طلب فحص اختراق

#1 03-22-2011

السلام عليكم ,
رابط التقارير

http://www.mediafire.com/?aycif3r1emu9az1

لم استطع تحميل الملف المضغوط على الربط التابع للموقع لان رابط الرفع لا يعمل:i:
----------
إذا خالفت شروط الرفع بعدم اتباع الموقع المخصص للرفع
إليكم التقارير

1) تقرير هايجاك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:13:56 ص, on 03/22/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Internet Download Manager\idman.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Users\ke$ha\AppData\Local\Google\Update\1.2.183 .39\GoogleCrashHandler.exe
C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Facebook Toolbar - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Users\ke$ha\AppData\Local\Google\Update\Go ogle Update.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Startup: IMVU.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: إر&سال إلى OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: ملاحظات OneNote الم&رتبطة - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\ke$ha\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\NLSSRV32.EXE
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 8902 bytes
--------------------------------------------------------------------------------------------------

2) تقرير بالبرامج المثبتة

====== معلومات نظام التشغيل ======

X86 WIN_7 7600

====== قائمة البرامج المثبتة ======

Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Community Help
Adobe Community Help
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Download Manager
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe Illustrator CS4
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS5
Adobe Reader 8
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 9.05
Attribute Changer 6.20
AviSynth 2.5
Bing Bar
Bing Bar Platform
CCleaner
Connect
D3DX10
DCE Tools 1.0
Facebook IE Toolbar
Fast MP4 3GP AVI MPG WMV RM MOV FLV Converter 6.1
Golden Al-Wafi Translator
Hex Workshop v4.23
HijackThis 2.0.2
hkSFV (remove only)
Internet Download Manager
Internet Download Manager V 5.17.5
jawwal-etsalat 1.0
Jumping Squirrel version 1.01
Junk Mail filter update
K-Lite Mega Codec Pack 5.6.1
kuler
Macromedia Flash Player 8
MathXpert
MATLAB R2008a
Mesh Runtime
Messenger Companion
Messenger Plus! Live
Microsoft Application Error Reporting
Microsoft Office Access MUI (Arabic) 2010
Microsoft Office Excel MUI (Arabic) 2010
Microsoft Office Groove MUI (Arabic) 2010
Microsoft Office InfoPath MUI (Arabic) 2010
Microsoft Office OneNote MUI (Arabic) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (Arabic) 2010
Microsoft Office PowerPoint MUI (Arabic) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Arabic) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proofing (Arabic) 2010
Microsoft Office Publisher MUI (Arabic) 2010
Microsoft Office Shared MUI (Arabic) 2010
Microsoft Office Word MUI (Arabic) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.5.17)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Nitro PDF Professional
Nokia Connectivity Cable Driver
Norton Internet Security
PDF Password Remover v3.1
PDF Settings CS4
PDF Settings CS5
Photoshop Camera Raw
QuickTime
QuickTime Alternative 2.8.0
Realtek High Definition Audio Driver
Recover My Files
Recovery Toolbox for RAR 1.1
Skype™ 3.8
Suite Shared Configuration CS4
SUPERAntiSpyware
UltraISO Premium V9.36
Video Convert Master 11.0.11.21
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
WinSoftME
Your Uninstaller! 2010
أحكام التجويد - الإصدار الأول
أنا توجيهي 2011 1.00
بريد Windows Live
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
مجموع فتاوى ابن تيمية
معرض صور Windows Live

---------------------------------------------------------------------------------------------------------

3) تقرير runscanner

Runscanner logfile http://www.runscanner.net

* = signed file
- = file not found

General info
------------
Computer name : KEHA-PC
Creation time : 03/22/2011 01:45:05 ص
Hosts 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 8.0.7600.16385
OS : Windows 7 Ultimate
OS Build : 7600
OS SP :
RunScanner Version : 2.0.0.50
User Language : العربية (السعودية)‏
User rights : Administrator
Windows folder : C:\Windows

Running processes
-----------------
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\csrss.exe (Microsoft Corporation)
* C:\Windows\System32\dwm.exe (Microsoft Corporation)
* C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
* C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\svchost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Windows\System32\taskhost.exe (Microsoft Corporation)
* C:\Program Files\Internet Download Manager\idman.exe (Tonec Inc.)
* C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
* C:\Windows\System32\lsass.exe (Microsoft Corporation)
* C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (Microsoft Corporation)
* C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE (Microsoft Corporation)
* C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
* C:\Windows\System32\SearchIndexer.exe (Microsoft Corporation)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
* C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
* C:\Zyzoom_Forum_Tools\zRunScanner.com (Runscanner.net)
* C:\Windows\System32\services.exe (Microsoft Corporation)
* C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
* C:\Windows\System32\spoolsv.exe (Microsoft Corporation)
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
* C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe (Symantec Corporation)
* C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe (Symantec Corporation)
* C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
* C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
* C:\Windows\System32\smss.exe (Microsoft Corporation)
C:\Zyzoom_Forum_Tools\zyzoom.exe
* C:\Windows\System32\notepad.exe (Microsoft Corporation)
* C:\Windows\System32\notepad.exe (Microsoft Corporation)
* C:\Windows\System32\wininit.exe (Microsoft Corporation)
* C:\Windows\System32\winlogon.exe (Microsoft Corporation)
* C:\Windows\System32\lsm.exe (Microsoft Corporation)
* C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
* C:\Users\ke$ha\AppData\Local\Google\Update\1.2.183 .39\GoogleCrashHandler.exe (Google Inc.)
* C:\Windows\explorer.exe (Microsoft Corporation)

Unrated items
-------------
002 C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe (Apple Inc.)
002 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
003 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
010 C:\Windows\system32\srvany.exe (srvany.exe)
010 * C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (SwitchBoard Server (32 bit))
011 * C:\Program Files\UltraISO\drivers\ISODrive.sys (ISO DVD/CD-ROM Device Driver)
011 C:\Windows\System32\Drivers\pcouffin.sys (low level access layer for CD/DVD/BD devices)
041 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {A823A630-78C6-4637-AF80-AEDCA5BB74C1}
041 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {A823A630-78C6-4637-AF80-AEDCA5BB74C1}
042 GUID / CLSID not found {0000036B-C524-4050-81A0-243669A86B9F}
042 GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}
042 C:\Users\ke$ha\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\IMVU\Run IMVU.lnk {d9288080-1baa-4bc4-9cf8-a92d743db949}
042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49}
042 GUID / CLSID not found {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}
045 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {A823A630-78C6-4637-AF80-AEDCA5BB74C1}
060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
061 C:\Program Files\Attribute Changer\acshell.dll (Romain Petges) {D3F9A525-8824-497A-BE36-B23E22F141FC}
061 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {7202BDA4-2D1B-4AC1-9957-9A51E63F2551}
061 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {7202BDA4-2D1B-4AC1-9957-9A51E63F2551}
061 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {A823A630-78C6-4637-AF80-AEDCA5BB74C1}
061 C:\Program Files\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) {A823A630-78C6-4637-AF80-AEDCA5BB74C1}
061 C:\PROGRA~1\hkSFV\hkshlex.dll (Big-O Software) {A1A07B07-F70D-482e-B0E8-B6178E73B094}
061 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
061 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
062 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}
100 Start Page HKCU : http://securityresponse.symantec.com...r/fix_homepage
105 إر&سال إلى OneNote : res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
105 ت&صدير إلى Microsoft Excel : res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
105 تحميل الكل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetAll.htm
105 تحميل بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEExt.htm
105 تحميل محتوى FLV بواسطة Internet Download Manager : C:\Program Files\Internet Download Manager\IEGetVL.htm
170 {1190759b-d168-11df-9d64-001cc0c556e6} : L:\LaunchU3.exe -a
170 {5192e465-cc93-11df-9c85-806e6f6e6963} : J:\EIVCD.exe
170 L : L:\LaunchU3.exe -a
173 C:\Program Files\BreakPoint Software\Hex Workshop 4.2\hwext.dll (BreakPoint Software, Inc.) {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA}
173 C:\PROGRA~1\hkSFV\hkshlex.dll (Big-O Software) {A1A07B07-F70D-482e-B0E8-B6178E73B094}
173 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
173 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
221 C:\Program Files\BreakPoint Software\Hex Workshop 4.2\hwext.dll (BreakPoint Software, Inc.) {DB34D5DC-D41A-482E-A5EF-8FA0F88761DA}
221 C:\PROGRA~1\hkSFV\hkshlex.dll (Big-O Software) {A1A07B07-F70D-482e-B0E8-B6178E73B094}
221 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
221 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
223 C:\Program Files\Attribute Changer\acshell.dll (Romain Petges) {D3F9A525-8824-497A-BE36-B23E22F141FC}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
225 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
227 C:\PROGRA~1\hkSFV\hkshlex.dll (Big-O Software) {A1A07B07-F70D-482e-B0E8-B6178E73B094}
227 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL (SUPERAntiSpyware.com) SUPERAntiSpyware Context Menu
227 * C:\Program Files\UltraISO\isoshell.dll (EZB Systems, Inc.) {AD392E40-428C-459F-961E-9B147782D099}
227 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
231 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll (Adobe Systems, Inc.) PDF Column Info
251 C:\Program Files\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

Missing files
-------------
002 C:\Program Files\Winamp\winampa.exe
004 Corrupt shortcut
007 Corrupt shortcut
063 autocheck
104 C:\Windows\Downloaded Program Files\gp.ocx

------------------------------------------------------------------------------------------------------

4) تقرير Start Up tool

Start-Up Items; List generated by Start-Up Tool. http://Soft.EM-TNT.com
OfficeSyncProcess

Name:OfficeSyncProcess Command:"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run Status:enabled Description:Microsoft Office Document Cache Company:Microsoft Corporation

AdobeBridge

Name:AdobeBridge Command:

Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run Status:enabled Description:n/a Company:n/a

IDMan

Name:IDMan Command:C:\Program Files\Internet Download Manager\IDMan.exe /onboot Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run Status:enabled Description:Internet Download Manager (IDM) Company:Tonec Inc.

Google Update

Name:Google Update Command:"C:\Users\ke$ha\AppData\Local\Google\Updat e\GoogleUpdate.exe" /c Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run Status:enabled Description:?????? Google Company:Google Inc.

SUPERAntiSpyware

Name:SUPERAntiSpyware Command:C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Reg_Path:HKEY_CURRENT_USER\Software\Microsoft\Wind ows\CurrentVersion\Run Status:enabled Description:SUPERAntiSpyware Application Company:SUPERAntiSpyware.com

AdobeAAMUpdater-1.0

Name:AdobeAAMUpdater-1.0 Command:"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe" Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:Adobe Updater Startup Utility Company:Adobe Systems Incorporated

SwitchBoard

Name:SwitchBoard Command:C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:SwitchBoard Server (32 bit) Company:Adobe Systems Incorporated

RtHDVCpl

Name:RtHDVCpl Command:C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:HD Audio Control Panel Company:Realtek Semiconductor

BCSSync

Name:BCSSync Command:"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:Microsoft Office 2010 component Company:Microsoft Corporation

WinampAgent

Name:WinampAgent Command:"C:\Program Files\Winamp\winampa.exe" Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:n/a Company:n/a

QuickTime Task

Name:QuickTime Task Command:"C:\Program Files\Video Convert Master\codec\quicktime\QTTask.exe" -atboottime Reg_Path:HKEY_LOCAL_MACHINE\Software\Microsoft\Win dows\CurrentVersion\Run Status:enabled Description:QuickTime Task Company:Apple Inc.

IMVU.lnk

Name:IMVU.lnk Command:

LinkPath:C:\Users\ke$ha\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup\IMVU.lnk Status:enabled Description:n/a Company:n/a

Adobe Reader Speed Launch.lnk

Name:Adobe Reader Speed Launch.lnk Command:C:\PROGRA~1\Adobe\READER~1.0\Reader\READER ~1.EXE LinkPath:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk Status:enabled Description:Adobe Acrobat SpeedLauncher Company:Adobe Systems Incorporated

Adobe Reader Synchronizer.lnk

Name:Adobe Reader Synchronizer.lnk Command:C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC ~1.EXE LinkPath:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk Status:enabled Description:n/a Company:n/a

أكثر...

المواضيع المتشابهه
الموضوع	كاتب الموضوع	المنتدى	مشاركات	آخر مشاركة
اختراق الساندبوكسي !!!!	RSS	Arabic Rss	0	11-03-2010 05:15 AM
اختراق بموضوع المستوطنات	RSS	المجاوشي للأخبار العامه والسياسية والرياضية	0	09-25-2010 02:32 PM
شكوك في اختراق	RSS	Arabic Rss	0	09-12-2010 01:31 PM
هل تم اختراق الجهاز	RSS	Arabic Rss	0	07-01-2010 09:17 PM
حرب صعدة بلا اختراق حتى الآن	المجاوشي	المجاوشي للأخبار العامه والسياسية والرياضية	0	10-18-2009 01:02 AM

طلب فحص اختراق

Arabic Rss