هذا تقرير جهازي

موران2002 · 11 يناير 2009

Deckard's System Scanner v20071014.68
Run by السعدي on 2009-01-11 12:43:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
43: 2009-01-11 09:43:44 UTC - RP43 - Deckard's System Scanner Restore Point
42: 2009-01-10 10:21:33 UTC - RP42 - نقطة اختبار النظام
41: 2009-01-02 06:46:51 UTC - RP41 - Installed SBS_PXEngine
40: 2009-01-02 06:46:41 UTC - RP40 - Installed Shared2
39: 2009-01-02 06:46:29 UTC - RP39 - Installed DataDiscMaker

-- First Restore Point --
1: 2008-09-20 12:59:41 UTC - RP1 - نقطة اختبار النظام

Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 504 MiB (512 MiB recommended).

-- HijackThis Clone ------------------------------------------------------------

Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2009-01-11 12:45:48
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Crypserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Documents and Settings\السعدي\سطح المكتب\RRT2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\svrse.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Documents and Settings\السعدي\سطح المكتب\dss.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

F0 - system.ini: Shell=Explorer.exe, MyWork
F2 - REG:system.ini: Shell=Explorer.exe, MyWork
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RRT-Auto] C:\Documents and Settings\السعدي\سطح المكتب\RRT2.exe auto
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSN] C:\Windows\svrse.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: igfxtray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\system32\Crypserv.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

--
End of file - 8238 bytes
-- File Associations -----------------------------------------------------------
All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 NetworkX - c:\windows\system32\ckldrv.sys
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT(R)>
R3 smserial - c:\windows\system32\drivers\smserial.sys <Not Verified; Motorola Inc.; Motorola SM56 Modem>
S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)
S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)
S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 Crypkey License - crypserv.exe <Not Verified; Kenonic Controls Ltd.; CrypKey Software Licensing System>
R3 ServiceLayer - "c:\program files\common files\pcsuite\services\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: ‏‏وحدة تحكم Ethernet‏
Device ID: PCI\VEN_14E4&DEV_1600&SUBSYS_3011103C&REV_01\4&4878531&0&00E1
Manufacturer:
Name: ‏‏وحدة تحكم Ethernet‏
PNP Device ID: PCI\VEN_14E4&DEV_1600&SUBSYS_3011103C&REV_01\4&4878531&0&00E1
Service:
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&EDE93E0&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&EDE93E0&0
Service: i8042prt
Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&EDE93E0&0
Manufacturer: (لوحات مفاتيح قياسية)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&EDE93E0&0
Service: i8042prt

-- Files created between 2008-12-11 and 2009-01-11 -----------------------------
2009-01-10 13:44:48 0 d---s---- C:\Documents and Settings\السعدي\UserData
2009-01-02 10:07:03 0 d-------- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
2009-01-02 09:49:42 0 d-------- C:\Documents and Settings\السعدي\Application Data\Sony Corporation
2009-01-02 09:45:28 0 d-------- C:\Program Files\Sony
2008-12-28 13:42:40 0 d-------- C:\WINDOWS\system32\?´
2008-12-28 12:34:17 0 d-------- C:\Program Files\Trymedia
2008-12-28 12:24:18 0 d-------- C:\Q3Ademo
2008-12-28 12:22:07 0 d-------- C:\UT2003Demo
2008-12-28 12:19:22 0 d-------- C:\BH2Game
2008-12-28 12:16:57 0 d-------- C:\Program Files\Beach Head 2002
2008-12-28 12:02:47 52224 --a------ C:\WINDOWS\system32\Crypserv.exe <Not Verified; Kenonic Controls Ltd.; CrypKey Software Licensing System>
2008-12-28 12:02:47 24608 --a------ C:\WINDOWS\system32\Ckldrv.sys
2008-12-28 12:02:47 27648 -ra------ C:\WINDOWS\Setup_ck.exe
2008-12-28 12:02:47 18432 --a------ C:\WINDOWS\Setup_ck.dll
2008-12-28 12:02:47 11776 --a------ C:\WINDOWS\Ckrfresh.exe
2008-12-28 12:02:47 165888 --a------ C:\WINDOWS\Ckconfig.exe <Not Verified; Kenonic Controls; CKCONFIG Application>
2008-12-28 12:02:15 86016 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2008-12-28 12:01:56 0 d-------- C:\Program Files\SWiSH v2.0
2008-12-20 19:44:54 108099 -r-hs---- C:\fppg1.exe
2008-12-20 19:44:27 71680 -r-hs---- C:\WINDOWS\system32\amvo0.dll
2008-12-20 19:44:27 108099 -r-hs---- C:\WINDOWS\system32\amvo.exe
2008-12-18 14:42:45 0 d-------- C:\Program Files\SpacetoonGames
2008-12-14 18:36:11 0 d-------- C:\Program Files\MSBuild
2008-12-14 18:30:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-12-14 18:27:13 0 dr-h----- C:\MSOCache

-- Find3M Report ---------------------------------------------------------------
2009-01-11 12:13:57 254578 --a------ C:\WINDOWS\system32\perfh001.dat
2009-01-11 12:13:57 40962 --a------ C:\WINDOWS\system32\perfc001.dat
2009-01-11 06:00:14 40 --a------ C:\WINDOWS\system32\winitn.dll
2009-01-11 06:00:13 2846720 --a------ C:\WINDOWS\system32\agsaamj.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress3 Module>
2009-01-11 06:00:13 90112 --a------ C:\WINDOWS\system32\agsaami.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFormatSettings3 Module>
2009-01-11 06:00:13 626688 --a------ C:\WINDOWS\system32\agsaamh.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCDGrabber2.dll Module>
2009-01-11 06:00:13 753664 --a------ C:\WINDOWS\system32\agsaamg.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFile3 Module>
2009-01-11 06:00:12 40 --a------ C:\WINDOWS\system32\kakle.dll
2009-01-11 06:00:12 551424 --a------ C:\WINDOWS\system32\agsaame.dll <Not Verified; Online Media Technologies Ltd.; NCTDataDVDWriter2 Module>
2009-01-11 06:00:12 544256 --a------ C:\WINDOWS\system32\agsaamd.dll <Not Verified; Online Media Technologies Ltd.; NCTDataCDWriter2 Module>
2009-01-11 06:00:12 372736 --a------ C:\WINDOWS\system32\agsaamc.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFileWMA3 Module>
2009-01-11 06:00:12 538624 --a------ C:\WINDOWS\system32\agsaamb.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCDWriter2 Module>
2009-01-11 06:00:12 331776 --a------ C:\WINDOWS\system32\agsaama.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioPlayer3 Module>
2009-01-11 06:00:10 1245184 --a------ C:\WINDOWS\system32\bkll.dll <Not Verified; NCT Company Ltd.; NCTRMFile ActiveX DLL>
2009-01-11 06:00:10 215552 --a------ C:\WINDOWS\system32\ALOWMVFile.dll <Not Verified; NCT Company Ltd.; NCTWMVFile ActiveX DLL>
2009-01-11 06:00:10 403968 --a------ C:\WINDOWS\system32\ALOWMAFile2.dll <Not Verified; Online Media Technologies Ltd.; NCTWMAFile2 ActiveX DLL>
2009-01-11 06:00:10 188416 --a------ C:\WINDOWS\system32\ALOVideoFile.dll <Not Verified; NCT Company Ltd.; NCTVideoFile ActiveX DLL>
2009-01-11 06:00:10 495104 --a------ C:\WINDOWS\system32\ALOVideoCoreM.dll <Not Verified; NCT Company Ltd.; NCTVideoCoreM ActiveX DLL>
2009-01-11 06:00:10 780288 --a------ C:\WINDOWS\system32\ALOVideoCompress.dll <Not Verified; NCT Company Ltd.; NCTVideoCompress ActiveX DLL>
2009-01-11 06:00:10 249856 --a------ C:\WINDOWS\system32\ALOQuickTimeFile.dll <Not Verified; Online Media Technologies Company Ltd.; NCTQuickTimeFile Module>
2009-01-11 06:00:10 382464 --a------ C:\WINDOWS\system32\ALOAVIFile.dll <Not Verified; NCT Company Ltd.; NCTAVIFile ActiveX DLL>
2009-01-11 06:00:09 90112 --a------ C:\WINDOWS\system32\ALOAudioFormatSettings3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioFormatSettings3 Module>
2009-01-11 06:00:09 877568 --a------ C:\WINDOWS\system32\ALOAudioFile2.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>
2009-01-11 06:00:09 2846720 --a------ C:\WINDOWS\system32\ALOAudioCompress3.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress3 Module>
2009-01-11 06:00:09 778240 --a------ C:\WINDOWS\system32\ALOAudioCompress2.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioCompress2 Module>
2009-01-02 09:46:57 0 d--h----- C:\Program Files\InstallShield Installation Information
2009-01-02 09:44:42 0 d-------- C:\Program Files\Common Files\InstallShield
2008-12-22 11:56:13 1756 --a------ C:\Documents and Settings\السعدي\Application Data\NMM-****Data.db
2008-12-22 11:54:29 0 d-------- C:\Documents and Settings\السعدي\Application Data\Nokia Multimedia Player
2008-12-14 18:36:25 0 d-------- C:\Program Files\Microsoft Works
2008-12-08 11:49:47 0 d-------- C:\Documents and Settings\السعدي\Application Data\Adobe
2008-12-08 11:49:42 0 d-------- C:\Program Files\Common Files\Adobe
2008-12-08 11:49:11 0 d-------- C:\Program Files\Common Files
2008-12-02 07:16:56 0 --a------ C:\find
2008-11-23 18:12:23 0 d-------- C:\Program Files\media_mp3
2008-11-23 18:12:06 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-11-21 17:00:25 81920 --a------ C:\WINDOWS\system32\viscomwave.dll
2008-11-21 17:00:25 98304 --a------ C:\WINDOWS\system32\viscomtran.dll
2008-11-21 17:00:25 48640 --a------ C:\WINDOWS\system32\viscomsamplerate.dll
2008-11-21 17:00:25 118784 --a------ C:\WINDOWS\system32\viscomrmenc.dll
2008-11-21 17:00:25 147456 --a------ C:\WINDOWS\system32\viscomqtenc.dll
2008-11-21 17:00:25 602112 --a------ C:\WINDOWS\system32\viscomqtde.dll
2008-11-21 17:00:25 1470464 --a------ C:\WINDOWS\system32\viscomm4aenc.dll
2008-11-21 17:00:24 86016 --a------ C:\WINDOWS\system32\viscomframe.dll
2008-11-21 17:00:24 1462272 --a------ C:\WINDOWS\system32\viscomflvenc.dll
2008-11-21 17:00:24 118784 --a------ C:\WINDOWS\system32\viscomflvdec.dll
2008-11-21 17:00:24 1470464 --a------ C:\WINDOWS\system32\viscomdata3.dll
2008-11-21 17:00:24 1454080 --a------ C:\WINDOWS\system32\viscomdata2.dll
2008-11-21 17:00:24 1462272 --a------ C:\WINDOWS\system32\viscomdata1.dll
2008-11-21 17:00:23 18628608 --a------ C:\WINDOWS\system32\viscomavi.dll
2008-11-21 17:00:22 110592 --a------ C:\WINDOWS\system32\viscomaudioencoder.dll
2008-11-21 17:00:22 94208 --a------ C:\WINDOWS\system32\viscomaudiodata.dll
2008-11-21 17:00:22 1454080 --a------ C:\WINDOWS\system32\viscomamrenc.dll
2008-11-21 17:00:22 1462272 --a------ C:\WINDOWS\system32\viscom3gpenc.dll
2008-11-21 17:00:22 6963712 --a------ C:\WINDOWS\system32\videotrans.dll
2008-11-21 17:00:20 452608 --a------ C:\WINDOWS\system32\videoformat.dll
2008-11-21 17:00:20 18599936 --a------ C:\WINDOWS\system32\videoencode.dll
2008-11-21 17:00:16 19456 --a------ C:\WINDOWS\system32\videocore.dll
2008-11-21 17:00:16 90112 --a------ C:\WINDOWS\system32\ssvideo.dll
2008-11-21 17:00:16 1128128 --a------ C:\WINDOWS\system32\NMSDVDXU.dll
2008-11-21 17:00:15 344064 --a------ C:\WINDOWS\system32\dkll.dll <Not Verified; Online Media Technologies Ltd.; NCTAudioRecordEx Module>
2008-11-21 17:00:14 196608 --a------ C:\WINDOWS\system32\maag.dll <Not Verified; NCT Company Ltd.; NCTWMAFile2 ActiveX DLL>
2008-11-21 17:00:14 18595840 --a------ C:\WINDOWS\system32\coredata.dll <Not Verified; ; coredata.dll>
2008-11-21 17:00:14 1212416 --a------ C:\WINDOWS\system32\ckll.dll <Not Verified; NCT Company Ltd.; NCTAudioInformation2 ActiveX DLL>
2008-11-21 17:00:12 1986560 --a------ C:\WINDOWS\system32\akll.dll <Not Verified; NCT Company Ltd.; NCTAudioFile2 ActiveX DLL>
2008-11-21 16:46:34 0 d-------- C:\Documents and Settings\السعدي\Application Data\Datalayer
2008-11-21 07:10:03 0 d-------- C:\Program Files\Golden Al-Wafi Translator
2008-10-14 21:48:36 50 --a------ C:\WINDOWS\system32\msrgl90.dll

-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [06/28/2007 11:51 AM]
"SMSERIAL"="sm56hlpr.exe" [06/06/2005 12:40 PM C:\WINDOWS\sm56hlpr.exe]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [11/03/2005 09:25 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [11/03/2005 09:22 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [11/03/2005 09:26 AM]
"RTHDCPL"="RTHDCPL.EXE" [07/13/2005 05:37 AM C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 01:43 PM C:\WINDOWS\ALCMTR.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 09:50 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [09/23/2008 09:13 PM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [02/19/2006 02:41 AM]
"RRT-Auto"="C:\Documents and Settings\السعدي\سطح المكتب\RRT2.exe" []
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [06/15/2006 12:36 PM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [11/15/2008 03:21 PM]
"MSN"="C:\Windows\svrse.exe" [08/31/2008 05:37 AM]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/27/2006 12:47 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [03/02/2006 03:00 PM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [10/28/2005 03:25 PM]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [06/27/2006 04:21 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [08/04/2004 12:09 AM]
"amva"="C:\WINDOWS\system32\amvo.exe" [02/27/2008 10:36 PM]
C:\Documents and Settings\ںé«م§ï\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [02/01/2009 09:45:43 ]
C:\Documents and Settings\All Users\çں‍ê، ں §ڑ\ںé ©ںê¤\ §ک ںé¢¬نïé\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [23/10/2006 12:48:20 ]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [22/10/2006 11:01:50 ê]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [19/02/2006 04:21:22 ]
igfxtray.exe [04/08/2004 02:56:50 ]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [23/09/2008 08:43:20 ê]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFolderOptions"=0 (0x0)
"NoFileMenu"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe, MyWork"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\A2FREE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\A2SERVICE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ACAAS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ACAEGMGR.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ACAIS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ACALS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ACASP.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AHNSD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AHNSDSV.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ALUSCHEDULERSVC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ANTI-VIRUS&TROJAN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\APVXDWIN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\APVXDWIN.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ASHSIMPL.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVENGINE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVENGINE.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGAMSVR.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGAS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGCC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGEMC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGINET.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGNT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGUARD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGUPSVC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVGWB.DAT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVP.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AVSCAN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdagent.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Bkav2006.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CASECURITYCENTER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CCAPP.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CCenter.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CCPROVSP.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CCSVCHST.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CLEANER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\COUNTERSPY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRWEBSCD.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DRWEBUPW.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EGHOST.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EGUI.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EGUI.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EKRN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EKRN.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EMLPROUI.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EMLPROXY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FAMEH32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\far.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FCH32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FireTray.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPAVSERVER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPROTTRAY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPWIN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSAUA.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSAV32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSDFWD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSGK32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSGK32ST.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSGUIDLL.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSM32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSMA32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSMB32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSQH.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSSM32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FSUS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GUARD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\icesword.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEProt.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Iparmor.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Kav.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kav32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KavPFW.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KAVPLUS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavstart.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavsvc.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KpopMon.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KRegEx.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVCenter.kxp.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVFW.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVMonXP.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVOL.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvolself.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Kvsrvxp.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KVSrvXp_1.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kvwsc.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KWATCHUI.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\livesrv.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MAILMON.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCAGENT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCMSCSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCNASVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCPROXY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCSHIELD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCSYSMON.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCUIMGR.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MCVSESCN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MPFSRV.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSKAGENT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSPROXY.AHN.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Nvsvc32.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ONLINENT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ONLNSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVFNSVR.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVFNSVR.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVPRSRV.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVSRV51.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PAVSRV51.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PCTAV.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PCTAVSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PFW.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSCTRLS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSCTRLS.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSHOST.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSIMSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSIMSVC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSKMSSVC.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QHFW.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QOELOADER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QUHLPSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RAVMON.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavMonD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavService.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RavTask.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RAVTIMER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RfwMain.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\RRfwMain.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Rtvscan.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SASERVICE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SBCSSVC.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SBCSTRAY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCANMSG.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCANNER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCANWSCS.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCHED.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SFCTLCOM.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SHSTAT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SPIDERUI.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SRVLOAD.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TBMon.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TCA.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TCM.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TFSERVICE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TFTRAY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TISSPWIZ.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TMBMSRV.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TPSRV.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TROJAN GUARDER.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TrojDie.kxp.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UfNavi.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UFSEAGNT.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UpdaterUI.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UPSCHD.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VPTray.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsserv.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WEBPROXY.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WMIADAP.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\worm2007.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WUAUCLT.EXE.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]
Debugger=system.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\‎¾×çW†Œô‚s.exe]
Debugger=system.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a63bcc8-d899-11dd-bf70-bc47680dcfd5}]
AutoRun\command- G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
open\command- G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d9273c6-b7d2-11dd-848e-d8fe9d9a1d6f}]
AutoRun\command- G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
open\command- G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0a1e237-cd08-11dd-bf44-e7fd2bae9d60}]
AutoRun\command- G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe
open\command- G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1a4f220-88a0-11dd-8455-c3896a5ed2dd}]
Auto\command- auto2.pif
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto2.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1a4f3dc-88a0-11dd-8455-c3896a5ed2dd}]
Auto\command- G:\auto2.pif
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto2.pif
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5c048e9-ceb4-11dd-bf52-bc392ba9c499}]
AutoRun\command- G:\fppg1.exe
explore\Command- G:\fppg1.exe
open\Command- G:\fppg1.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{08B0E5C0-4FCB-11CF-AAX5-00401C608512}]
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ine32.exe

-- End of Deckard's System Scanner: finished at 2009-01-11 12:46:21 ------------

هذا تقرير جهازي....
ارجو شاكرا من الاخوة تحليل البيانات...ويخبروني شو فيه جهازي؟؟

dяăģôŋ · 11 يناير 2009

عذرا منك اخى الكريم على النقل للقسم الانسب
بارك الله فيك

MAAX · 11 يناير 2009

هلااا بك

ثبت ملف الاعدادات التالي على الكاسبر عندك
واعمل فحص كامل لجهازك
ثم ارفع تقرير جديد

ثبت ملف الاعدادات التالي

اعدادات الكاسبر انترنت سيكرتي ( 7 )

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

شرح التركيب

بعد تثبيتها اي رسالة تخرج نعمل لها سماح (allow )

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم

تفعيل اخر اصدار من برنامج عملاق تجميد النظام Faronics Deep Freeze Standard 9.0.20.5760

هذا تقرير جهازي

موران2002

زيزوومى فعال

توقيع : موران2002

dяăģôŋ

ذيبان

MAAX

عضوشرف

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

حصرياً الحل السحري لإصلاح جميع مشاكل ويندوز 10 و 11

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

تفعيل اخر اصدار من برنامج عملاق تجميد النظام Faronics Deep Freeze Standard 9.0.20.5760

هذا تقرير جهازي

موران2002

زيزوومى فعال

توقيع : موران2002

dяăģôŋ

ذيبان

MAAX

عضوشرف

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم