الفرشاطي 2010
زيزوومى مميز
غير متصل
شوفوا هالرسالة يالربع تظهر لي بين حين وآخر
وماني عارف كيفية التخلص منها وإصلاح
الخطأ الحاصل
اتمنى أحد يشوف لي حل جذري
- بادئ الموضوع الفرشاطي 2010
- تاريخ البدء
- 795
شوفوا هالرسالة يالربع تظهر لي بين حين وآخر
وماني عارف كيفية التخلص منها وإصلاح
الخطأ الحاصل
اتمنى أحد يشوف لي حل جذري
format
زيزوومي ماسى
غير متصل
و عليكم السلام و رحمة الله و بركته ...
حياك الله ...
أعمل التالي ...
حمل هذه الأداة ...
شغلها و روح على [ Do a system scan and save log ] ...
شوي و يعطيك تقرير داخل مفكرة ...
أنسخه كاملا ً ... و بشكل صحيح ...
و لصقه في ردك القادم ...
حياك الله ...
أعمل التالي ...
حمل هذه الأداة ...
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
شغلها و روح على [ Do a system scan and save log ] ...
شوي و يعطيك تقرير داخل مفكرة ...
أنسخه كاملا ً ... و بشكل صحيح ...
و لصقه في ردك القادم ...
توقيع : format
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
لاهنت اخي الفاضل
وتفضل هذا هو التقرير :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:27:40 م, on 01/06/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\aseer\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10956 bytes
وتفضل هذا هو التقرير :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:27:40 م, on 01/06/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\aseer\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10956 bytes
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
وينك فورمات
لازلت منتظر تواجدك انت وبقية المبدعين فلا تبخلوا عليّ
لازلت منتظر تواجدك انت وبقية المبدعين فلا تبخلوا عليّ
تأييد
0
KoNaMi
زيزوومى فضى
غير متصل
اخوي اعمل الاتي
عطل جميع برامج الحمايه
نزل هذه الاداة
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
عطل جميع برامج الحمايه
نزل هذه الاداة
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة
توقيع : KoNaMi
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
تفضل أخي الكريم
ComboFix 09-05-31.06 - aseer 06/02/2009 14:52.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.966.1025.18.3069.1957 [GMT 3:00]
Running from: c:\users\aseer\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2009-05-02 to 2009-06-02 )))))))))))))))))))))))))))))))
.
2009-05-30 09:57 . 2009-05-30 09:57 -------- d-----w- c:\users\aseer\AppData\Roaming\MessengerDiscovery 2
2009-05-30 09:57 . 2009-05-30 10:04 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-05-25 20:14 . 2009-05-25 20:14 -------- d-----w- c:\program files\FormatFactory
2009-05-23 10:42 . 2009-05-23 10:42 -------- d-----w- c:\program files\Quran Sound v1.1
2009-05-23 10:42 . 2009-05-23 10:42 -------- d-----w- c:\windows\Quran Sound v1.1
2009-05-22 19:58 . 2009-05-22 19:58 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-22 18:37 . 2009-05-22 18:55 -------- d-----w- c:\users\aseer\AppData\Local\NOS
2009-05-22 18:33 . 2009-05-23 19:56 -------- d-----w- c:\programdata\NOS
2009-05-22 18:33 . 2009-05-23 19:56 -------- d-----w- c:\program files\NOS
2009-05-22 08:31 . 2009-05-22 08:32 -------- d-----w- c:\programdata\WinZip
2009-05-21 12:03 . 2009-05-21 12:03 -------- d-----w- c:\users\aseer\AppData\Roaming\Media Player Classic
2009-05-21 12:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-21 12:00 . 2009-05-21 12:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-21 12:00 . 2009-05-21 12:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-21 12:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Real
2009-05-20 13:45 . 2009-05-20 13:45 -------- d-----w- c:\users\aseer\AppData\Local\Mozilla
2009-05-18 15:05 . 2009-05-18 15:05 -------- d-----w- c:\program files\Save Flash
2009-05-17 11:50 . 2009-05-17 11:50 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-05-16 18:57 . 2009-05-16 18:57 -------- d-----w- c:\users\aseer\AppData\Local\Real
2009-05-16 17:19 . 2009-05-16 17:19 -------- d-----w- c:\programdata\ACD Systems
2009-05-16 17:19 . 2009-05-16 17:19 -------- d-----w- c:\program files\ACD Systems
2009-05-16 17:08 . 2009-05-25 20:15 -------- d-----w- c:\users\aseer\AppData\Roaming\Desktopicon
2009-05-16 17:01 . 2009-05-16 17:01 -------- d-----w- c:\users\aseer\AppData\Roaming\Ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\users\aseer\AppData\Local\ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\programdata\ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\program files\Ashampoo
2009-05-16 16:55 . 2007-04-09 10:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-05-16 16:49 . 2009-05-16 16:49 -------- d-----w- c:\program files\Microsoft.NET
2009-05-16 16:39 . 2009-05-16 16:39 -------- d-----w- c:\users\aseer\AppData\Local\Seven Zip
2009-05-16 16:26 . 2007-05-22 08:02 163840 ----a-w- c:\windows\system32\unrar.dll
2009-05-16 16:25 . 2007-07-25 12:24 1559040 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-16 16:25 . 2007-04-22 23:15 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-05-16 16:25 . 2007-04-22 23:02 73728 ----a-w- c:\windows\system32\dpl100.dll
2009-05-16 16:25 . 2007-03-10 10:51 282624 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-16 16:25 . 2004-01-25 15:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-05-16 16:25 . 2007-07-29 14:51 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-16 16:25 . 2007-05-31 05:44 740442 ----a-w- c:\windows\system32\divx.dll
2009-05-16 16:25 . 2009-05-16 16:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-16 14:51 . 2007-03-22 10:46 126976 ----a-w- c:\users\aseer\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
2009-05-16 07:14 . 2008-09-03 03:59 468992 ----a-w- c:\windows\system32\newdev.dll
2009-05-16 07:14 . 2008-09-03 03:58 74752 ----a-w- c:\windows\system32\newdev.exe
2009-05-15 19:17 . 2009-05-15 19:17 -------- d-----w- c:\programdata\GRETECH
2009-05-15 19:16 . 2009-05-15 19:16 -------- d-----w- c:\users\aseer\AppData\Roaming\GRETECH
2009-05-15 19:16 . 2009-05-15 19:16 -------- d-----w- c:\program files\GRETECH
2009-05-15 19:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Common Files\Real
2009-05-15 18:54 . 2009-05-15 18:54 -------- d-----w- c:\program files\WinWatermark 2.2
2009-05-15 18:53 . 2009-05-15 18:53 -------- d-----w- c:\users\aseer\AppData\Roaming\Yahoo!
2009-05-15 18:53 . 2009-05-15 18:53 -------- d-----w- c:\programdata\Yahoo! Companion
2009-05-15 18:50 . 2009-05-16 17:20 -------- d-----w- c:\users\aseer\AppData\Local\ACD Systems
2009-05-15 18:50 . 2009-05-15 18:50 -------- d-----w- c:\users\aseer\AppData\Roaming\ACD Systems
2009-05-15 18:50 . 2009-05-15 18:50 -------- d-----w- c:\program files\Yahoo!
2009-05-15 18:50 . 2009-05-16 17:19 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-05-15 18:48 . 2009-05-16 17:18 -------- d-----w- c:\users\aseer\AppData\Local\Downloaded Installations
2009-05-15 15:20 . 2009-05-15 15:20 -------- d-----w- c:\programdata\Messenger Plus!
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\program files\Circl Developement
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-15 12:17 . 2009-06-01 16:29 -------- d-----w- c:\users\aseer\Tracing
2009-05-15 12:11 . 2009-05-15 12:11 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-15 12:09 . 2009-05-15 12:09 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-15 12:06 . 2009-05-15 12:06 -------- d-----w- c:\program files\Microsoft
2009-05-15 12:06 . 2009-05-15 12:06 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-15 12:06 . 2009-05-15 12:12 -------- d-----w- c:\program files\Windows Live
2009-05-15 11:51 . 2009-05-15 11:51 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-15 11:24 . 2009-05-15 11:24 44808 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-05-15 11:23 . 2009-05-15 11:23 33808 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-05-15 11:23 . 2009-05-15 11:23 224272 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\Vista\klif.sys
2009-05-15 11:23 . 2009-05-15 11:23 206088 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-05-15 11:00 . 2009-05-21 07:51 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-15 11:00 . 2009-05-21 07:51 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-15 10:59 . 2009-06-02 10:13 -------- d-----w- c:\programdata\Kaspersky Lab
2009-05-15 10:59 . 2009-05-15 10:59 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-15 10:59 . 2009-06-01 19:27 491552 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-15 10:59 . 2009-06-01 19:27 3275808 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-15 10:58 . 2009-05-15 10:58 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-05-15 10:28 . 2009-05-15 10:28 -------- d-----w- c:\users\aseer\AppData\Local\Microsoft Help
2009-05-14 15:48 . 2009-05-14 15:48 -------- d-----w- c:\windows\system32\ar
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\system32\wbem\ar-SA
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\ar-SA
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\system32\drivers\ar-SA
2009-05-14 02:30 . 2008-10-22 01:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-14 02:20 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-05-14 02:20 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-14 02:20 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-05-14 02:20 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-05-14 02:20 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-05-14 02:20 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-05-14 02:20 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-05-13 15:24 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-05-13 15:23 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-05-13 15:23 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-13 15:22 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-05-13 15:22 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-05-12 09:53 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-05-12 09:53 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-05-12 09:53 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-05-12 09:47 . 2008-11-01 03:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-05-12 09:47 . 2008-11-01 01:21 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-12 09:45 . 2008-12-05 04:32 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-05-12 09:45 . 2008-12-05 04:32 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-05-12 09:43 . 2009-05-12 08:02 -------- d-----w- c:\program files\Common Files\Toshiba Shared
2009-05-12 09:43 . 2009-02-13 08:49 1255936 ----a-w- c:\windows\system32\lsasrv.dll
2009-05-12 09:43 . 2009-02-13 08:49 72704 ----a-w- c:\windows\system32\secur32.dll
2009-05-12 09:43 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-05-12 09:43 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2009-05-12 09:43 . 2009-05-12 09:43 -------- d-----w- c:\program files\Camera Assistant Software for Toshiba
2009-05-12 09:43 . 2008-07-15 18:59 17960 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS
2009-05-12 09:41 . 2009-05-12 09:41 -------- d-----w- c:\windows\system32\ENU
2009-05-12 09:41 . 2008-05-02 16:53 1034776 ----a-w- c:\windows\system32\imsmudlg.exe
2009-05-12 09:41 . 2008-04-15 16:53 312344 ----a-w- c:\windows\system32\drivers\iaStor.sys
2009-05-12 09:41 . 2008-04-15 08:05 118784 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2009-05-12 09:33 . 2008-04-10 05:12 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-05-12 09:33 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll
2009-05-12 09:33 . 2008-09-10 03:40 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-05-12 09:33 . 2009-02-09 03:10 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-05-12 09:28 . 2009-05-23 19:59 -------- d-----w- c:\users\aseer\AppData\Local\Adobe
2009-05-12 09:21 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-05-12 09:21 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-05-12 09:21 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-05-12 09:21 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-05-12 09:20 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-05-12 09:20 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-05-12 09:20 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-05-12 09:20 . 2008-10-16 11:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-05-12 09:20 . 2008-10-16 10:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-05-12 08:21 . 2009-05-12 08:21 -------- d-----w- c:\users\aseer\AppData\Roaming\Toshiba
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 19:27 . 2009-05-15 10:59 4856 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-01 19:27 . 2009-05-15 10:59 28768 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-23 10:03 . 2008-07-01 15:13 -------- d-----w- c:\program files\Google
2009-05-22 18:54 . 2008-07-01 15:11 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-17 11:44 . 2008-07-01 15:18 -------- d-----w- c:\program files\Microsoft Works
2009-05-16 16:32 . 2008-07-01 15:16 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 19:33 . 2008-07-01 14:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-15 11:24 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-15 10:44 . 2008-07-01 15:08 -------- d-----w- c:\programdata\McAfee
2009-05-15 10:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-05-14 15:49 . 2009-05-14 15:49 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfd.dat
2009-05-14 15:49 . 2009-05-14 15:49 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfc.dat
2009-05-14 15:49 . 2009-05-14 15:49 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfi.dat
2009-05-14 15:49 . 2009-05-14 15:49 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfh.dat
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-05-14 15:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-14 15:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-05-12 09:46 . 2009-05-12 09:46 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_Satellite A300_08772-AR_PSAGCE-08300.MRK
2009-05-12 09:42 . 2009-05-12 09:42 -------- d-----w- c:\program files\ATI Technologies
2009-05-12 09:42 . 2009-05-12 09:42 0 ----a-w- c:\windows\ativpsrm.bin
2009-05-12 09:42 . 2009-05-12 09:42 -------- d-----w- c:\program files\ATI
2009-05-12 09:41 . 2008-07-01 14:29 -------- d-----w- c:\program files\Intel
2009-05-12 09:41 . 2009-02-05 17:39 -------- d-----w- c:\program files\Realtek
2009-05-12 08:01 . 2008-07-01 15:01 -------- d-----w- c:\programdata\Toshiba
2009-05-12 08:01 . 2008-07-01 14:49 -------- d-----w- c:\program files\Toshiba
2009-05-12 07:59 . 2008-08-04 07:34 82720 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-12 07:58 . 2009-05-12 07:58 -------- d-----w- c:\users\aseer\AppData\Roaming\InstallShield
2009-03-08 11:34 . 2009-05-15 10:25 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-15 10:25 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-15 10:25 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-15 10:25 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-15 10:25 109568 ----a-w- c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-15 10:25 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-15 10:25 132608 ----a-w- c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-15 10:25 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-15 10:25 103936 ----a-w- c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-15 10:25 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-15 10:25 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-15 10:25 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-15 10:25 66560 ----a-w- c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-15 10:25 169472 ----a-w- c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-15 10:25 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-15 10:25 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-15 10:25 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-15 10:25 156160 ----a-w- c:\windows\system32\msls31.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-01 29744]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-15 206088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-21 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NDSTray.exe"="NDSTray.exe" [BU]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-08 6037504]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-15 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-4-15 2979144]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/08 06:29 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/08 06:28 م 20496]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [17/04/08 02:19 ص 40960]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [24/04/08 12:21 م 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [03/12/07 07:03 م 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [01/07/08 05:58 م 7168]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/08 07:02 م 26640]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [01/07/08 05:48 م 3658752]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [25/08/08 11:58 ص 77824]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [23/05/09 10:56 م 33176]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [01/07/08 06:14 م 29744]
.
Contents of the 'Scheduled Tasks' folder
2009-06-02 c:\windows\Tasks\User_Feed_Synchronization-{4C638B71-464F-4D86-BA61-0E59251281F0}.job
- c:\windows\system32\msfeedssync.exe [2009-05-15 11:31]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
mStart Page = hxxp://home.sweetim.com
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} -
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} -
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-06-02 14:56
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-06-02 14:57
ComboFix-quarantined-files.txt 2009-06-02 11:57
Pre-Run: 145,371,193,344 bytes free
Post-Run: 145,817,624,576 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7
575 --- E O F --- 2009-06-02 10:19
ComboFix 09-05-31.06 - aseer 06/02/2009 14:52.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.966.1025.18.3069.1957 [GMT 3:00]
Running from: c:\users\aseer\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\x64
.
((((((((((((((((((((((((( Files Created from 2009-05-02 to 2009-06-02 )))))))))))))))))))))))))))))))
.
2009-05-30 09:57 . 2009-05-30 09:57 -------- d-----w- c:\users\aseer\AppData\Roaming\MessengerDiscovery 2
2009-05-30 09:57 . 2009-05-30 10:04 -------- d-----w- c:\program files\MessengerDiscovery 2
2009-05-25 20:14 . 2009-05-25 20:14 -------- d-----w- c:\program files\FormatFactory
2009-05-23 10:42 . 2009-05-23 10:42 -------- d-----w- c:\program files\Quran Sound v1.1
2009-05-23 10:42 . 2009-05-23 10:42 -------- d-----w- c:\windows\Quran Sound v1.1
2009-05-22 19:58 . 2009-05-22 19:58 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-22 18:37 . 2009-05-22 18:55 -------- d-----w- c:\users\aseer\AppData\Local\NOS
2009-05-22 18:33 . 2009-05-23 19:56 -------- d-----w- c:\programdata\NOS
2009-05-22 18:33 . 2009-05-23 19:56 -------- d-----w- c:\program files\NOS
2009-05-22 08:31 . 2009-05-22 08:32 -------- d-----w- c:\programdata\WinZip
2009-05-21 12:03 . 2009-05-21 12:03 -------- d-----w- c:\users\aseer\AppData\Roaming\Media Player Classic
2009-05-21 12:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Common Files\xing shared
2009-05-21 12:00 . 2009-05-21 12:00 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-05-21 12:00 . 2009-05-21 12:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-05-21 12:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Real
2009-05-20 13:45 . 2009-05-20 13:45 -------- d-----w- c:\users\aseer\AppData\Local\Mozilla
2009-05-18 15:05 . 2009-05-18 15:05 -------- d-----w- c:\program files\Save Flash
2009-05-17 11:50 . 2009-05-17 11:50 -------- d-----w- c:\programdata\Office Genuine Advantage
2009-05-16 18:57 . 2009-05-16 18:57 -------- d-----w- c:\users\aseer\AppData\Local\Real
2009-05-16 17:19 . 2009-05-16 17:19 -------- d-----w- c:\programdata\ACD Systems
2009-05-16 17:19 . 2009-05-16 17:19 -------- d-----w- c:\program files\ACD Systems
2009-05-16 17:08 . 2009-05-25 20:15 -------- d-----w- c:\users\aseer\AppData\Roaming\Desktopicon
2009-05-16 17:01 . 2009-05-16 17:01 -------- d-----w- c:\users\aseer\AppData\Roaming\Ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\users\aseer\AppData\Local\ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\programdata\ashampoo
2009-05-16 17:00 . 2009-05-16 17:00 -------- d-----w- c:\program files\Ashampoo
2009-05-16 16:55 . 2007-04-09 10:23 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-05-16 16:49 . 2009-05-16 16:49 -------- d-----w- c:\program files\Microsoft.NET
2009-05-16 16:39 . 2009-05-16 16:39 -------- d-----w- c:\users\aseer\AppData\Local\Seven Zip
2009-05-16 16:26 . 2007-05-22 08:02 163840 ----a-w- c:\windows\system32\unrar.dll
2009-05-16 16:25 . 2007-07-25 12:24 1559040 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-16 16:25 . 2007-04-22 23:15 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2009-05-16 16:25 . 2007-04-22 23:02 73728 ----a-w- c:\windows\system32\dpl100.dll
2009-05-16 16:25 . 2007-03-10 10:51 282624 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-16 16:25 . 2004-01-25 15:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2009-05-16 16:25 . 2007-07-29 14:51 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-16 16:25 . 2007-05-31 05:44 740442 ----a-w- c:\windows\system32\divx.dll
2009-05-16 16:25 . 2009-05-16 16:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-05-16 14:51 . 2007-03-22 10:46 126976 ----a-w- c:\users\aseer\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
2009-05-16 07:14 . 2008-09-03 03:59 468992 ----a-w- c:\windows\system32\newdev.dll
2009-05-16 07:14 . 2008-09-03 03:58 74752 ----a-w- c:\windows\system32\newdev.exe
2009-05-15 19:17 . 2009-05-15 19:17 -------- d-----w- c:\programdata\GRETECH
2009-05-15 19:16 . 2009-05-15 19:16 -------- d-----w- c:\users\aseer\AppData\Roaming\GRETECH
2009-05-15 19:16 . 2009-05-15 19:16 -------- d-----w- c:\program files\GRETECH
2009-05-15 19:00 . 2009-05-21 12:00 -------- d-----w- c:\program files\Common Files\Real
2009-05-15 18:54 . 2009-05-15 18:54 -------- d-----w- c:\program files\WinWatermark 2.2
2009-05-15 18:53 . 2009-05-15 18:53 -------- d-----w- c:\users\aseer\AppData\Roaming\Yahoo!
2009-05-15 18:53 . 2009-05-15 18:53 -------- d-----w- c:\programdata\Yahoo! Companion
2009-05-15 18:50 . 2009-05-16 17:20 -------- d-----w- c:\users\aseer\AppData\Local\ACD Systems
2009-05-15 18:50 . 2009-05-15 18:50 -------- d-----w- c:\users\aseer\AppData\Roaming\ACD Systems
2009-05-15 18:50 . 2009-05-15 18:50 -------- d-----w- c:\program files\Yahoo!
2009-05-15 18:50 . 2009-05-16 17:19 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-05-15 18:48 . 2009-05-16 17:18 -------- d-----w- c:\users\aseer\AppData\Local\Downloaded Installations
2009-05-15 15:20 . 2009-05-15 15:20 -------- d-----w- c:\programdata\Messenger Plus!
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\program files\Circl Developement
2009-05-15 13:04 . 2009-05-15 13:04 -------- d-----w- c:\program files\Messenger Plus! Live
2009-05-15 12:17 . 2009-06-01 16:29 -------- d-----w- c:\users\aseer\Tracing
2009-05-15 12:11 . 2009-05-15 12:11 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-05-15 12:09 . 2009-05-15 12:09 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-05-15 12:06 . 2009-05-15 12:06 -------- d-----w- c:\program files\Microsoft
2009-05-15 12:06 . 2009-05-15 12:06 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-05-15 12:06 . 2009-05-15 12:12 -------- d-----w- c:\program files\Windows Live
2009-05-15 11:51 . 2009-05-15 11:51 -------- d-----w- c:\program files\Common Files\Windows Live
2009-05-15 11:24 . 2009-05-15 11:24 44808 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\fssync.dll
2009-05-15 11:23 . 2009-05-15 11:23 33808 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\klbg.sys
2009-05-15 11:23 . 2009-05-15 11:23 224272 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\Vista\klif.sys
2009-05-15 11:23 . 2009-05-15 11:23 206088 ----a-w- c:\programdata\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.454\avp.exe
2009-05-15 11:00 . 2009-05-21 07:51 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-15 11:00 . 2009-05-21 07:51 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-15 10:59 . 2009-06-02 10:13 -------- d-----w- c:\programdata\Kaspersky Lab
2009-05-15 10:59 . 2009-05-15 10:59 -------- d-----w- c:\program files\Kaspersky Lab
2009-05-15 10:59 . 2009-06-01 19:27 491552 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-05-15 10:59 . 2009-06-01 19:27 3275808 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-05-15 10:58 . 2009-05-15 10:58 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-05-15 10:28 . 2009-05-15 10:28 -------- d-----w- c:\users\aseer\AppData\Local\Microsoft Help
2009-05-14 15:48 . 2009-05-14 15:48 -------- d-----w- c:\windows\system32\ar
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\system32\wbem\ar-SA
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\ar-SA
2009-05-14 15:48 . 2009-05-14 15:49 -------- d-----w- c:\windows\system32\drivers\ar-SA
2009-05-14 02:30 . 2008-10-22 01:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-14 02:20 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-05-14 02:20 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-14 02:20 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-05-14 02:20 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-05-14 02:20 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-05-14 02:20 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-05-14 02:20 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-05-13 15:24 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-05-13 15:23 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-05-13 15:23 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-13 15:22 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-05-13 15:22 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-05-12 09:53 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2009-05-12 09:53 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2009-05-12 09:53 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2009-05-12 09:47 . 2008-11-01 03:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-05-12 09:47 . 2008-11-01 01:21 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-12 09:45 . 2008-12-05 04:32 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-05-12 09:45 . 2008-12-05 04:32 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-05-12 09:43 . 2009-05-12 08:02 -------- d-----w- c:\program files\Common Files\Toshiba Shared
2009-05-12 09:43 . 2009-02-13 08:49 1255936 ----a-w- c:\windows\system32\lsasrv.dll
2009-05-12 09:43 . 2009-02-13 08:49 72704 ----a-w- c:\windows\system32\secur32.dll
2009-05-12 09:43 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-05-12 09:43 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2009-05-12 09:43 . 2009-05-12 09:43 -------- d-----w- c:\program files\Camera Assistant Software for Toshiba
2009-05-12 09:43 . 2008-07-15 18:59 17960 ----a-w- c:\windows\system32\drivers\UVCFTR_S.SYS
2009-05-12 09:41 . 2009-05-12 09:41 -------- d-----w- c:\windows\system32\ENU
2009-05-12 09:41 . 2008-05-02 16:53 1034776 ----a-w- c:\windows\system32\imsmudlg.exe
2009-05-12 09:41 . 2008-04-15 16:53 312344 ----a-w- c:\windows\system32\drivers\iaStor.sys
2009-05-12 09:41 . 2008-04-15 08:05 118784 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2009-05-12 09:33 . 2008-04-10 05:12 738304 ----a-w- c:\windows\system32\inetcomm.dll
2009-05-12 09:33 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll
2009-05-12 09:33 . 2008-09-10 03:40 1334272 ----a-w- c:\windows\system32\msxml6.dll
2009-05-12 09:33 . 2009-02-09 03:10 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-05-12 09:28 . 2009-05-23 19:59 -------- d-----w- c:\users\aseer\AppData\Local\Adobe
2009-05-12 09:21 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-05-12 09:21 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-05-12 09:21 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-05-12 09:21 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-05-12 09:20 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-05-12 09:20 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-05-12 09:20 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-05-12 09:20 . 2008-10-16 11:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-05-12 09:20 . 2008-10-16 10:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-05-12 08:21 . 2009-05-12 08:21 -------- d-----w- c:\users\aseer\AppData\Roaming\Toshiba
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 19:27 . 2009-05-15 10:59 4856 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-01 19:27 . 2009-05-15 10:59 28768 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-05-23 10:03 . 2008-07-01 15:13 -------- d-----w- c:\program files\Google
2009-05-22 18:54 . 2008-07-01 15:11 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-17 11:44 . 2008-07-01 15:18 -------- d-----w- c:\program files\Microsoft Works
2009-05-16 16:32 . 2008-07-01 15:16 -------- d-----w- c:\programdata\Microsoft Help
2009-05-15 19:33 . 2008-07-01 14:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-15 11:24 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-05-15 10:44 . 2008-07-01 15:08 -------- d-----w- c:\programdata\McAfee
2009-05-15 10:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-05-14 15:49 . 2009-05-14 15:49 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfd.dat
2009-05-14 15:49 . 2009-05-14 15:49 41018 ----a-w- c:\windows\inf\PERFLIB\0401\perfc.dat
2009-05-14 15:49 . 2009-05-14 15:49 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfi.dat
2009-05-14 15:49 . 2009-05-14 15:49 285290 ----a-w- c:\windows\inf\PERFLIB\0401\perfh.dat
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-05-14 15:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-05-14 15:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-05-14 15:48 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-05-12 09:46 . 2009-05-12 09:46 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_Satellite A300_08772-AR_PSAGCE-08300.MRK
2009-05-12 09:42 . 2009-05-12 09:42 -------- d-----w- c:\program files\ATI Technologies
2009-05-12 09:42 . 2009-05-12 09:42 0 ----a-w- c:\windows\ativpsrm.bin
2009-05-12 09:42 . 2009-05-12 09:42 -------- d-----w- c:\program files\ATI
2009-05-12 09:41 . 2008-07-01 14:29 -------- d-----w- c:\program files\Intel
2009-05-12 09:41 . 2009-02-05 17:39 -------- d-----w- c:\program files\Realtek
2009-05-12 08:01 . 2008-07-01 15:01 -------- d-----w- c:\programdata\Toshiba
2009-05-12 08:01 . 2008-07-01 14:49 -------- d-----w- c:\program files\Toshiba
2009-05-12 07:59 . 2008-08-04 07:34 82720 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-12 07:58 . 2009-05-12 07:58 -------- d-----w- c:\users\aseer\AppData\Roaming\InstallShield
2009-03-08 11:34 . 2009-05-15 10:25 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-15 10:25 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-15 10:25 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-15 10:25 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-15 10:25 109568 ----a-w- c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-15 10:25 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-15 10:25 132608 ----a-w- c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-15 10:25 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-15 10:25 103936 ----a-w- c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-05-15 10:25 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-15 10:25 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-15 10:25 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-15 10:25 66560 ----a-w- c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-15 10:25 169472 ----a-w- c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-15 10:25 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-15 10:25 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-15 10:25 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-15 10:25 156160 ----a-w- c:\windows\system32\msls31.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-01 29744]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-04-26 716800]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-03-19 716800]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-05-15 206088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-21 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NDSTray.exe"="NDSTray.exe" [BU]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-08 6037504]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-5-15 113664]
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-4-15 2979144]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-9-10 525664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/08 06:29 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/08 06:28 م 20496]
R2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [17/04/08 02:19 ص 40960]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [24/04/08 12:21 م 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [03/12/07 07:03 م 126976]
R3 FwLnk;FwLnk Driver;c:\windows\System32\drivers\FwLnk.sys [01/07/08 05:58 م 7168]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/08 07:02 م 26640]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [01/07/08 05:48 م 3658752]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [25/08/08 11:58 ص 77824]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [23/05/09 10:56 م 33176]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [01/07/08 06:14 م 29744]
.
Contents of the 'Scheduled Tasks' folder
2009-06-02 c:\windows\Tasks\User_Feed_Synchronization-{4C638B71-464F-4D86-BA61-0E59251281F0}.job
- c:\windows\system32\msfeedssync.exe [2009-05-15 11:31]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
SafeBoot-procexp90.Sys
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
mStart Page = hxxp://home.sweetim.com
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
Rootkit scan 2009-06-02 14:56
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
[HKEY_USERS\S-1-5-21-839775868-1294054773-772954730-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2009-06-02 14:57
ComboFix-quarantined-files.txt 2009-06-02 11:57
Pre-Run: 145,371,193,344 bytes free
Post-Run: 145,817,624,576 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7
575 --- E O F --- 2009-06-02 10:19
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
ولايهمك اخي الفاضل تفضل :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:35:48 م, on 02/06/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\Explorer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\aseer\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10566 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:35:48 م, on 02/06/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\Explorer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\aseer\Desktop\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10566 bytes
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
اين انت اخوي فورمات
تم وضع هايجك حديث ولازلت انتظر تواجدك وافادتك انت وبقية المبدعين
تم وضع هايجك حديث ولازلت انتظر تواجدك وافادتك انت وبقية المبدعين
تأييد
0
format
زيزوومي ماسى
غير متصل
قم بحذف التالي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} -
يجب عليك
تسجيل الدخول
او
تسجيل لمشاهدة الرابط المخفي
(file missing)O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
توقيع : format
تأييد
0
الفرشاطي 2010
زيزوومى مميز
غير متصل
بارك الله فيكم ووفقكم لكل خير وشاكر لكم جميعًا
على تواجدكم وافادتكم
على تواجدكم وافادتكم
تأييد
0