كيف اجعل الافيرا انتي فايروس مفتوح دائما ؟؟

  • بادئ الموضوع بادئ الموضوع flower girl
  • تاريخ البدء تاريخ البدء
  • المشاهدات 2,194
F

flower girl

زيزوومي نشيط
إنضم
30 يناير 2009
المشاركات
147
مستوى التفاعل
0
النقاط
170
غير متصل
السلام عليكم ورحمه الله وبركاته


انا حملت برنامج الافيرا انتي فايروس

لكنه مقفل للتوضيح هذا رمزه في شريط المهام
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


انا ابيه يكون شغال على طوول

ياليت تفهمون طلبي

لكم الشكر
 

توقيع : flower girl
ترتيب حسب التاريخ ترتيب حسب الأصوات
ComboFix 09-05-06.05 - Al Muqbil 05/07/2009 11:34.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.1913.1307 [GMT 3:00]
Running from: c:\documents and settings\Al Muqbil\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated)
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2009-04-07 to 2009-05-07 )))))))))))))))))))))))))))))))
.
2009-05-07 03:36 . 2009-05-07 03:36 -------- d-----w c:\documents and settings\Al Muqbil\Application Data\Avira
2009-05-07 03:17 . 2009-05-07 03:17 -------- d-----w c:\windows\LastGood
2009-05-07 03:17 . 2009-05-07 03:17 -------- d-----w c:\program files\Avira
2009-05-07 02:28 . 2009-03-24 13:08 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-04-25 22:57 . 2009-04-25 22:58 -------- d-----w c:\documents and settings\Al Muqbil\Application Data\GetRightToGo
2009-04-17 14:51 . 2009-04-17 14:51 -------- d-----w c:\program files\Common Files\PCSuite
2009-04-17 14:51 . 2009-04-17 14:51 -------- d-----w c:\program files\Common Files\Nokia
2009-04-17 14:50 . 2008-08-26 07:26 18816 ----a-w c:\windows\system32\drivers\pccsmcfd.sys
2009-04-17 14:50 . 2009-04-17 14:50 -------- d-----w c:\program files\PC Connectivity Solution
2009-04-14 13:02 . 2009-05-07 03:17 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-04-11 16:28 . 2008-07-08 11:54 148496 ----a-w c:\windows\system32\drivers\92840021.sys
2009-04-11 12:10 . 2008-07-08 11:54 148496 ----a-w c:\windows\system32\drivers\18787764.sys
2009-04-11 10:57 . 2008-07-08 11:54 148496 ----a-w c:\windows\system32\drivers\54443452.sys
2009-04-11 06:25 . 2008-07-08 11:54 148496 ----a-w c:\windows\system32\drivers\00792056.sys
2009-04-11 05:52 . 2009-05-07 08:37 54083616 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-10 19:28 . 2009-04-10 19:28 -------- d-----w c:\documents and settings\Al Muqbil\Application Data\Ahead
2009-04-08 14:06 . 2009-04-08 14:06 -------- d-----w c:\program files\iVocalize Web Conference 4
2009-04-08 12:06 . 2009-04-08 12:06 -------- d-----w c:\program files\Ask Search Assistant
2009-04-07 18:53 . 2009-04-07 18:53 1175700 ----a-w c:\windows\system32\RainySs.scr
2009-04-07 18:53 . 2009-04-07 18:53 -------- d-----w c:\program files\Rainy Screensaver
2009-04-07 18:51 . 2008-03-28 14:08 458752 ----a-w c:\windows\system32\3Planesoft_Screensaver_Manager.scr
2009-04-07 18:51 . 2009-04-07 18:51 -------- d-----w c:\windows\system32\3Planesoft
2009-04-07 18:51 . 2009-04-07 18:51 -------- d-----w c:\program files\3Planesoft Screensaver Manager
2009-04-07 18:51 . 2008-03-31 08:59 3034624 ----a-w c:\windows\system32\The Lost Watch 3D Screensaver.exe
2009-04-07 18:51 . 2008-03-28 15:40 855552 ----a-w c:\windows\system32\The_Lost_Watch_3D_Screensaver.scr
2009-04-07 18:51 . 2009-04-07 18:51 -------- d-----w c:\program files\The Lost Watch 3D Screensaver
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-07 03:13 . 2009-04-11 05:52 623912 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-01 16:48 . 2009-03-09 20:19 77776 ----a-w c:\documents and settings\Al Muqbil\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-17 14:51 . 2009-03-09 15:44 -------- d-----w c:\program files\Nokia
2009-04-14 12:49 . 2009-03-09 15:07 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-08 12:06 . 2009-03-09 20:20 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-08 12:06 . 2009-03-09 20:16 -------- d-----w c:\program files\MSN Messenger
2009-04-07 22:58 . 2009-03-09 12:58 -------- d-----w c:\program files\Common Files\InstallShield
2009-04-07 22:58 . 2009-03-09 12:58 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-05 23:13 . 2009-04-05 23:13 -------- d-----w c:\program files\SigmaTel
2009-04-05 22:36 . 2009-04-05 22:36 90112 ----a-w c:\windows\system32\agsaami.dll
2009-04-05 22:36 . 2009-04-05 22:36 610304 ----a-w c:\windows\system32\agsaamg.dll
2009-04-05 22:36 . 2009-04-05 22:36 2535424 ----a-w c:\windows\system32\agsaamj.dll
2009-04-05 22:36 . 2009-04-05 22:36 1986560 ----a-w c:\windows\system32\akll.dll
2009-04-05 22:36 . 2009-04-05 22:36 196608 ----a-w c:\windows\system32\maag.dll
2009-04-05 22:36 . 2009-04-05 22:36 1245184 ----a-w c:\windows\system32\bkll.dll
2009-04-05 22:36 . 2009-04-05 22:36 1212416 ----a-w c:\windows\system32\ckll.dll
2009-04-05 22:36 . 2009-04-05 22:36 372736 ----a-w c:\windows\system32\agsaamc.dll
2009-04-05 22:36 . 2009-04-05 22:36 -------- d-----w c:\program files\Real_SC
2009-03-27 17:46 . 2009-03-09 13:16 -------- d-----w c:\program files\Golden Al-Wafi Translator
2009-03-21 23:43 . 2009-03-21 23:43 -------- d-----w c:\program files\Wireless WEP Key Password Spy
2009-03-17 19:02 . 2009-03-17 19:02 -------- d-----w c:\program files\VirtualDJ
2009-03-16 01:42 . 2009-03-16 01:42 -------- d-----w c:\program files\Circle Deelopement
2009-03-11 16:33 . 2009-03-11 15:15 -------- d-----w c:\program files\Microsoft
2009-03-11 16:29 . 2009-03-09 20:20 -------- d-----w c:\program files\Windows Live
2009-03-11 15:14 . 2009-03-11 15:14 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-11 12:54 . 2009-03-11 12:54 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 21:58 . 2009-03-09 21:57 -------- d-----w c:\program files\Java
2009-03-09 21:48 . 2009-03-09 21:48 -------- d-----w c:\program files\Common Files\Java
2009-03-09 20:20 . 2009-03-09 20:20 -------- d-----w c:\program files\Circl Developement
2009-03-09 16:32 . 2009-03-09 16:32 203776 ----a-w c:\windows\system32\clrviddc.dll
2009-03-09 16:31 . 2009-03-09 16:31 -------- d-----w c:\program files\Common Files\xing shared
2009-03-09 16:31 . 2009-03-09 15:27 -------- d-----w c:\program files\Common Files\Real
2009-03-09 16:31 . 2003-02-21 17:42 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-03-09 15:44 . 2009-03-09 15:44 -------- d-----w c:\program files\DIFX
2009-03-09 15:44 . 2009-03-09 15:43 -------- d-----w c:\program files\DivX
2009-03-09 15:43 . 2009-03-09 15:43 -------- d-----w c:\program files\K-Lite Codec Pack
2009-03-09 15:28 . 2009-03-09 15:26 -------- d-----w c:\program files\Common Files\Adobe
2009-03-09 15:27 . 2009-03-09 15:27 -------- d-----w c:\program files\Real
2009-03-09 15:26 . 2009-03-09 15:26 -------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-03-09 15:15 . 2009-03-09 15:15 -------- d-----w c:\program files\Microsoft Works
2009-03-09 14:52 . 2009-03-09 14:31 -------- d-----w c:\program files\CONEXANT
2009-03-09 13:25 . 2009-03-09 13:24 -------- d-----w c:\program files\Nero
2009-03-09 13:25 . 2009-03-09 13:24 -------- d-----w c:\program files\Common Files\Ahead
2009-03-09 13:22 . 2009-03-09 13:22 -------- d-----w c:\program files\Common Files\Macromedia
2009-03-09 13:16 . 2009-03-09 13:16 172032 ------w c:\windows\Setup1.exe
2009-03-09 13:16 . 2009-03-09 13:16 73216 ----a-w c:\windows\ST6UNST.EXE
2009-03-09 13:15 . 2009-03-09 06:28 166455 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-03-09 13:13 . 2009-03-09 12:59 -------- d-----w c:\program files\Intel
2009-03-09 13:12 . 2009-03-09 13:12 -------- d-----w c:\program files\O2Micro Flash Memory Card Driver
2009-03-09 13:09 . 2009-03-09 12:58 -------- d-----w c:\program files\TOSHIBA
2009-03-09 13:08 . 2009-03-09 13:08 -------- d-----w c:\program files\REALTEK RTL8187B Wireless LAN Driver
2009-03-09 13:08 . 2009-03-09 13:08 -------- d-----w c:\program files\Camera Assistant Software for Toshiba
2009-03-09 13:07 . 2009-03-09 13:07 -------- d-----w c:\program files\Synaptics
2009-03-09 13:06 . 2009-03-09 13:06 -------- d-----w c:\program files\Marvell
2009-03-09 06:29 . 2009-03-09 06:29 -------- d-----w c:\program files\microsoft frontpage
2009-03-09 06:28 . 2006-02-28 12:00 67 --sha-w c:\windows\Fonts\desktop.ini
2009-03-09 06:26 . 2009-03-09 06:26 21640 ----a-w c:\windows\system32\emptyregdb.dat
2009-02-09 04:37 . 2009-03-09 15:44 91136 ----a-w c:\windows\system32\nmwcdcls.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-02-28 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-09 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-09 141848]
"Toshiba Hotkey Utility"="c:\program files\Toshiba\Windows Utilities\Hotkey.exe" [2008-05-09 1773568]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-09-09 1024000]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-04-29 417792]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2008-12-19 83336]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-09 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-02-28 15360]
c:\documents and settings\Al Muqbil\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-12-18 2360648]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-3-9 389120]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\00hoeav.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\0w.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6fnlpetp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\6x8be16.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2cmd.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2free.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2service.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\a2upd.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\abk.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Adobe Gamma Loader.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\algsrvs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\algssl.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Angry.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\antihost.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ANTS.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apu-0607g.xml]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\apu.stt]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\APVXDwinxp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashDisp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashEnhcd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashLogV.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashMaiSv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashPopWz.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashQuick.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashServ.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashSkPcc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashUpd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ashWebSv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswBoot.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswRegSvr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\aswUpdSv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.bin]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Autorun.ini]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.reg]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.txt]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorun.wsh]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\autorunsc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\AvastSS.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Avciman.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgamsvr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgcc32.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgemc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgrsx.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgscan.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgserv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avgupsvc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avltd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avmailc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avzkrnl.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad1.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad2.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bad3.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdsubwiz.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BDSurvey.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\BIOSREAD.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caiss.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\caissdt.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\catcache.dat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cauninst.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavApp.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cavasm.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavAUD.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVCmd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVCtx.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavEmSrv.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavmr.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavMUD.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavoar.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavQ.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVRep.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVRid.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVSCons.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cavse.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavSn.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavSub.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CAVSubmit.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavUMAS.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CavUserUpd.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Cavvl.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CEmRep.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahcomm.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahrule.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ckahum.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\clldr.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\CMain.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\copy.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\curidsbase.kdz]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\destrukto.vbs]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DF5Serv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\diffs.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drvins32.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drweb32w.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drweb386.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwebwcl.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwreg.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\drwtsn32.exe]
"Debugger"=c:\windows\system32\wscript.exe /E:vbs c:\windows\system32\winjpg.jpg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\dwwinxp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\e.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\e9ehn1m8.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\edb.chk]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\EMDISK.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\f0.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FileKan.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\flashy.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPAVServer.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FProtTray.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fpscan.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fptrayproc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FPwinxp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Frameworkservice.EXE ]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\FrzState2k.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fs6519.dll.vbs]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fssf.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fssync.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\fun.xls.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\g2pfnid.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\GetSI.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxkickoff.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxkickoff_x64.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxservice.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\guardxup.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\h3.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\hookinst.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\host.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\i.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Identity.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iefqwp.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\IEShow.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ij.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\InstallCAVS.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\InstLsp.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iSafe.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iSafInst.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kav.bav]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kavbase.kdl]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ker.vbs]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\KeyMgr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\killVBS.vbs]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\kl1.sys]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klavemu.kdl]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klbg.cat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klbg.sys]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klif.cat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klif.sys]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\klim5.sys]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\licmgr.ex]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\licreg.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\lky.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\m2nl.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcappins.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcaupdate.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcinfo.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcmnhdlr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcregwiz.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcupdui.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsftsn.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mcvsmap.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msdos.pif]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msfir80.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\MSGrc32.vbs]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msime80.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msizap.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msmsgs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcm80.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcp80.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcr71.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\msvcr80.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mzvkbd.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\mzvkbd3.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\naiavfin.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\netcfg.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\new folder.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\njibyekk.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\olb1iimw.bat]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\OnAccessInstaller.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Pagent.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Pagentwd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavFnSvr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pavprsrv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PavReport.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsAuxs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsSvc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pctsTray.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\preupd.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\prloader.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\PSHost.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\pskmssvc.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\QtnMaint.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rcukd.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\reload.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescue32.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rescuecd.zip]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\rose.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sal.xls.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVHOST.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scvhosts.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVHSOT.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVVHOST.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\scvvhosts.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SCVVHSOT.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SendLogs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\session.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SocksA.ex]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOCFG.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOLITE.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOSCAN.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\SOLOSENT.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\spidercpl.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ssvichosst.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\sxs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\system.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\temp.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\temp2.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\toy.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\TPSrv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\uiscan.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\unp_test.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\update.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\updater.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UPSDbMaker.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\userdump.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\UUpd.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\v.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32Act.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32arkit.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32ECM.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32ifs.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vba32ldr.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32PP3.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Vba32Qtn.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcmserv.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbcons.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbglobal.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbimport.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbinst.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbscan.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vbsystry.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VetMsg.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\virusutilities.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\VisthAux.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\vsmon.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WEBPROXY.EXE]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\whi.com]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WinGrc32.dll]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WrAdmin.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\WrCtrl.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\wsctool.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\yannh.cmd]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\ybj8df.exe]
"Debugger"=c:\windows\system32\winxp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
R1 is-3NIMSdrv;is-3NIMSdrv;c:\windows\system32\drivers\54443452.sys [11/04/2009 01:57 م 148496]
R1 is-KU2T5drv;is-KU2T5drv;c:\windows\system32\drivers\00792056.sys [11/04/2009 09:25 ص 148496]
R1 is-P7H15drv;is-P7H15drv;c:\windows\system32\drivers\18787764.sys [11/04/2009 03:10 م 148496]
R1 is-QPOQRdrv;is-QPOQRdrv;c:\windows\system32\drivers\92840021.sys [11/04/2009 07:28 م 148496]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [07/05/2009 06:17 ص 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [07/05/2009 06:17 ص 432897]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDAud.sys [05/03/2009 04:57 م 732160]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [09/03/2009 04:12 م 51160]
R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [29/05/2007 10:01 ص 6912]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [09/03/2009 04:08 م 288000]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [07/05/2009 06:17 ص 194817]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - ANTIVIRMAILSERVICE
*NewlyCreated* - ANTIVIRSCHEDULERSERVICE
*NewlyCreated* - ANTIVIRSERVICE
*NewlyCreated* - ANTIVIRWEBSERVICE
*NewlyCreated* - AVGIO
*NewlyCreated* - AVGNTFLT
*NewlyCreated* - AVIPBB
*NewlyCreated* - SSMDRV
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b7f3a8c-39b3-11de-978f-00037a985dcf}]
\shelL\AutOplay\COMMaNd - G:\bsjwb.exe
\shelL\AutoRun\command - G:\bsjwb.exe
\shelL\eXplOrE\CommaNd - G:\bsjwb.exe
\shelL\open\cOMmanD - G:\bsjwb.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92c8ab86-0fe2-11de-96d8-002163a32d4b}]
\Shell\AutoRun\command - I:\cb.exe
\Shell\open\Command - I:\cb.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a196ae6b-2565-11de-9742-002163a32d4b}]
\Shell\AutoRun\command - eaywxx.cmd
\Shell\open\Command - eaywxx.cmd
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ccf6911f-0f5c-11de-96d7-00037a985dcf}]
\Shell\AutoRun\command - G:\tjjqtejq.bat
\Shell\open\Command - G:\tjjqtejq.bat
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-cdoosoft - c:\windows\system32\olhrwef.exe
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = <local>
IE: ت&صدير إلى Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-07 11:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(5432)
c:\windows\system32\msi.dll
.
Completion time: 2009-05-07 11:38
ComboFix-quarantined-files.txt 2009-05-07 08:38
ComboFix2.txt 2009-04-11 15:11
ComboFix3.txt 2009-04-11 04:42
Pre-Run: 42,275,745,792 bytes free
Post-Run: 42,331,246,592 bytes free
697
 
توقيع : flower girl
تأييد 0
طيب ذحين جربي حدثي البرنامج (( رجعي الصح للبرنامج ))
 
توقيع : البارون
تأييد 0
ظهرت لي نفس الرساله السابقه لما سويت له تحديث
 
توقيع : flower girl
تأييد 0
توقيع : البارون
تأييد 0
لو سمحت اخوي بس بسأل اخر نقطه في الاداة

بعد الضغط ع الادواة المتقدمه وانفتحت النافذه اضغط على
sfc purge و sfc scan فقط ؟؟

يعني ما اسوي شي بالكلام اللي فوق ؟
 
توقيع : flower girl
تأييد 0
انا اقصد الادواة المتقدمه

مافيها صح

يعني اختار اللي ابي واضغط قو

ثم اعيد الحركه نفسها في باقي الادواة
 
توقيع : flower girl
تأييد 0
لا اذا فتحتي الاداة تجي علامة صح اخضر في اخرها اضغطيها وبعدين go
 
توقيع : البارون
تأييد 0
انا فاهمه قصدك

لكني اقصد النقطه اللي بعدها اللي هي الادواة المتقدمه

اضغط على كل واحد واسوي له sfc purge و sfc scan ؟.؟
 
توقيع : flower girl
تأييد 0
لا تستخدمين الادوات المتقدمة خليكي في واجة البرنامج الرئسية
 
توقيع : البارون
تأييد 0
طيب انا سويت اللي موضح في الشرح اللي في واجهة البرنامج

لكني ما عدلت شي في الادوات المتقدمه

طيب الحين وش اسوي ؟
 
توقيع : flower girl
تأييد 0
يعني خلاص اقفل الاداة ؟؟
 
توقيع : flower girl
تأييد 0
والله مافيه جربت كل الحلول طيب هاتي تقرير >>>>> الخطوة الاخيرة
 
توقيع : البارون
تأييد 0
من وين اجيب التقرير؟
 
توقيع : flower girl
تأييد 0
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

OR
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


شغل البرنامج ==> واضغط على

Do a system scan and save log

لحظات .. ويظهر لك تقرير داخل المفكرة ==> انسخه والصقه بردك القادم
 
توقيع : البارون
تأييد 0
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:23:51 م, on 07/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Documents and Settings\Al Muqbil\Desktop\Dial-a-fix شرح.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 ME\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Toshiba Hotkey Utility] "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang en
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: is-3NIMS.lnk = C:\Documents and Settings\Al Muqbil\My Documents\Virus Removal Tool\is-3NIMS\startup.exe
O4 - Startup: is-KU2T5.lnk = C:\Documents and Settings\Al Muqbil\My Documents\Virus Removal Tool\is-KU2T5\startup.exe
O4 - Startup: is-P7H15.lnk = C:\Documents and Settings\Al Muqbil\My Documents\Virus Removal Tool\is-P7H15\startup.exe
O4 - Startup: is-QPOQR.lnk = C:\Documents and Settings\Al Muqbil\My Documents\Virus Removal Tool1\is-QPOQR\startup.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: ت&صدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 7665 bytes
 
توقيع : flower girl
تأييد 0
التقرير سليم

حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


ثبته على الجهاز ،، ثم شغله واعمل كما الشرح التالي لفحص الجهاز وعمل تقرير

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


وبعد انتهاء الفحص اعمل التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي


انسخ ما بداخل التقرير والصقه بمشاركتك القادمة
 
توقيع : البارون
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى