rar المكتشفة: possible-Threat.Keygen.IDM!E2
C:\Users\Nader\Downloads\Compressed\netloadCracker.rar -> netloadCracker.exe المكتشفة: Win32.Malware!E2
C:\Users\Nader\Downloads\Compressed\MyEgy.IDM6.12b8.FOUADY.rar -> MyEgy.IDM6.12b8.FOUADY\New.pa.myegy.com.rar -> New.pa.myegy.com\ ں¢¬ں¢ ç§ïê،\£ê ں«¢¦§ê ى¨ں ںé ں¢¬\Patch 6.xx.exe المكتشفة: HackTool.Win32.Kiser!E2
C:\Users\Nader\Downloads\Compressed\MyEgY.com.Winamp 5.63 Build 3234 Pro .By.FOUADY\KEYGEN-FFF.exe المكتشفة: HackTool.Win32.Keygen.AMN!E1
C:\Users\Nader\Downloads\Compressed\HC Stealer\HC Stealer\Dissembler Lib.dll المكتشفة: Constructor.MSIL!E2
C:\Users\Nader\Downloads\Compressed\EmailParser\EmailParser.exe المكتشفة: Trojan.ATRAPS!E2
C:\Users\Nader\Downloads\Compressed\Apex\Apex.exe المكتشفة: Trojan.SuspectCRC!E2

المفحوص 556630
المكتشفة 45

نهاية الفحص: 23/08/2012 01:44:58 ص
وقت الفحص : 1:40:28

C:\Users\Nader\Downloads\Compressed\Apex.rar -> Apex\Apex.exe المحذوف Trojan.SuspectCRC!E2
C:\Users\Nader\Downloads\Compressed\Apex\Apex.exe المحذوف Trojan.SuspectCRC!E2
Key: hkey_local_machine\software\classes\appid\{373ed12d-b306-43ac-9485-a7c5133dc34c} المحذوف Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\{ed6535e7-f778-48a5-a060-549d30024511} المحذوف Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\wit4ie.dll المحذوف Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\tdataprotocol.dll المحذوف Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\updatebho.dll المحذوف Trace.Registry.getstyles!E1
Key: hkey_local_machine\software\classes\appid\{20edc024-43c5-423e-b7f5-fd93523e0d9f} المحذوف Trace.Registry.stylishprofile!E1

المحذوف 8

 

[انا بابا يلا]

للرفع

 

[انا بابا يلا]

للرفع

 

[محب المدينه]

احذف Hotspot Shield بشكل كامل من الجهاز ( ضروري )

حمل احدث اصدار من الرابط التالي​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة محمولة محدثة لاخر اصدار دوما من موقع الشركة​

ثم تابع شرح الفحص​

متوفر اللغة العربية ضمن الخيارات لمن يرغب​

اختر اعادة التشغيل لاحقا حتى تتمكن من حفظ التقرير وعرضه على قسم الصيانة كما الشرح التالي​

تخرج لك مفكرة تحتوي على التقرير .. انسخها كاملة وضعها في ردك القادم

+

حمل برنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد تثبيت البرنامج اعمل تنظيف للجهاز كما في الصورة

كرر الضغط على زر تنظيف

واعمل تنظيف للريجستري كما في الصور التاليه

​

​

 

[انا بابا يلا]

احذف Hotspot Shield بشكل كامل من الجهاز ( ضروري )

حمل احدث اصدار من الرابط التالي​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة محمولة محدثة لاخر اصدار دوما من موقع الشركة​

ثم تابع شرح الفحص​

متوفر اللغة العربية ضمن الخيارات لمن يرغب​

اختر اعادة التشغيل لاحقا حتى تتمكن من حفظ التقرير وعرضه على قسم الصيانة كما الشرح التالي​

تخرج لك مفكرة تحتوي على التقرير .. انسخها كاملة وضعها في ردك القادم

+

حمل برنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

بعد تثبيت البرنامج اعمل تنظيف للجهاز كما في الصورة

كرر الضغط على زر تنظيف

واعمل تنظيف للريجستري كما في الصور التاليه

​

​

تسلم اخى ع الرد
وجااارى العمل ​

 

[انا بابا يلا]

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 08/25/2012 at 08:47 AM

Application Version : 5.5.1012

Core Rules Database Version : 9123
Trace Rules Database Version: 6935

Scan type : Complete Scan
Total Scan Time : 02:15:16

Operating System Information
Windows 7 Enterprise 32-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 631
Memory threats detected : 0
Registry items scanned : 35770
Registry threats detected : 0
File items scanned : 36676
File threats detected : 0

​

 

[انا بابا يلا]

Malwarebytes Anti-Malware 1.62.0.1300

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

نسخة قاعدة البيانات : v2012.08.25.01

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Nader :: NADER-PC [مدير]

25/08/2012 06:40:15 ص
mbam-log-2012-08-25 (06-40-15).txt

نوع الفحص : فحص كامل (C:\|)
خيارت الفحص الممكنة: الذاكرة | بدء التشغيل | الريجستري | نظام الملفات | أساليب بحثية/غير ذلك | Shuriken/أساليب بحثية | PUP | PUM
خيارات الفحص المعطلة: P2P
الكائنات المفحوصة : 294369
الوقت المنقضي : 1 ساعة, 54 دقيقة, 56 ثانية

عمليات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

وحدات الذاكرة المصابة : 0
(لم يتم إكتشاف مواد ضارة)

مفاتيح الريجستري المصابة : 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> تم بنجاح العزل و الحذف
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> تم بنجاح العزل و الحذف

قيم الريجستري المصابة : 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> البيانات: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> تم بنجاح العزل و الحذف
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> البيانات: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> تم بنجاح العزل و الحذف
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> البيانات: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> تم بنجاح العزل و الحذف

مواد بيانات الريجستري المصابة : 0
(لم يتم إكتشاف مواد ضارة)

المجلدات المصابة : 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> تم بنجاح العزل و الحذف

الملفات المصابة : 12
C:\Zyzoom_Forum_Tools\run1.exe (Trojan.Dropper.AI) -> لم ينفذ أي إجراء
C:\Zyzoom_Forum_Tools\zyzoom.exe (Trojan.Dropper.AI) -> لم ينفذ أي إجراء
C:\Users\Nader\Downloads\Compressed\HC Stealer\HC Stealer\Dissembler Lib.dll (Trojan.Agent) -> تم بنجاح العزل و الحذف
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> تم بنجاح العزل و الحذف
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> تم بنجاح العزل و الحذف

(و)




سكان جديد
​

 

[انا بابا يلا]

أغلب الفيروسات التى تم اكتشافها فى هذا المسار
C:\Program Files\BrowserCompanion
جرب ادخل عليه ما نفع ! ايضا ما يظهر فى Program Files بعد اظهر الملفات المخفية
​

 

[CIVILIZATION]

أغلب الفيروسات التى تم اكتشافها فى هذا المسار

C:\Program Files\BrowserCompanion
جرب ادخل عليه ما نفع ! ايضا ما يظهر فى Program Files بعد اظهر الملفات المخفية​

اخي الغالي

ابحث عنه في قيم الرجستري :

regedit > control+f بعدها

راح يظهر لك text box

واكتب فيها اللي تريد حذفه وما قادر تلاقيه او تشوفه . عقبها اعطيه شوية وقت نصف دقيقة مثلا حتى يبدا يبحث عن اللي تدور عليه .

بالنتيجة راح يظهر لك الملف اللي ماكنت تقدر تشوفه.

موفق ,,,

 

[انا بابا يلا]

اخي الغالي

ابحث عنه في قيم الرجستري :

regedit > control+f بعدها

راح يظهر لك text box

واكتب فيها اللي تريد حذفه وما قادر تلاقيه او تشوفه . عقبها اعطيه شوية وقت نصف دقيقة مثلا حتى يبدا يبحث عن اللي تدور عليه .

بالنتيجة راح يظهر لك الملف اللي ماكنت تقدر تشوفه.

موفق ,,,

لا توجد له قيم فى الرجستري​

 

[محب المدينه]

BrowserCompanion

برنامج ماله داعي يتم اضافته عن طريق ماسنجر بلس

اذا انه انحذف بشكل كامل كان بها

واذا ماانحذف احذفه من البرامج والميزات
​

 

[انا بابا يلا]

BrowserCompanion

برنامج ماله داعي يتم اضافته عن طريق ماسنجر بلس

اذا انه انحذف بشكل كامل كان بها

واذا ماانحذف احذفه من البرامج والميزات
​

طيب اخى ليه يعتبره المالوير فايروسات ؟

 

[محب المدينه]

بعض برامج الحماية تعتبره برنامج ضار مثل برامج المالوروبايت والكمبوفكس


​

 

[محب المدينه]

كيف جهازك الآن
​