مشكلة في تثبيت برنامج McAfee

ا

ابــــوعبدالله

زيزوومي نشيط
إنضم
2 فبراير 2009
المشاركات
153
مستوى التفاعل
9
النقاط
200
غير متصل
بسم الله الرحمن الرحيم

والصلاة والسلام على رسول الله وعلى آله وصحبه أجمعين

السلام عليكم ورحمة الله وبركاته

كيفكم

اخواني قبل تثبيت برنامج
McAfee

ثبت برنامج
Microsoft Security Essentials

وسويت له إزالة من برنامج WinUtilities

ورحت ابغى اثبت المكافي ولكن رفض التثبيت

لانه يقول انه البرنامج هذا Microsoft Security Essentials موجود ولم تتم إزالة

وحذفته كمان من Program Files

وما نفعت الطريقة !

اعدت تنصيب البرنامج Microsoft Security Essentials

ولكن يظهر لي Erorr ويوقف التنصيب

جنني:y:!

وصلى الله وسلم على رسول الله وعلى آله وصحبه أجمعين .
 

توقيع : ابــــوعبدالله
ترتيب حسب التاريخ ترتيب حسب الأصوات
ربما بعض البقايا عالقة بالجهاز .
،

حمل الملف التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغلها بدبل كلك لمستخدمين الاكسبي
ومستخدمين الفيستا و 7 حسب الصورة

f16e7ada0e45c76c029592bc94c520e0.png


سيتم اعادة تشغيل الجهاز اجباريا ،، احفظ اي اعمال تقوم بها
اضغط start وانتظر حتى انتهاء التنظيف
واضغط موافق للموافقة على اعادة تشغيل الجهاز
،
بعد ما تتم اعادة التشغيل جرب التثبيت و يفضل لو تحمله من موقع
الشركة حتى نتأكد من سلامة البرنامج نفسه و أن لم يفلح هات تقرير
لبرنامج الهايجاك ..​
 
تأييد 0
بسم الله الرحمن الرحيم

والصلاة والسلام على رسول الله وعلى آله وصحبه أجمعين

السلام عليكم ورحمة الله وبركاته

آسف اخوي عالتأخير نظراً لظروفي والله العظيم مانسيتك

الأداة TFC مانفعت وهذا التقرير اللي طلبت :



*********** تقرير الهايجاك ***********
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:09:01 م, on 30/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\AppServ\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\DynDNS Updater\DynUpSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\DynDNS Updater\DynTray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\Programs\Zyzoom_Report_Tool.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Ht.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-21-1960408961-2025429265-1417001333-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FHD2')
O4 - HKUS\S-1-5-21-1960408961-2025429265-1417001333-1009\..\Run: [HKCU] C:\WINDOWS\system32\winhelper\help.exe (User 'FHD2')
O4 - HKUS\S-1-5-21-1960408961-2025429265-1417001333-1009\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'FHD2')
O4 - HKUS\S-1-5-21-1960408961-2025429265-1417001333-1009\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'FHD2')
O4 - HKUS\S-1-5-21-1960408961-2025429265-1417001333-1009\..\Policies\Explorer\Run: [Policies] C:\WINDOWS\system32\winhelper\help.exe (User 'FHD2')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
O8 - Extra context menu item: Internet Download Manager تحميل بواسطة - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: إرسال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: إر&سال إلى OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted IP range:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O15 - ESC Trusted IP range:
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O17 - HKLM\System\CCS\Services\Tcpip\..\{0CFC62AF-DE5A-4CD1-B9BD-23A44CDEBFFD}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AAF8099-4A44-4B56-8B10-08947A6B7807}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CFC62AF-DE5A-4CD1-B9BD-23A44CDEBFFD}: NameServer = 216.146.35.35,216.146.36.36
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CFC62AF-DE5A-4CD1-B9BD-23A44CDEBFFD}: NameServer = 216.146.35.35,216.146.36.36
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10511 bytes


*********** تقرير مسجل النظام ***********

"Silent Runners.vbs", revision 60,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Operating System: Windows XP SP3
Search enabled of all directories on local fixed drives for DESKTOP.INI
DLL launch points
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"PC Suite Tray" = ""C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray" ["Nokia"]
"msnmsgr" = ""C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background" [MS]
"IDMan" = "C:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"OEM02Mon.exe" = "C:\WINDOWS\OEM02Mon.exe" ["Creative Technology Ltd."]
"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"GrooveMonitor" = ""C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"" [MS]
"Broadcom Wireless Manager UI" = "C:\WINDOWS\system32\WLTRAY.exe" ["Dell Inc."]
"Dell QuickSet" = "C:\Program Files\Dell\QuickSet\quickset.exe" ["Dell Inc."]
"Apoint" = "C:\Program Files\DellTPad\Apoint.exe" ["Alps Electric Co., Ltd."]
"SigmatelSysTrayApp" = "C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe"
"COMODO Internet Security" = ""C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h" ["COMODO"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDMIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."]

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\(Default) = "Symantec NCO BHO"
-> {HKLM...CLSID} = "Symantec NCO BHO"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll" ["Symantec Corporation"]

{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\(Default) = "Symantec Intrusion Prevention"
-> {HKLM...CLSID} = "Symantec Intrusion Prevention"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL" ["Symantec Corporation"]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "مساعد تسجيل الدخول إلى Windows Live"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = "{99FD978C-D287-4F50-827F-B2C658EDA8E7}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = "{920E6DB1-9907-4370-B3A0-BAFC03D81399}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = "{16F3DD56-1AF5-4347-846D-7C10C4192619}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]

"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]

"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]

"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" = "Groove GFS Browser Helper"
-> {HKLM...CLSID} = "Groove GFS Browser Helper"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" = "Groove GFS Explorer Bar"
-> {HKLM...CLSID} = "Groove Folder Synchronization"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{A449600E-1DC6-4232-B948-9BD794D62056}" = "Groove GFS Stub Icon Handler"
-> {HKLM...CLSID} = "Groove GFS Stub Icon Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{6C467336-8281-4E60-8204-430CED96822D}" = "Groove GFS Context Menu Handler"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{387E725D-DC16-4D76-B310-2C93ED4752A0}" = "Groove XML Icon Handler"
-> {HKLM...CLSID} = "Groove XML Icon Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{16F3DD56-1AF5-4347-846D-7C10C4192619}" = "Groove Explorer Icon Overlay 3 (GFS Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 3 (GFS Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" = "Groove Explorer Icon Overlay 2 (GFS Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2 (GFS Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{99FD978C-D287-4F50-827F-B2C658EDA8E7}" = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{920E6DB1-9907-4370-B3A0-BAFC03D81399}" = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
-> {HKLM...CLSID} = "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS]

"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS]

"{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
-> {HKLM...CLSID} = "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL" [MS]

"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS]

"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
-> {HKLM...CLSID} = "Microsoft Office Metadata Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
-> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]

"{0563DB41-F538-4B37-A92D-4659049B7766}" = "WLMD Message Handler"
-> {HKLM...CLSID} = "CLSID_WLMCMimeFilter"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Mail\mailcomm.dll" [MS]

"{00F33137-EE26-412F-8D71-F84E4C2C6625}" = (no title provided)
-> {HKLM...CLSID} = "Windows Live Photo Gallery Viewer Autoplay Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]

"{00F346CB-35A4-465B-8B8F-65A29DBAB1F6}" = "Windows Live Photo Gallery Viewer Drop Target Shim"
-> {HKLM...CLSID} = "Windows Live Photo Gallery Viewer Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]
 
توقيع : ابــــوعبدالله
تأييد 0

"{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D}" = "Windows Live Photo Gallery Editor Drop Target Shim"
-> {HKLM...CLSID} = "Windows Live Photo Gallery Editor Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]

"{00F30F90-3E96-453B-AFCD-D71989ECC2C7}" = "Windows Live Photo Gallery Autoplay Drop Target Shim"
-> {HKLM...CLSID} = "Windows Live Photo Gallery Viewer Autoplay Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]

"{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}" = "*Nokia Phone Browser*" (unwritable string)
-> {HKLM...CLSID} = "*Nokia Phone Browser*" (unwritable string)
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]

"{6af09ec9-b429-11d4-a1fb-0090960218cb}" = "My Bluetooth Places"
-> {HKLM...CLSID} = "My Bluetooth Places"
\InProcServer32\(Default) = "C:\WINDOWS\system32\BTNEIG~1.DLL" ["Broadcom Corporation."]

"{7842554E-6BED-11D2-8CDB-B05550C10000}" = "Monitor"
-> {HKLM...CLSID} = "Monitor Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\btncopy.dll" ["Broadcom Corporation."]

"{E0D79304-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

"{E0D79305-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

"{E0D79306-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

"{E0D79307-84BE-11CE-9641-444553540000}" = "WinZip"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

"{4255A182-CAD9-4214-A19B-7BA7FB633BBD}" = "Comodo Antivirus"
-> {HKLM...CLSID} = "Comodo AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll" ["COMODO"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" = "Groove GFS Stub Execution Hook"
-> {HKLM...CLSID} = "Groove GFS Stub Execution Hook"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\

"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> grooveLocalGWS\CLSID = "{88FED34C-F0CA-4636-A375-3CB6248B04CD}"
-> {HKLM...CLSID} = "Local Groove Web Services Protocol"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll" [MS]

<<!>> livecall\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]

<<!>> ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}"
-> {HKLM...CLSID} = "HxProtocol Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll" [MS]

<<!>> msnim\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]

<<!>> wlmailhtml\CLSID = "{03C514A3-1EFB-4856-9F99-10D7BE1653C0}"
-> {HKLM...CLSID} = "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Mail\mailcomm.dll" [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Comodo Antivirus\(Default) = "{4255A182-CAD9-4214-A19B-7BA7FB633BBD}"
-> {HKLM...CLSID} = "Comodo AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll" ["COMODO"]

HexWorkshopContextMenu\(Default) = "{DB34D5DC-D41A-482E-A5EF-8FA0F88761DA}"
-> {HKLM...CLSID} = "Hex Workshop Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\BreakPoint Software\Hex Workshop v6\HWExt.dll" ["BreakPoint Software, Inc."]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""C:\Program Files\Norton Internet Security\Engine\18.1.0.37\NavShExt.dll"" ["Symantec Corporation"]

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\************' Anti-Malware\mbamext.dll" [file not found]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\

Monitor\(Default) = "{7842554E-6BED-11D2-8CDB-B05550C10000}"
-> {HKLM...CLSID} = "Monitor Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\btncopy.dll" ["Broadcom Corporation."]

Nokia\(Default) = "{416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A}"
-> {HKLM...CLSID} = "*Nokia Phone Browser*" (unwritable string)
\InProcServer32\(Default) = "C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll" ["Nokia"]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinZip\(Default) = "{E0D79305-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

Comodo Antivirus\(Default) = "{4255A182-CAD9-4214-A19B-7BA7FB633BBD}"
-> {HKLM...CLSID} = "Comodo AntiVirus"
\InProcServer32\(Default) = "C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll" ["COMODO"]

MBAMShlExt\(Default) = "{57CE581A-0CB6-4266-9CA0-19364C90A0B3}"
-> {HKLM...CLSID} = "MBAMShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\************' Anti-Malware\mbamext.dll" [file not found]

Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}"
-> {HKLM...CLSID} = "IEContextMenu Class"
\InProcServer32\(Default) = ""C:\Program Files\Norton Internet Security\Engine\18.1.0.37\NavShExt.dll"" ["Symantec Corporation"]

WinZip\(Default) = "{E0D79304-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]

XXX Groove GFS Context Menu Handler XXX\(Default) = "{6C467336-8281-4E60-8204-430CED96822D}"
-> {HKLM...CLSID} = "Groove GFS Context Menu Handler"
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinZip\(Default) = "{E0D79305-84BE-11CE-9641-444553540000}"
-> {HKLM...CLSID} = "WinZip"
\InProcServer32\(Default) = "C:\Program Files\WinZip\wzshlstb.dll" ["WinZip Computing, S.L."]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

"NoDesktop" = (REG_DWORD) dword:0x00000000
{unrecognized setting}

"NoActiveDesktop" = (REG_DWORD) dword:0x00000000
{User Configuration|Administrative Templates|Desktop|Desktop / Active Desktop|
Disable Active Desktop}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Bliss.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\web\wallpaper\Bliss.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Windows Portable Device AutoPlay Handlers
-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

GOMPlayDVDOnArrival\
"Provider" = "GOM Player"
"InvokeProgID" = "GomPlayer.DVD"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\GomPlayer.DVD\shell\open\command\(Default) = ""C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"" ["Gretech Corp."]

GOMPlayMediaOnArrival\
"Provider" = "GOM Player"
"InvokeProgID" = "GomPlayer.MediaFile"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\GomPlayer.MediaFile\shell\open\command\(Default) = ""C:\Program Files\GRETECH\GomPlayer\GOM.exe" /open "%1"" ["Gretech Corp."]
HKLM\SOFTWARE\Classes\GomPlayer.MediaFile\shell\open\DropTarget\CLSID = "{D0F0AD6B-ECCC-401E-8E71-C4363D41399C}"
-> {HKLM...CLSID} = (no title provided)
\LocalServer32\(Default) = "C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.exe" ["Gretech Corp."]

MSLivePhotoAcqHWEventHandler\
"Provider" = "@%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10"
"ProgID" = "Microsoft.LivePhotoAcqHWEventHandler"
HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = "{3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F}"
-> {HKLM...CLSID} = (no title provided)
\LocalServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe" [MS]

MSLivePhotoAcquireDropHandler\
"Provider" = "@%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10"
"InvokeProgID" = "Microsoft.LivePhotoAcqDTShim.1"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = "{00F33137-EE26-412F-8D71-F84E4C2C6625}"
-> {HKLM...CLSID} = "Windows Live Photo Gallery Viewer Autoplay Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]

MSLiveShowPicturesOnArrival\
"Provider" = "@%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10"
"InvokeProgID" = "Microsoft.Photos.LiveAutoplayShim.1"
"InvokeVerb" = "open"
HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = "{00F30F90-3E96-453B-AFCD-D71989ECC2C7}"
-> {HKLM...CLSID} = "Windows Live Photo Gallery Viewer Autoplay Shim"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll" [MS]

MSLiveVideoCameraArrivalCaptureWizard\
"Provider" = "@%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10"
"ProgID" = "WLXAutoPlayMgr.WLXHWEventHandler"
"InitCmdLine" = "WLXVideoAcquireWizard"
HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = "{9B5C97F6-B3A5-4A6D-8B03-993EC7291A22}"
-> {HKLM...CLSID} = "WLXWEventHandler Class"
\LocalServer32\(Default) = ""C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe"" [MS]

MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]


DESKTOP.INI DLL launch in local fixed drive directories:
--------------------------------------------------------

C:\Program Files\WIDCOMM\Bluetooth Software\My Bluetooth Places\DESKTOP.INI
[.ShellClassInfo]
CLSID={6af09ec9-b429-11d4-a1fb-0090960218cb}
-> {HKLM...CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\BTNEIG~1.DLL" ["Broadcom Corporation."]


Startup items in "Administrator" & "All Users" startup folders:
---------------------------------------------------------------

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Bluetooth" -> shortcut to: "C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" ["Broadcom Corporation."]
"DynDNS Updater Tray Icon" -> shortcut to: "C:\Program Files\DynDNS Updater\DynTray.exe" ["Dynamic Network Services, Inc."]


Enabled Scheduled Tasks:
------------------------

"MP Scheduled Scan" -> launches: "C:\Program Files\Microsoft Security Essentials\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan" [file not found]
"User_Feed_Synchronization-{468C0CDC-CD64-4B4D-8E98-30BFB6E18728}" -> launches: "C:\WINDOWS\system32\msfeedssync.exe sync" [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 19
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll" ["Symantec Corporation"]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" = "Norton Toolbar"
-> {HKLM...CLSID} = "Norton Toolbar"
\InProcServer32\(Default) = "C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll" ["Symantec Corporation"]

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = "Groove Folder Synchronization"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [MS]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "أب&حاث"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\
"ButtonText" = "تدوين هذا في المدونة"
"MenuText" = "&تدوين هذا في Windows Live Writer"
"CLSIDExtension" = "{5F7B1267-94A9-47F5-98DB-E99415F33AEC}"
-> {HKLM...CLSID} = "BlogThisToolbarButton Class"
\InProcServer32\(Default) = "C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll" [MS]

{2670000A-7350-4F3C-8081-5663EE0C6C49}\
"ButtonText" = "إرسال إلى OneNote"
"MenuText" = "إر&سال إلى OneNote"
"CLSIDExtension" = "{48E73304-E1D6-4330-914C-F5F514E3486C}"
-> {HKLM...CLSID} = "Send to OneNote from Internet Explorer button"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll" [MS]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{CCA281CA-C863-46EF-9331-5C8D4460577F}\
"ButtonText" = "@btrez.dll,-4015"
"MenuText" = "@btrez.dll,-12650"
"Script" = "C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm" [null data]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Bluetooth Service, btwdins, "C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe" ["Broadcom Corporation."]
COMODO Internet Security Helper Service, cmdAgent, ""C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"" ["COMODO"]
Dell Wireless WLAN Tray Service, wltrysvc, "C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe" [null data]
DynDNS Updater, DynDNS Updater, "C:\Program Files\DynDNS Updater\DynUpSvc.exe" ["Dynamic Network Services, Inc."]
MySQL, MySQL, "C:\AppServ\mysql\bin\mysqld-nt.exe MySQL" [null data]
Norton Internet Security, NIS, ""C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe" /s "NIS" /m "C:\Program Files\Norton Internet Security\Engine\18.1.0.37\diMaster.dll" /prefetch:1" ["Symantec Corporation"]
ServiceLayer, ServiceLayer, ""C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"" ["Nokia"]
SigmaTel Audio Service, STacSV, "C:\WINDOWS\system32\STacSV.exe" ["SigmaTel, Inc."]


Print Monitors:
---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\
Bluetooth Printer Port\Driver = "bthcrp.dll" ["Broadcom Corporation."]
Send To Microsoft OneNote Monitor\Driver = "msonpmon.dll" [MS]


---------- (launch time: 2010-11-30 13:09:56)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 475 seconds.
---------- (total run time: 554 seconds)


*********** جميع عمليات الذاكرة ***********

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\AppServ\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\DynDNS Updater\DynUpSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\OEM02Mon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\DynDNS Updater\DynTray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\Programs\Zyzoom_Report_Tool.exe


*********** عمليات الذاكره الغير موقعه رقميا _ بدون عمليات النظام _ ***********

C:\AppServ\mysql\bin\mysqld-nt.exe
C:\WINDOWS\system32\STacSV.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\OEM02Mon.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\Programs\Zyzoom_Report_Tool.exe


*********** المجلدات والملفات التي تم انشاؤها في آخر شهر ***********

2010-11-30 13:08:51 ----A---- C:\zzlog.txt
2010-11-30 13:08:51 ----A---- C:\WINDOWS\system32\Gif89.dll
2010-11-30 09:06:45 ----D---- C:\Documents and Settings\All Users\Application Data\hsswpr
2010-11-28 13:48:27 ----SHD---- C:\WINDOWS\CSC
2010-11-28 10:08:16 ----A---- C:\WINDOWS\SpeedyFox Uninstall Log.txt
2010-11-28 10:04:33 ----D---- C:\WINDOWS\SpeedyFox
2010-11-28 09:59:21 ----A---- C:\WINDOWS\SpeedyFox Setup Log.txt
2010-11-28 09:50:36 ----D---- C:\Program Files\Symantec
2010-11-28 09:50:36 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-11-28 09:50:36 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-11-28 09:49:38 ----D---- C:\Program Files\Norton Internet Security
2010-11-28 09:49:37 ----D---- C:\Program Files\Windows Sidebar
2010-11-28 09:49:35 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-11-28 09:49:26 ----D---- C:\Program Files\NortonInstaller
2010-11-28 01:39:33 ----D---- C:\WINDOWS\Temp
2010-11-26 09:27:42 ----HD---- C:\Program Files\Uninstall Information
2010-11-26 07:55:50 ----D---- C:\Program Files\Conduit
2010-11-26 07:54:30 ----D---- C:\WINDOWS\Simple Port Forwarding
2010-11-26 07:54:26 ----A---- C:\WINDOWS\Simple Port Forwarding Setup Log.txt
2010-11-26 06:30:43 ----D---- C:\Program Files\PFConfig
2010-11-26 00:50:06 ----D---- C:\Program Files\outlook express
2010-11-25 17:27:50 ----D---- C:\Program Files\Microsoft Silverlight
2010-11-25 03:44:27 ----D---- C:\Program Files\WinPcap
2010-11-24 23:24:23 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-11-23 06:30:21 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-11-23 03:57:07 ----D---- C:\Program Files\CamStudio
2010-11-23 01:48:15 ----D---- C:\Documents and Settings\Administrator\Application Data\Publish Providers
2010-11-23 01:47:54 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony
2010-11-23 01:30:42 ----D---- C:\Program Files\Sony
2010-11-23 01:30:38 ----A---- C:\WINDOWS\system32\wmv8dmoe.dll
2010-11-23 01:30:38 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-11-23 01:30:37 ----A---- C:\WINDOWS\system32\wmvdmoe.dll
2010-11-23 01:30:36 ----A---- C:\WINDOWS\system32\wmvcore2.dll
2010-11-23 01:20:01 ----D---- C:\Program Files\Sony Setup
2010-11-21 18:26:47 ----A---- C:\WINDOWS\InstRun.ini
2010-11-21 18:23:21 ----D---- C:\Documents and Settings\Administrator\Application Data\Jiangmin
2010-11-21 18:23:18 ----D---- C:\Documents and Settings\All Users\Application Data\Jiangmin
2010-11-21 18:22:58 ----A---- C:\WINDOWS\system32\KVInstall.dll
2010-11-21 18:22:58 ----A---- C:\WINDOWS\system32\HiveBase.dll
2010-11-21 03:42:40 ----D---- C:\Program Files\WinUtilities Process Security
2010-11-21 03:41:36 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2010-11-21 03:41:36 ----A---- C:\WINDOWS\system32\unicows.dll
2010-11-21 03:41:35 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2010-11-21 03:41:35 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2010-11-21 03:41:35 ----A---- C:\WINDOWS\system32\shfolder.inf
2010-11-21 03:41:35 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-11-21 03:41:35 ----A---- C:\WINDOWS\system32\anim.dll
2010-11-21 03:41:34 ----D---- C:\Program Files\WinUtilities
2010-11-20 20:47:26 ----HD---- C:\VritualRoot
2010-11-20 04:41:57 ----D---- C:\Documents and Settings\Administrator\Application Data\GRETECH
2010-11-20 00:22:25 ----D---- C:\Program Files\windows nt
2010-11-20 00:22:25 ----D---- C:\Program Files\microsoft frontpage
2010-11-19 17:38:47 ----D---- C:\WINDOWS\Prefetch
2010-11-16 16:02:14 ----A---- C:\WINDOWS\ntbtlog.txt
2010-11-15 22:31:35 ----D---- C:\Program Files\Wise Disk Cleaner
2010-11-15 22:30:57 ----D---- C:\Program Files\Wise Registry Cleaner
2010-11-15 21:04:50 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-11-15 21:04:50 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-11-15 01:52:02 ----D---- C:\Documents and Settings\Administrator\Application Data\************
2010-11-15 01:51:30 ----D---- C:\Documents and Settings\All Users\Application Data\************
2010-11-14 23:51:28 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-11-14 21:43:08 ----D---- C:\Documents and Settings\Administrator\Application Data\Thinstall
2010-11-14 06:07:09 ----D---- C:\Program Files\DynDNS Updater
2010-11-14 06:07:09 ----D---- C:\Documents and Settings\All Users\Application Data\DynDNS
2010-11-14 05:02:21 ----D---- C:\Program Files\No-IP
2010-11-14 00:31:25 ----D---- C:\Program Files\Havij 13
2010-11-13 21:59:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-11-13 20:37:37 ----D---- C:\WINDOWS\pss
2010-11-13 20:36:40 ----D---- C:\Documents and Settings\Administrator\Application Data\Godlike
2010-11-13 18:41:02 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-11-13 17:50:27 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-11-13 17:50:27 ----A---- C:\WINDOWS\system32\irclass.dll
2010-11-13 15:33:48 ----SHD---- C:\$RECYCLE.BIN
2010-11-13 14:55:08 ----SHD---- C:\Boot
2010-11-13 00:54:42 ----D---- C:\Program Files\Havij
2010-11-13 00:49:37 ----D---- C:\WINDOWS\system32\tr-tr
2010-11-13 00:49:34 ----D---- C:\WINDOWS\system32\th-th
2010-11-13 00:49:31 ----D---- C:\WINDOWS\system32\sv-se
2010-11-13 00:49:27 ----D---- C:\WINDOWS\system32\sk-sk
2010-11-13 00:49:23 ----D---- C:\WINDOWS\system32\sl-si
2010-11-13 00:49:16 ----D---- C:\WINDOWS\system32\ru-ru
2010-11-13 00:49:12 ----D---- C:\WINDOWS\system32\ro-ro
2010-11-13 00:49:07 ----D---- C:\WINDOWS\system32\pt-pt
2010-11-13 00:49:03 ----D---- C:\WINDOWS\system32\pt-br
2010-11-13 00:48:59 ----D---- C:\WINDOWS\system32\pl-pl
2010-11-13 00:48:55 ----D---- C:\WINDOWS\system32\nb-no
2010-11-13 00:48:51 ----D---- C:\WINDOWS\system32\nl-nl
2010-11-13 00:48:46 ----D---- C:\WINDOWS\system32\lv-lv
2010-11-13 00:48:43 ----D---- C:\WINDOWS\system32\lt-lt
2010-11-13 00:48:34 ----D---- C:\WINDOWS\system32\ko-kr
2010-11-13 00:48:30 ----D---- C:\WINDOWS\system32\ja-jp
2010-11-13 00:48:25 ----D---- C:\WINDOWS\system32\it-it
2010-11-13 00:48:19 ----D---- C:\WINDOWS\system32\hu-hu
2010-11-13 00:48:15 ----D---- C:\WINDOWS\system32\hr-hr
2010-11-13 00:48:12 ----D---- C:\WINDOWS\system32\he-il
2010-11-13 00:48:07 ----D---- C:\WINDOWS\system32\fr-fr
2010-11-13 00:48:02 ----D---- C:\WINDOWS\system32\fi-fi
2010-11-13 00:47:57 ----D---- C:\WINDOWS\system32\et-ee
2010-11-13 00:47:55 ----D---- C:\WINDOWS\system32\es-es
2010-11-13 00:47:53 ----D---- C:\WINDOWS\system32\el-gr
2010-11-13 00:47:51 ----D---- C:\WINDOWS\system32\de-de
2010-11-13 00:47:50 ----D---- C:\WINDOWS\system32\da-dk
2010-11-13 00:47:48 ----D---- C:\WINDOWS\system32\cs-cz
2010-11-13 00:47:46 ----D---- C:\WINDOWS\system32\zh-tw
2010-11-13 00:47:44 ----D---- C:\WINDOWS\system32\zh-cn
2010-11-13 00:47:42 ----D---- C:\WINDOWS\system32\bg-bg
2010-11-13 00:39:13 ----D---- C:\Hotspot Shield
2010-11-13 00:33:22 ----A---- C:\WINDOWS\unvise32.exe
2010-11-13 00:32:53 ----D---- C:\AppServ
2010-11-13 00:03:03 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2010-11-13 00:02:50 ----D---- C:\Program Files\WinZip
2010-11-12 23:58:05 ----HDC---- C:\WINDOWS\ie8
2010-11-12 23:17:44 ----D---- C:\Documents and Settings\Administrator\Application Data\Mavituna Security Ltd
2010-11-12 23:14:44 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-11-12 23:13:44 ----D---- C:\WINDOWS\system32\ar-SA
2010-11-12 23:09:33 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-11-12 23:08:50 ----D---- C:\WINDOWS\system32\XPSViewer
2010-11-12 23:08:41 ----D---- C:\Program Files\Reference Assemblies
2010-11-12 23:07:24 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-11-12 23:07:24 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-11-12 23:07:23 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-11-12 22:52:41 ----D---- C:\Documents and Settings\Administrator\Application Data\IDM
2010-11-12 22:52:40 ----D---- C:\Documents and Settings\Administrator\Application Data\DMCache
2010-11-12 22:52:37 ----D---- C:\Program Files\Internet Download Manager
2010-11-12 22:50:30 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-11-12 22:34:44 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2010-11-12 22:29:31 ----D---- C:\Program Files\Mavituna Security
2010-11-12 22:27:35 ----A---- C:\WINDOWS\system32\btw_ci.dll
2010-11-12 22:27:19 ----D---- C:\Program Files\WIDCOMM
2010-11-12 22:24:51 ----D---- C:\Program Files\BreakPoint Software
2010-11-12 22:22:41 ----D---- C:\Program Files\ConTEXT
2010-11-12 22:22:29 ----D---- C:\Program Files\WinTools Software
2010-11-12 22:15:35 ----A---- C:\WINDOWS\system32\stlang.dll
2010-11-12 22:15:35 ----A---- C:\WINDOWS\system32\stacsv.exe
2010-11-12 22:15:35 ----A---- C:\WINDOWS\stsystra.exe
2010-11-12 22:15:18 ----A---- C:\WINDOWS\system32\stacapi.dll
2010-11-12 22:15:18 ----A---- C:\WINDOWS\system32\st325602.dll
2010-11-12 22:11:16 ----D---- C:\Documents and Settings\Administrator\Application Data\Nokia
2010-11-12 22:11:13 ----D---- C:\Documents and Settings\Administrator\Application Data\PC Suite
2010-11-12 22:11:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-12 22:11:10 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-11-12 22:10:14 ----D---- C:\Program Files\Common Files\PCSuite
2010-11-12 22:10:09 ----D---- C:\Program Files\Common Files\Nokia
2010-11-12 22:09:44 ----D---- C:\Program Files\DIFX
2010-11-12 22:09:40 ----A---- C:\WINDOWS\system32\BCMLogon.dll
2010-11-12 22:09:37 ----A---- C:\WINDOWS\system32\vcredist_x86.exe
2010-11-12 22:09:37 ----A---- C:\WINDOWS\system32\vcredist_x86.bat
2010-11-12 22:09:36 ----A---- C:\WINDOWS\system32\wltrynt.dll
2010-11-12 22:09:36 ----A---- C:\WINDOWS\system32\preflib.dll
2010-11-12 22:09:36 ----A---- C:\WINDOWS\system32\bcmwlu00.exe
2010-11-12 22:09:36 ----A---- C:\WINDOWS\system32\bcmwlpkt.dll
2010-11-12 22:09:35 ----A---- C:\WINDOWS\system32\WLTRYSVC.EXE
2010-11-12 22:09:35 ----A---- C:\WINDOWS\system32\WLTRAY.EXE
2010-11-12 22:09:35 ----A---- C:\WINDOWS\system32\WLBCGCBPRO731.DLL
2010-11-12 22:09:35 ----A---- C:\WINDOWS\system32\BCMWLTRY.EXE
2010-11-12 22:09:35 ----A---- C:\WINDOWS\system32\bcm1xsup.dll
2010-11-12 22:09:34 ----D---- C:\Program Files\Dell
2010-11-12 21:48:26 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-12 21:48:18 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-11-12 21:48:18 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-11-12 21:48:15 ----D---- C:\Program Files\Nokia
2010-11-12 21:48:15 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-11-12 21:47:21 ----D---- C:\Documents and Settings\Administrator\Application Data\InstallShield
2010-11-12 21:46:56 ----D---- C:\Program Files\SigmaTel
2010-11-12 21:46:56 ----D---- C:\Program Files\DellTPad
2010-11-12 21:46:47 ----A---- C:\WINDOWS\system32\WdfCoInstaller01005.dll
2010-11-12 21:46:47 ----A---- C:\WINDOWS\system32\Vxdif.dll
2010-11-12 21:45:38 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-12 21:44:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-11-12 21:44:29 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-11-12 21:42:04 ----D---- C:\Program Files\Microsoft
2010-11-12 21:41:41 ----D---- C:\Program Files\Windows Live SkyDrive
2010-11-12 21:41:26 ----D---- C:\Program Files\Windows Live
2010-11-12 21:34:01 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-11-12 21:30:38 ----D---- C:\Program Files\MSBuild
2010-11-12 21:30:16 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-12 21:27:39 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2010-11-12 21:27:34 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-11-12 21:26:19 ----D---- C:\Program Files\Common Files\Windows Live
2010-11-12 21:25:59 ----HD---- C:\WINDOWS\ShellNew
2010-11-12 21:25:11 ----D---- C:\Program Files\Microsoft Office
2010-11-12 21:25:09 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-11-12 21:24:43 ----RHD---- C:\MSOCache
2010-11-12 21:13:32 ----A---- C:\WINDOWS\system32\jit.dll
2010-11-12 21:13:32 ----A---- C:\WINDOWS\setdebug.exe
2010-11-12 21:13:30 ----A---- C:\WINDOWS\system32\javaee.dll
2010-11-12 21:13:29 ----A---- C:\WINDOWS\system32\dx3j.dll
2010-11-12 21:13:10 ----A---- C:\WINDOWS\system32\wjview.exe
2010-11-12 21:13:09 ----A---- C:\WINDOWS\system32\vmhelper.dll
2010-11-12 21:13:08 ----A---- C:\WINDOWS\system32\msjdbc10.dll
2010-11-12 21:13:07 ----A---- C:\WINDOWS\system32\msjava.dll
2010-11-12 21:13:06 ----A---- C:\WINDOWS\system32\msawt.dll
2010-11-12 21:13:05 ----A---- C:\WINDOWS\system32\jview.exe
2010-11-12 21:13:05 ----A---- C:\WINDOWS\system32\jdbgmgr.exe
2010-11-12 21:13:04 ----A---- C:\WINDOWS\system32\javart.dll
2010-11-12 21:13:03 ----A---- C:\WINDOWS\system32\javaprxy.dll
2010-11-12 21:13:03 ----A---- C:\WINDOWS\system32\javacypt.dll
2010-11-12 21:13:02 ----A---- C:\WINDOWS\system32\clspack.exe
2010-11-12 21:12:01 ----D---- C:\Program Files\Microsoft.NET
2010-11-12 21:10:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-11-12 21:09:57 ----D---- C:\Program Files\Common Files\Adobe
2010-11-12 21:09:57 ----D---- C:\Program Files\Adobe
2010-11-12 21:08:53 ----D---- C:\Program Files\GRETECH
2010-11-12 20:57:09 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-11-12 20:57:08 ----D---- C:\WINDOWS\system32\winrm
2010-11-12 20:57:04 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-11-12 20:45:31 ----D---- C:\WINDOWS\ie8updates
2010-11-12 20:44:49 ----D---- C:\WINDOWS\WBEM
2010-11-12 20:42:30 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-12 18:41:20 ----D---- C:\Program Files\COMODO
2010-11-12 18:38:41 ----D---- C:\Documents and Settings\Administrator\Application Data\Macromedia
2010-11-12 17:21:19 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-11-12 17:20:13 ----D---- C:\Program Files\IDT
2010-11-12 17:19:50 ----D---- C:\Program Files\Windows Media Connect 2
2010-11-12 17:19:00 ----D---- C:\WINDOWS\system32\LogFiles
2010-11-12 17:18:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-11-12 17:17:40 ----RSD---- C:\WINDOWS\assembly
2010-11-12 17:17:40 ----D---- C:\WINDOWS\Microsoft.NET
2010-11-12 17:17:38 ----D---- C:\WINDOWS\system32\URTTemp
2010-11-12 16:58:36 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2010-11-12 16:58:31 ----D---- C:\Program Files\Mozilla Firefox
2010-11-12 16:47:09 ----D---- C:\Documents and Settings\Administrator\Application Data\Help
2010-11-12 16:43:00 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2010-11-12 16:33:30 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2010-11-12 16:33:26 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-11-12 16:33:26 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-11-12 14:51:18 ----SHD---- C:\RECYCLER
2010-11-11 19:26:28 ----A---- C:\WINDOWS\system32\h323log.txt
2010-11-11 18:40:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-11-11 18:40:53 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-11-11 18:37:51 ----SHD---- C:\WINDOWS\Installer
2010-11-11 18:37:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-11 18:37:50 ----D---- C:\Program Files\Common Files\ODBC
2010-11-11 18:37:50 ----A---- C:\WINDOWS\ODBCINST.INI
2010-11-11 18:37:47 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-11-11 18:37:46 ----RD---- C:\Program Files
2010-11-11 18:37:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-11 18:37:46 ----D---- C:\Program Files\Common Files
2010-11-11 18:37:34 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-11-11 18:37:34 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-11-11 18:37:30 ----A---- C:\WINDOWS\system32\storprop.dll
2010-11-11 18:37:22 ----ASH---- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
2010-11-11 18:37:22 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-11-11 18:37:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-11 18:37:09 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-11 18:37:03 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-11-11 18:36:44 ----A---- C:\WINDOWS\setuplog.txt
2010-11-11 18:36:41 ----D---- C:\Documents and Settings
2010-11-11 18:36:40 ----SHD---- C:\System Volume Information
2010-11-11 18:35:52 ----SH---- C:\boot.ini
2010-11-11 18:35:49 ----A---- C:\WINDOWS\system32\$winnt$.inf
2010-11-11 18:28:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-11 18:28:25 ----RSD---- C:\WINDOWS\Fonts
2010-11-11 18:28:25 ----RD---- C:\WINDOWS\Web
2010-11-11 18:28:25 ----HD---- C:\WINDOWS\inf
2010-11-11 18:28:25 ----D---- C:\WINDOWS\WinSxS
2010-11-11 18:28:25 ----D---- C:\WINDOWS\twain_32
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\wins
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\wbem
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\usmt
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\spool
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\ShellExt
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\Setup
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\scripting
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\ras
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\oobe
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\npp
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\mui
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\inetsrv
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\IME
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\icsxml
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\ias
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\export
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\en
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\drivers
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\dhcp
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\config
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\3com_dmi
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\3076
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\2052
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1054
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1042
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1041
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1037
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1033
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1031
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1028
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32\1025
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system32
2010-11-11 18:28:25 ----D---- C:\WINDOWS\system
2010-11-11 18:28:25 ----D---- C:\WINDOWS\security
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Resources
2010-11-11 18:28:25 ----D---- C:\WINDOWS\repair
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Provisioning
2010-11-11 18:28:25 ----D---- C:\WINDOWS\PeerNet
2010-11-11 18:28:25 ----D---- C:\WINDOWS\pchealth
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Network Diagnostic
2010-11-11 18:28:25 ----D---- C:\WINDOWS\mui
2010-11-11 18:28:25 ----D---- C:\WINDOWS\msapps
2010-11-11 18:28:25 ----D---- C:\WINDOWS\msagent
 
توقيع : ابــــوعبدالله
تأييد 0

2010-11-11 18:28:25 ----D---- C:\WINDOWS\Media
2010-11-11 18:28:25 ----D---- C:\WINDOWS\L2Schemas
2010-11-11 18:28:25 ----D---- C:\WINDOWS\java
2010-11-11 18:28:25 ----D---- C:\WINDOWS\ime
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Help
2010-11-11 18:28:25 ----D---- C:\WINDOWS\ehome
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Debug
2010-11-11 18:28:25 ----D---- C:\WINDOWS\Cursors
2010-11-11 18:28:25 ----D---- C:\WINDOWS\AppPatch
2010-11-11 18:28:25 ----D---- C:\WINDOWS
2010-11-11 17:39:29 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-11-11 17:39:18 ----D---- C:\WINDOWS\system32\PreInstall
2010-11-11 17:39:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-11-11 17:39:16 ----HD---- C:\WINDOWS\$hf_mig$
2010-11-11 17:35:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-11-11 17:25:52 ----D---- C:\WINDOWS\system32\appmgmt
2010-11-11 17:21:30 ----D---- C:\Program Files\Marvell
2010-11-11 17:21:21 ----D---- C:\Program Files\Common Files\InstallShield
2010-11-11 17:21:10 ----D---- C:\Documents and Settings\Administrator\Application Data\TMP
2010-11-11 17:21:06 ----D---- C:\dell
2010-11-11 17:18:45 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-11-11 16:55:33 ----A---- C:\WINDOWS\system32\WMErrAra.dll
2010-11-11 16:55:18 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2010-11-11 16:55:17 ----A---- C:\WINDOWS\system32\c_iscii.dll
2010-11-11 16:55:16 ----A---- C:\WINDOWS\system32\kbdusa.dll
2010-11-11 16:55:11 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2010-11-11 16:42:45 ----D---- C:\Documents and Settings\Administrator\Application Data\Identities
2010-11-11 16:42:38 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-11-11 16:42:38 ----ASH---- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini
2010-11-11 16:42:38 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2010-11-11 16:42:32 ----D---- C:\WINDOWS\SoftwareDistribution
2010-11-11 16:42:30 ----SD---- C:\WINDOWS\system32\Microsoft
2010-11-11 16:36:00 ----D---- C:\WINDOWS\system32\xircom
2010-11-11 16:36:00 ----D---- C:\Program Files\xerox
2010-11-11 16:35:38 ----A---- C:\WINDOWS\control.ini
2010-11-11 16:35:38 ----A---- C:\AUTOEXEC.BAT
2010-11-11 16:35:26 ----A---- C:\WINDOWS\OEWABLog.txt
2010-11-11 16:35:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-11-11 16:34:26 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-11 16:34:26 ----RD---- C:\WINDOWS\Offline Web Pages
2010-11-11 16:34:20 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-11-11 16:33:55 ----D---- C:\WINDOWS\system32\DirectX
2010-11-11 16:33:50 ----A---- C:\WINDOWS\system32\atrace.dll
2010-11-11 16:33:47 ----A---- C:\WINDOWS\system32\desktop.ini
2010-11-11 16:33:47 ----A---- C:\WINDOWS\desktop.ini
2010-11-11 16:33:40 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-11-11 16:33:39 ----D---- C:\Program Files\Common Files\Services
2010-11-11 16:33:39 ----A---- C:\WINDOWS\system32\acctres.dll
2010-11-11 16:33:36 ----SD---- C:\WINDOWS\Tasks
2010-11-11 16:33:36 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-11-11 16:33:35 ----D---- C:\Program Files\Common Files\MSSoap
2010-11-11 16:33:31 ----D---- C:\WINDOWS\srchasst
2010-11-11 16:33:30 ----D---- C:\WINDOWS\system32\Macromed
2010-11-11 16:33:27 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-11-11 16:33:27 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-11-11 16:33:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-11-11 16:33:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\wups.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-11-11 16:33:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-11-11 16:33:25 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-11-11 16:33:21 ----D---- C:\Program Files\Movie Maker
2010-11-11 16:33:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-11-11 16:33:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-11-11 16:33:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-11-11 16:33:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-11-11 16:32:56 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-11-11 16:32:56 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-11-11 16:32:55 ----D---- C:\WINDOWS\system32\Restore
2010-11-11 16:32:55 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-11-11 16:32:55 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-11-11 16:32:55 ----A---- C:\WINDOWS\system32\srclient.dll
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\msconf.dll
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-11-11 16:32:54 ----A---- C:\WINDOWS\system32\ils.dll
2010-11-11 16:32:51 ----D---- C:\Program Files\NetMeeting
2010-11-11 16:32:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-11-11 16:32:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-11-11 16:32:50 ----A---- C:\WINDOWS\system32\inetres.dll
2010-11-11 16:32:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\mstask.dll
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\isign32.dll
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-11-11 16:32:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-11-11 16:32:45 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-11-11 16:32:39 ----D---- C:\Program Files\Common Files\System
2010-11-11 16:32:33 ----D---- C:\Program Files\Internet Explorer
2010-11-11 16:31:52 ----A---- C:\WINDOWS\vbaddin.ini
2010-11-11 16:31:52 ----A---- C:\WINDOWS\vb.ini
2010-11-11 16:31:47 ----D---- C:\WINDOWS\Registration
2010-11-11 16:31:39 ----D---- C:\Program Files\Windows Media Player
2010-11-11 16:31:39 ----D---- C:\Program Files\Online Services
2010-11-11 16:31:30 ----D---- C:\Program Files\Messenger
2010-11-11 16:31:26 ----D---- C:\Program Files\MSN Gaming Zone
2010-11-11 16:31:26 ----A---- C:\WINDOWS\system32\write.exe
2010-11-11 16:31:16 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-11-11 16:31:16 ----A---- C:\WINDOWS\system32\hticons.dll
2010-11-11 16:31:15 ----A---- C:\WINDOWS\system32\winchat.exe
2010-11-11 16:31:15 ----A---- C:\WINDOWS\system32\avwav.dll
2010-11-11 16:31:15 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-11-11 16:31:15 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-11-11 16:31:09 ----A---- C:\WINDOWS\system32\getuname.dll
2010-11-11 16:31:09 ----A---- C:\WINDOWS\system32\charmap.exe
2010-11-11 16:31:09 ----A---- C:\WINDOWS\system32\calc.exe
2010-11-11 16:31:08 ----A---- C:\WINDOWS\system32\winmine.exe
2010-11-11 16:31:08 ----A---- C:\WINDOWS\system32\sol.exe
2010-11-11 16:31:08 ----A---- C:\WINDOWS\system32\reset.exe
2010-11-11 16:31:08 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-11-11 16:31:08 ----A---- C:\WINDOWS\system32\freecell.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\tskill.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\tscon.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\shadow.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\regini.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\msg.exe
2010-11-11 16:31:07 ----A---- C:\WINDOWS\system32\logoff.exe
2010-11-11 16:31:06 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-11-11 16:31:06 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-11-11 16:31:01 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-11-11 16:30:47 ----D---- C:\Program Files\MSN
2010-11-11 16:30:46 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-11-11 16:30:45 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-11-11 16:30:45 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-11-11 16:30:45 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-11-11 16:30:44 ----A---- C:\WINDOWS\system32\spider.exe
2010-11-11 16:30:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-11-11 16:30:44 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-11-11 16:30:43 ----D---- C:\WINDOWS\system32\en-US
2010-11-11 16:30:43 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-11-11 16:30:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-11-11 16:30:43 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-11-11 16:30:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-11-11 16:30:42 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-11-11 16:30:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-11-11 16:30:40 ----D---- C:\WINDOWS\system32\MsDtc
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-11-11 16:30:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-11-11 16:30:39 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-11-11 16:30:39 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-11-11 16:30:39 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-11-11 16:30:39 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-11-11 16:30:39 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-11-11 16:30:38 ----D---- C:\WINDOWS\system32\Com
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-11-11 16:30:38 ----A---- C:\WINDOWS\system32\colbact.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\stclient.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-11-11 16:30:37 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-11-11 16:30:36 ----A---- C:\WINDOWS\system32\comuid.dll
2010-11-11 16:30:36 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-11-11 16:30:36 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-11-11 16:30:36 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-11-11 16:30:30 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-11-11 16:30:29 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-11-11 16:30:29 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-11-11 16:30:29 ----A---- C:\WINDOWS\system32\cmprops.dll
---------------------------------------------------------------------

This Report Created By Zyzoom.org Tools & Silent Runners & HijackThis

وصلى الله وسلم على رسول الله وعلى آله وصحبه أجمعين .

والسلام عليكم ورحمة الله وبركاته . . .
 
توقيع : ابــــوعبدالله
تأييد 0
ثبت برنامج
Your Uninstaller! PRO

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


بعد تثبيت برنامج حذف البرامج
تأكد من أن البرنامج
Microsoft Security Essentials
موجود في قائمته مع البرامج الأخرى
 
توقيع : tamer87
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى