مشكلة مع الانتي فايروس

لولوتش · 23 يناير 2010

انتي فايروس الافيرا اختفى من اسفل الشاشة ارجو المساعدة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Technology G!rl · 23 يناير 2010

بسيطة ياخوي

رايت كليك على شريط إبدأ

ثم

خصائص

ثم

شريط المهام ثم تخصيص

ورح تجد كل الرموز اللي في شريط المهام
ورح تلقى برنامج الحماية عندك واعمل له اظهار دوماً

واعد تشغيل الجهاز ورح يظهر

لولوتش · 23 يناير 2010

المشكلة انو مش موجود مع باقي البرامج علشان اعمله اظار دوما

Technology G!rl · 23 يناير 2010

من متى هالمشكلة من زمان ؟؟

اعد تشغيل الجهاز وجرب

لولوتش · 23 يناير 2010

مش من زمان المشكلة بدأت اليوم
انا حاولت اعمل اعادة تشغيل بس للاسف ما في فايدة
وانا عن جد بشكرك لانك وقفتي معي اليوم وخاصة انها المرة الثانية:b:

Technology G!rl · 23 يناير 2010

^
^
فرصة سعيدة فيك ههه

ان شالله بس حلينا مشكلتك المرا الأولى ؟

Technology G!rl · 23 يناير 2010

حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

بعدها اغلق جميع البرامج وخصوصا الانترنت اكسبلورر والماسنجر
شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

لولوتش · 23 يناير 2010

بجهودك راح تنحل اي مشكله

k:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:38:43 AM, on 12/21/2006
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\oobe\regerror\sidebar\rainmeter.exe
C:\WINDOWS\system32\oobe\regerror\dock\Dock.exe
C:\WINDOWS\system32\oobe\regerror\styler\styler.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
F:\برامج\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IDMan.exe
F:\برامج\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEMonitor.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\abood\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\verclsid.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

F2 - REG:system.ini: Shell=Explorer.exe
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\E?C??\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IDMIECC.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\WINDOWS\system32\oobe\regerror\styler\TB\StylerTB.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualToolTip\VisualToolTip.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\abood\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [IDMan] F:\E?C??\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: 1.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: styler.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: dock.lnk = C:\WINDOWS\system32\oobe\regerror\dock\Dock.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: rainmeter.lnk = ? (User 'SYSTEM')
O4 - S-1-5-18 Startup: VisualToolTip.lnk = C:\Program Files\VisualToolTip\VisualToolTip.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Welcome Center.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: 1.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: styler.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: dock.lnk = C:\WINDOWS\system32\oobe\regerror\dock\Dock.exe (User 'Default user')
O4 - .DEFAULT Startup: rainmeter.lnk = ? (User 'Default user')
O4 - .DEFAULT Startup: VisualToolTip.lnk = C:\Program Files\VisualToolTip\VisualToolTip.exe (User 'Default user')
O4 - .DEFAULT Startup: Welcome Center.lnk = ? (User 'Default user')
O4 - Startup: styler.lnk = ?
O4 - Startup: 1.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all links with IDM - F:\E?C??\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - F:\E?C??\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - F:\E?C??\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: EI??? ??C ?? C??I??E - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &EI??? ??C ?? Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: II?E E?I?E Google (gupdate1ca536447bd568a) (gupdate1ca536447bd568a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9891 bytes

Technology G!rl · 23 يناير 2010

شكرا لك :b:

اها يظهر من التقرير ان برنامج الحماية عندك الأفيرا,,,

Technology G!rl · 23 يناير 2010

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

شرح تعطيل الافيرا

مقدم من

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

الطريقة الاولى ::

الطريقة الثانية ::

فتح الواجهة الرئيسية للبرنامج وعمل مثل ما في الصورة

لولوتش · 23 يناير 2010

طيب وشو الحل يا حلوه

Technology G!rl · 23 يناير 2010

استخدم هذا مهم

عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة

لولوتش · 23 يناير 2010

واخيرا خلص وهاي التقرير

ComboFix 10-01-21.08 - abood 12/21/2006 5:07.1.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.962.1033.18.247.52 [GMT 4.5:30]
Running from: c:\documents and settings\abood\My Documents\Downloads\Programs\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Default User.WINDOWS\Start Menu\Programs\Startup\rainmeter.lnk
c:\windows\Autorun Remover\1.exe
c:\windows\Autorun Remover\2.exe
c:\windows\Autorun Remover\3.exe
c:\windows\loadersys.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\1.exe
c:\windows\system32\4.exe
c:\windows\system32\config\systemprofile\Start Menu\Programs\Startup\rainmeter.lnk
c:\windows\system32\prnqctl.vbs

c:\windows\regedit.exe . . . is infected!!

c:\windows\system32\midimap.dll . . . is infected!!

c:\windows\system32\msgsvc.dll . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

Infected copy of c:\windows\winhlp32.exe was found and disinfected
Restored copy from - c:\windows\system32\winhlp32.exe

c:\windows\NOTEPAD.EXE . . . is infected!!

c:\windows\system32\ahui.exe . . . is infected!!

c:\windows\system32\clipsrv.exe . . . is infected!!

c:\windows\system32\cmd.exe . . . is infected!!

c:\windows\system32\cmdl32.exe . . . is infected!!

c:\windows\system32\cmmon32.exe . . . is infected!!

c:\windows\system32\cmstp.exe . . . is infected!!

c:\windows\system32\conime.exe . . . is infected!!

c:\windows\system32\ctfmon.exe . . . is infected!!

c:\windows\system32\ddeshare.exe . . . is infected!!

c:\windows\system32\dpvsetup.exe . . . is infected!!

c:\windows\system32\dxdiag.exe . . . is infected!!

c:\windows\system32\eudcedit.exe . . . is infected!!

c:\windows\system32\fsquirt.exe . . . is infected!!

c:\windows\system32\grpconv.exe . . . is infected!!

c:\windows\system32\iexpress.exe . . . is infected!!

c:\windows\system32\magnify.exe . . . is infected!!

c:\windows\system32\mmc.exe . . . is infected!!

c:\windows\system32\mobsync.exe . . . is infected!!

c:\windows\system32\msiexec.exe . . . is infected!!

c:\windows\system32\narrator.exe . . . is infected!!

c:\windows\system32\nslookup.exe . . . is infected!!

c:\windows\system32\ntbackup.exe . . . is infected!!

c:\windows\system32\odbcad32.exe . . . is infected!!

c:\windows\system32\packager.exe . . . is infected!!

c:\windows\system32\perfmon.exe . . . is infected!!

c:\windows\system32\progman.exe . . . is infected!!

c:\windows\system32\proquota.exe . . . is infected!!

c:\windows\system32\rasphone.exe . . . is infected!!

c:\windows\system32\rcimlby.exe . . . is infected!!

c:\windows\system32\rsnotify.exe . . . is infected!!

c:\windows\system32\rundll32.exe . . . is infected!!

c:\windows\system32\runonce.exe . . . is infected!!

c:\windows\system32\shrpubw.exe . . . is infected!!

c:\windows\system32\sigverif.exe . . . is infected!!

c:\windows\system32\stimon.exe . . . is infected!!

c:\windows\system32\sysocmgr.exe . . . is infected!!

c:\windows\system32\taskmgr.exe . . . is infected!!

c:\windows\system32\utilman.exe . . . is infected!!

c:\windows\system32\wextract.exe . . . is infected!!

c:\windows\system32\wiaacmgr.exe . . . is infected!!

c:\windows\system32\winlogon.exe . . . is infected!!

c:\windows\system32\wpabaln.exe . . . is infected!!

c:\windows\system32\msdtc.exe . . . is infected!!

c:\windows\system32\spider.exe . . . is infected!!

c:\windows\system32\clipbrd.exe . . . is infected!!

c:\windows\system32\mspaint.exe . . . is infected!!

c:\windows\system32\mplay32.exe . . . is infected!!

c:\windows\system32\sndrec32.exe . . . is infected!!

c:\windows\system32\accwiz.exe . . . is infected!!

c:\windows\system32\mnmsrvc.exe . . . is infected!!

c:\windows\system32\wuauclt1.exe . . . is infected!!

c:\windows\system32\oobe\oobebaln.exe . . . is infected!!

c:\windows\system32\oobe\msoobe.exe . . . is infected!!

c:\windows\system32\usmt\migload.exe . . . is infected!!

c:\windows\system32\usmt\migwiz.exe . . . is infected!!

c:\windows\system32\usmt\migwiza.exe . . . is infected!!

c:\windows\system32\Restore\rstrui.exe . . . is infected!!

c:\windows\pchealth\helpctr\binaries\HelpCtr.exe . . . is infected!!

c:\windows\pchealth\helpctr\binaries\msconfig.exe . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2006-11-21 to 2006-12-21 )))))))))))))))))))))))))))))))
.

2010-01-22 09:30 . 2010-01-22 09:30 -------- d---a-w- C:\ivdf_fusebundle_nt_en
2010-01-22 05:31 . 2010-01-22 05:31 -------- d-----w- C:\FOUND.005
2010-01-21 18:08 . 2010-01-21 18:08 -------- d-----w- c:\program files\SACC - TDL
2010-01-18 20:20 . 2010-01-18 20:20 -------- d-----w- C:\OutputFolder
2010-01-18 19:39 . 2007-04-12 09:49 129024 ----a-w- c:\windows\system32\AVERM.dll
2010-01-18 19:39 . 2006-09-26 09:27 28672 ----a-w- c:\windows\system32\AVEQT.dll
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\Allok Video Splitter
2010-01-18 14:10 . 2010-01-18 14:10 -------- d-----w- C:\FOUND.004
2010-01-16 08:47 . 2010-01-16 08:47 -------- d-----w- c:\program files\HooTech
2010-01-15 12:02 . 2010-01-15 12:02 -------- d-----w- c:\windows\masrifp
2010-01-14 11:54 . 2010-01-14 11:54 -------- d-----w- c:\program files\FreeTime
2010-01-13 11:48 . 2009-03-10 17:48 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2010-01-13 11:48 . 2010-01-13 11:48 -------- d-----w- c:\windows\system32\KB905474
2010-01-13 11:48 . 2009-03-10 17:56 1403264 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2010-01-13 11:09 . 2008-04-14 08:30 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-01-11 13:43 . 2008-05-01 14:33 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2010-01-11 13:42 . 2009-08-13 15:16 512000 ------w- c:\windows\system32\dllcache\jscript.dll
2010-01-11 13:42 . 2009-06-21 21:44 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2010-01-11 13:40 . 2009-08-04 15:13 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-01-11 13:40 . 2009-08-04 14:20 2023936 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-11 13:40 . 2009-08-04 14:20 2066048 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-01-11 13:35 . 2009-03-06 14:22 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2010-01-11 13:35 . 2009-02-09 12:10 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2010-01-11 13:35 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2010-01-11 13:35 . 2009-02-09 12:10 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2010-01-11 13:35 . 2009-02-09 12:10 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-01-11 13:35 . 2009-02-06 11:11 110592 ------w- c:\windows\system32\dllcache\services.exe
2010-01-11 13:35 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2010-01-11 13:35 . 2009-02-09 12:10 714752 ------w- c:\windows\system32\dllcache\ntdll.dll
2010-01-11 13:35 . 2009-02-09 12:10 617472 ------w- c:\windows\system32\dllcache\advapi32.dll
2010-01-11 13:32 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2010-01-11 13:31 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2010-01-11 13:31 . 2008-04-21 12:08 215552 ------w- c:\windows\system32\dllcache\wordpad.exe
2010-01-11 13:31 . 2009-07-31 04:24 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2010-01-11 13:31 . 2009-07-31 04:24 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll
2010-01-09 06:34 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-01-09 06:33 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-01-09 06:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-01-09 06:33 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-01-09 06:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-01-09 06:33 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-01-09 06:33 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-01-09 06:33 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-01-09 06:33 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-01-08 19:01 . 2010-01-08 19:01 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-01-08 19:01 . 2010-01-08 19:01 -------- d-----w- c:\program files\DVDVideoSoft
2010-01-08 12:40 . 2010-01-08 12:40 -------- d-----w- C:\My Music
2010-01-06 02:33 . 2010-01-06 02:33 -------- d-----w- c:\program files\MP3 Splitter & Joiner Pro
2010-01-05 19:41 . 2010-01-05 19:41 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 4
2010-01-05 18:12 . 2010-01-05 18:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-01-05 18:12 . 2010-01-05 18:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-21 07:19 . 2008-08-26 04:56 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-12-21 07:17 . 2009-10-06 07:22 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-12-21 07:17 . 2009-10-06 07:22 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-12-21 07:17 . 2009-10-06 07:22 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-12-21 07:17 . 2009-10-06 07:25 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-12-21 07:17 . 2009-10-06 07:22 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-12-21 07:17 . 2009-10-06 07:22 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-12-21 07:15 . 2009-12-23 08:12 12212040 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2009-12-21 07:15 . 2009-12-23 08:12 13930312 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2009-12-21 07:15 . 2009-12-23 08:12 77824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2009-12-21 07:15 . 2009-12-23 08:12 61440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx86.exe
2009-12-21 07:15 . 2009-12-23 08:12 58880 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\WMF11Runx64.exe
2009-12-21 07:15 . 2009-12-23 08:12 50000 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Installer\CommonCustomActions\pcswpc.exe
2009-12-21 05:37 . 2009-12-21 05:37 95992424 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\Nokia_Ovi_Suite_PCS_Update.exe
2009-12-21 05:37 . 2009-12-21 05:37 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\OviInstallerCache
2009-12-21 05:17 . 2009-12-21 05:17 -------- d-----w- C:\FOUND.003
2009-12-14 11:28 . 2009-12-14 11:28 -------- d-----w- c:\program files\AIMP2
2009-12-12 16:21 . 2009-12-12 16:21 -------- d-----w- C:\video_output
2009-12-12 16:19 . 2009-12-12 16:19 -------- d-----w- c:\program files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
2009-12-10 14:59 . 2001-08-17 07:18 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-10 14:58 . 2008-04-13 17:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-12-08 11:33 . 2009-12-08 11:33 -------- d-----w- C:\FOUND.002
2009-12-04 18:19 . 2009-12-04 18:19 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\PicBlock
2009-12-04 06:47 . 2009-12-04 06:47 -------- d-----w- c:\program files\Internet Download Manager
2009-12-04 06:36 . 2009-12-04 06:36 -------- d-----w- C:\FOUND.001
2009-12-02 13:26 . 2009-12-02 13:26 -------- d-----w- c:\program files\Mobile Systems
2009-11-29 15:12 . 2009-11-29 15:12 -------- d-----w- C:\FOUND.000
2009-11-29 07:06 . 2009-11-29 07:06 -------- d-----w- c:\windows\Sun
2009-11-29 06:31 . 2008-04-13 17:39 7552 ----a-w- c:\windows\system32\drivers\MSKSSRV.sys
2009-11-29 04:09 . 2009-11-29 04:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-28 20:57 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2009-11-28 20:48 . 2008-03-21 09:27 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-11-28 20:42 . 2009-11-28 20:40 34691976 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_ara.exe
2009-11-28 20:41 . 2009-11-28 20:41 95232 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-11-28 20:41 . 2009-11-28 20:41 61440 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-11-28 20:41 . 2009-11-28 20:41 10240 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-11-28 20:41 . 2009-11-28 20:41 8192 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-11-28 20:28 . 2009-11-28 20:28 -------- d-----w- c:\program files\Extension Changer
2009-11-28 20:08 . 2009-11-28 20:08 -------- d-----w- c:\windows\system32\DllSys
2009-11-28 07:44 . 2009-11-28 07:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AVS4YOU
2009-11-28 07:09 . 2009-11-28 07:09 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-11-28 07:09 . 2007-02-27 14:06 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-11-28 07:09 . 2009-11-28 07:09 -------- d-----w- c:\program files\AVS4YOU
2009-11-28 06:45 . 2009-11-28 06:45 -------- d-----w- c:\program files\Joboshare
2009-11-28 05:34 . 2009-11-28 05:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-11-28 05:34 . 2009-11-28 05:34 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SpeedBit
2009-11-26 15:41 . 2009-09-09 10:43 210352 ----a-w- c:\windows\system32\idmmbc.dll
2009-11-26 14:26 . 2009-11-26 14:26 -------- d-----w- c:\program files\Conduit
2009-11-20 14:48 . 1998-12-12 13:33 29696 ----a-w- c:\windows\system32\Vb5stkit.dll
2009-11-20 14:48 . 1998-12-23 12:52 5120 ----a-w- c:\windows\system32\nems_reg.dll
2009-11-20 14:48 . 1999-04-13 14:41 118784 ----a-w- c:\windows\system32\vbis4032.dll
2009-11-20 14:48 . 1999-01-27 08:22 152064 ----a-w- c:\windows\system32\nems_ws.dll
2009-11-20 14:48 . 1998-01-30 19:57 14336 ----a-w- c:\windows\system32\dwspy5.dll
2009-11-20 14:48 . 2009-11-20 14:48 -------- d-----w- c:\program files\vTuner
2009-11-20 14:48 . 1999-02-24 14:40 7680 ----a-w- c:\windows\system32\nems_ins.dll
2009-11-20 14:48 . 1998-11-09 11:41 70144 ----a-w- c:\windows\system32\nems_bmp.dll
2009-11-20 14:48 . 1997-10-01 14:37 22528 ----a-w- c:\windows\system32\SockIntf.dll
2009-11-20 14:48 . 1997-09-26 07:45 109056 ----a-w- c:\windows\system32\dwspyvb.dll
2009-11-20 01:55 . 2009-11-20 01:55 -------- d-----w- c:\program files\Abdullah AlZaid
2009-11-17 13:21 . 2009-11-17 13:21 -------- d-----w- c:\windows\SxsCaPendDel
2009-11-09 12:09 . 2008-03-21 20:46 1347584 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Nero\DrWeb\DRWEB32.DLL
2009-11-09 12:09 . 2006-03-17 10:19 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-11-09 12:09 . 2006-03-17 07:15 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-11-09 12:09 . 2006-03-17 07:15 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-11-09 12:09 . 2006-03-17 07:15 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-11-09 12:09 . 2006-03-17 07:15 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-11-09 12:09 . 2009-11-09 12:09 -------- d-----w- c:\program files\Nero
2009-11-09 12:09 . 2009-11-09 12:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Nero
2009-11-05 14:52 . 2009-08-05 18:18 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-11-05 14:33 . 2009-11-05 14:33 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-11-05 14:31 . 2006-11-29 08:36 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-11-05 14:31 . 2009-11-05 14:31 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-05 14:28 . 2009-11-05 14:28 -------- d-----w- c:\program files\Microsoft
2009-11-05 14:25 . 2009-11-05 14:25 -------- d-----w- c:\program files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 12:21 . 2006-12-22 01:04 10 ----a-w- c:\windows\popcinfo.dat
2009-12-07 17:07 . 2006-12-20 17:04 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-28 20:57 . 2009-11-28 20:57 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-11-28 20:57 . 2009-11-28 20:57 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-11-28 20:48 . 2009-11-28 20:48 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-11-28 20:48 . 2009-11-28 20:48 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-10-29 05:38 . 2008-04-14 06:30 667136 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 21:54 . 2006-12-21 13:48 23694 ----a-w- c:\windows\system32\win32k2.sys
2009-10-13 10:30 . 2008-04-14 06:30 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2008-04-14 06:30 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2008-04-14 06:30 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-11 06:44 . 2006-12-20 17:06 483707 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescript.dll
2009-10-11 06:44 . 2006-12-20 17:06 479604 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aerdl.dll
2009-10-11 06:44 . 2006-12-20 17:06 2011511 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeheur.dll
2009-10-11 06:44 . 2006-12-20 17:06 393587 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeemu.dll
2009-10-11 06:44 . 2006-12-20 17:06 364916 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aegen.dll
2009-09-25 05:37 . 2008-04-14 06:30 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-15 12:28 . 2006-12-20 17:06 106867 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aevdf.dll
2009-09-15 12:28 . 2006-12-20 17:06 422261 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aepack.dll
2009-09-15 12:27 . 2006-12-20 17:06 184693 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aecore.dll
2009-09-11 14:13 . 2008-04-14 06:30 136704 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03 . 2008-04-14 06:30 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 11:54 . 2006-12-20 17:06 127346 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aescn.dll
2009-09-03 11:54 . 2006-12-20 17:06 237940 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aehelp.dll
2009-09-02 05:08 . 2009-09-02 01:52 8224 ----a-w- c:\documents and settings\seif\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-02 01:57 . 2009-09-02 01:57 -------- d-----w- c:\program files\C-Media 3D Audio
2009-09-02 01:56 . 2009-09-02 01:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-02 01:55 . 2009-09-02 01:55 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-02 01:52 . 2009-09-02 01:52 -------- d-----w- c:\documents and settings\seif\Application Data\ViStart
2009-09-02 01:52 . 2009-09-02 01:52 -------- d-----w- c:\documents and settings\seif\Application Data\ViGlance
2009-09-02 01:47 . 2009-09-02 01:47 -------- d-----w- c:\program files\Reference Assemblies
2009-09-02 01:38 . 2009-09-02 01:38 -------- d-----w- c:\program files\Windows Media Connect 2
2009-09-02 01:31 . 2009-09-02 01:31 -------- d-----w- c:\program files\SysInternals
2009-09-02 01:31 . 2009-09-02 01:43 -------- d-----w- c:\documents and settings\seif\Application Data\Notepad2
2009-09-02 01:31 . 2009-09-02 01:31 -------- d-----w- c:\program files\Notepad2
2009-09-02 01:31 . 2009-09-02 01:31 -------- d-----w- c:\documents and settings\Default User\Application Data\Notepad2
2009-09-02 01:31 . 2009-09-02 01:31 -------- d-----w- c:\program files\Unlocker
2009-09-02 01:30 . 2009-09-02 01:30 -------- d-----w- c:\program files\System
2009-09-02 01:29 . 2009-09-02 01:29 -------- d-----w- c:\program files\MSXML 4.0
2009-09-02 01:28 . 2009-09-02 01:28 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-27 02:59 . 2009-08-27 02:59 823296 ----a-w- c:\windows\system32\ppsynthesis.dll
2009-08-26 08:00 . 2008-10-03 02:19 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-14 12:19 . 2009-04-02 20:20 1859712 ----a-w- c:\windows\system32\win32k.sys
2009-08-06 14:54 . 2006-12-20 14:06 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 14:54 . 2006-12-20 14:06 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 14:54 . 2009-08-06 14:54 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 14:54 . 2006-12-20 14:06 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 14:54 . 2006-12-20 14:06 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 14:54 . 2008-04-14 06:30 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 14:53 . 2006-12-20 14:06 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 14:53 . 2006-12-20 14:06 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2008-04-14 06:30 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 16:14 . 2009-01-16 08:50 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20 . 2009-01-16 10:45 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-07-31 04:24 . 2009-04-02 20:20 1447424 ----a-w- c:\windows\system32\msxml6.dll
2009-07-31 04:24 . 2008-09-04 09:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-07-29 04:37 . 2008-04-14 06:30 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:37 . 2008-04-14 06:30 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-26 12:14 . 2009-07-26 12:14 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-20 19:35 . 2009-07-20 19:35 1348432 ----a-w- c:\windows\system32\msxml4.dll
2009-07-17 19:01 . 2008-04-14 06:30 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:22 . 2008-04-14 06:30 1435648 ----a-w- c:\windows\system32\query.dll
2009-07-13 19:13 . 2009-04-02 20:19 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-10 08:37 . 2009-07-10 08:37 306544 ----a-w- c:\windows\WLXPGSS.SCR
2009-06-26 09:41 . 2008-04-14 06:30 730112 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:41 . 2009-04-02 20:23 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:41 . 2008-04-14 06:30 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:41 . 2008-04-14 06:30 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:41 . 2008-04-14 06:30 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 10:28 . 2008-04-14 06:30 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-17 11:02 . 2006-12-20 17:06 196987 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Avira\AntiVir Desktop\FAILSAVE\aeoffice.dll
2009-06-12 12:31 . 2008-04-14 06:30 80896 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-12 12:31 . 2008-04-14 06:30 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2008-04-14 06:30 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:14 . 2008-04-14 06:30 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-10 04:49 . 2006-12-20 14:04 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:09 . 2008-05-06 21:34 1291264 ----a-w- c:\windows\system32\quartz.dll
2009-05-29 21:37 . 2006-12-20 19:19 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-11 07:17 . 2009-05-11 07:17 1302600 ----a-w- c:\windows\system32\WUDFUpdate_01007.dll
2009-05-08 09:43 . 2006-12-20 17:04 97608 ----a-w- c:\windows\system32\drivers\avfwot.sys
2009-05-07 15:32 . 2008-04-14 06:30 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-01 21:02 . 2006-12-20 19:19 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2006-12-20 19:19 685056 ----a-w- c:\windows\system32\divx.dll
2009-04-15 14:51 . 2008-04-14 06:30 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-11 18:09 . 2009-04-11 18:09 5241856 ----a-w- c:\windows\system32\winntbbu.dll
2009-04-04 19:32 . 2009-04-04 19:32 8087040 ----a-w- c:\windows\system32\logonui.exe
2009-04-02 22:24 . 2006-12-20 14:06 691712 ----a-w- c:\windows\system32\inetcomm.dll
2009-04-02 20:37 . 2009-04-02 20:37 3186 ----a-w- c:\windows\system32\presetup.cmd
2009-04-02 20:24 . 2009-03-25 12:09 990208 ----a-w- c:\windows\system32\syssetup.dll
2009-04-02 20:24 . 2009-04-02 20:24 100864 ----a-w- c:\windows\system32\logagent.exe
2009-04-02 20:24 . 2009-04-02 20:24 938496 ----a-w- c:\windows\system32\wmnetmgr.dll
2009-04-02 20:24 . 2009-04-02 20:24 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-04-02 20:24 . 2009-04-02 20:24 333952 ----a-w- c:\windows\system32\drivers\srv.sys
2009-04-02 20:24 . 2009-04-02 20:24 96792 ----a-w- c:\windows\system32\basecsp.dll
2009-04-02 20:24 . 2009-04-02 20:24 84480 ----a-w- c:\windows\system32\pintool.exe
2009-04-02 20:24 . 2009-04-02 20:24 151552 ----a-w- c:\windows\system32\ifxcardm.dll
2009-04-02 20:23 . 2009-04-02 20:23 133120 ----a-w- c:\windows\system32\axaltocm.dll
2009-04-02 20:23 . 2009-04-02 20:23 286720 ----a-w- c:\windows\system32\gdi32.dll
2009-04-02 20:23 . 2009-04-02 20:23 272128 ----a-w- c:\windows\system32\drivers\bthport.sys
2009-04-02 20:23 . 2009-04-02 20:23 253952 ----a-w- c:\windows\system32\es.dll
.

------- Sigcheck -------

[-] 2009-03-25 . 4A89B9B9DB2EF9E38CA21922FF37E097 . 565760 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-04-13 . EA032FC150B9C6276C98EB3DED3B75C6 . 652800 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2008-04-13 . 6FBE974874389B7D5F11870747B8622C . 516096 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2009-03-25 . 3493959B23D73DFA1ABC638A7D1463D0 . 1728000 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-04-13 . CBF5945651C96E471B3A004BBDC36864 . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

c:\windows\System32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-11-09 14:08 2331672 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-22 39408]
"Google Update"="c:\documents and settings\abood\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-11-01 135664]
"IDMan"="f:\èٌçمى\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IDMan.exe" [2009-11-11 3171760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-05 198160]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 37376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2008-04-14 99840]

c:\windows\system32\config\systemprofile\Start Menu\Programs\Startup\
1.lnk - c:\windows\system32\oobe\regerror\sidebar\1.exe [2006-12-20 101646]
styler.lnk - c:\windows\system32\oobe\regerror\styler\styler.exe [2006-12-20 307200]
dock.lnk - c:\windows\system32\oobe\regerror\dock\Dock.exe [2006-12-20 713728]

c:\documents and settings\Default User.WINDOWS\Start Menu\Programs\Startup\
styler.lnk - c:\windows\system32\oobe\regerror\styler\styler.exe [2006-12-20 307200]
1.lnk - c:\windows\system32\oobe\regerror\sidebar\1.exe [2006-12-20 101646]
Welcome Center.lnk - c:\windows\system32\Welcome Center.exe [2006-12-20 2598912]
dock.lnk - c:\windows\system32\oobe\regerror\dock\Dock.exe [2006-12-20 713728]

c:\documents and settings\abood\Start Menu\Programs\Startup\
styler.lnk - c:\windows\system32\oobe\regerror\styler\styler.exe [2006-12-20 307200]
1.lnk - c:\windows\system32\oobe\regerror\sidebar\1.exe [2006-12-20 101646]
rainmeter.lnk - c:\windows\system32\oobe\regerror\sidebar\rainmeter.exe [2006-12-20 118784]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^abood^Start Menu^Programs^Startup^dock.lnk]
path=c:\documents and settings\abood\Start Menu\Programs\Startup\dock.lnk
backup=c:\windows\pss\dock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^abood^Start Menu^Programs^Startup^rainmeter.lnk]
path=c:\documents and settings\abood\Start Menu\Programs\Startup\rainmeter.lnk
backup=c:\windows\pss\rainmeter.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^abood^Start Menu^Programs^Startup^Welcome Center.lnk]
path=c:\documents and settings\abood\Start Menu\Programs\Startup\Welcome Center.lnk
backup=c:\windows\pss\Welcome Center.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^MSDict.lnk]
path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\MSDict.lnk
backup=c:\windows\pss\MSDict.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 12:14 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [12/20/2006 9:34 PM 97608]
R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [12/20/2006 9:34 PM 388865]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/20/2006 9:34 PM 108289]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [12/20/2006 9:34 PM 434945]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [11/5/2009 7:22 PM 54752]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [12/20/2006 9:34 PM 69632]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [12/20/2006 9:34 PM 194817]
S2 gupdate1ca536447bd568a;خدمة تحديث Google (gupdate1ca536447bd568a);c:\program files\Google\Update\GoogleUpdate.exe [10/23/2009 2:39 AM 133104]
S3 fsssvc;خدمة أمان العائلة في Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 10:48 PM 704864]
.
Contents of the 'Scheduled Tasks' folder

2006-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-22 22:09]

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-22 22:09]

2006-12-21 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-01-13 17:48]

2006-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-152049171-1801674531-1004Core.job
- c:\documents and settings\abood\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2006-12-20 01:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.yaman-tools.com/jsite/carackeb/General_Removal.rar?
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Download all links with IDM - f:\èٌçمى\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEGetAll.htm
IE: Download FLV video content with IDM - f:\èٌçمى\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEGetVL.htm
IE: Download with IDM - f:\èٌçمى\IDM 5.17 3\Internet Download Manager 5.18.4\crack\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
LSP: c:\windows\system32\idmmbc.dll
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
FF - ProfilePath - c:\documents and settings\abood\Application Data\Mozilla\Firefox\Profiles\bbgfqube.default\
FF - prefs.js: browser.startup.homepage -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox 3.6 Beta 4\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox 3.6 Beta 4\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-VisualTooltip - c:\program files\VisualToolTip\VisualToolTip.exe
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Rootkit scan 2006-12-21 05:20
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c2,1c,a0,d7,6e,35,5f,cc,75,42,95,4d,18,8d,4f,11,03,c7,08,cc,58,
67,25,a0,29,2a,93,b1,0e,47,5e,9a,57,26,f5,d0,28,5c,78,5c,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7a,92,1d,bd,d7,1b,29,8b,6f,94,db,c5,76,9a,b8,cf,71,f5,05,b2,a4,
6b,9f,56,b1,4e,92,46,11,2e,38,bf,c4,50,0d,4c,77,87,45,3f,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b772ebb0-b03a-4454-8472-a027f6df15a1}]
@Denied: (Full) (Everyone)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{e62dc965-346e-47a1-9c4a-053efed88a55}]
@Denied: (Full) (Everyone)
"Model"=dword:00000139
"Therad"=dword:00000014

[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
"times"="0"
"lastcheck"="20"
"Name"="ledworld"
"Code"="BHJDH17937"
"autorun"="1"
DUMPHIVE0.003 (REGF)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(804)
c:\windows\system32\wdigest.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\idmmbc.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(3984)
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ara.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\documents and settings\abood\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
.
**************************************************************************
.
Completion time: 2006-12-21 05:23:09 - machine was rebooted
ComboFix-quarantined-files.txt 2006-12-21 00:53

Pre-Run: 10,243,997,696 bytes free
Post-Run: 10,325,884,928 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(4)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - AADCEDD17A380D8CBDE2A7F53CB588EF

Technology G!rl · 23 يناير 2010

اوكي ممتاز ,,,

حمل الاداة التالية واتبع الشرح لعمل تقرير ورفعه

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

اعمل كما الصورة لبدء الفحص

ثم اعمل التالي لحفظ ملف التقرير

بعد حفظه قم بضغط الملف >>>

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

وارفع الملف هنا

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

لولوتش · 23 يناير 2010

بعرف اني غلبتك كتير :b:

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

Technology G!rl · 23 يناير 2010

لالا عادي

جاري الفحص

Technology G!rl · 23 يناير 2010

تفضل حمل هذا الملف

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي

وطبق عليه هذا الشرح ,,,

وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة

اعمل كما بالشرح ...

بعدها اعد تشغيل جهازك

وتقرير هايجك جديد ,,,

لولوتش · 23 يناير 2010

اسف عالتأخير
بس لما اعدت تشغيل الجهاز ما طلع اي تقرير

Technology G!rl · 23 يناير 2010

يبي عادي

بس اهم شي سويت كل الخطوات ؟
انا قصدي الآن تقرير هايجك مثل اللي في الصفحة الأولى

لولوتش · 23 يناير 2010

اولا صباح الخير

ثانيا سويت كل الخطوات وما طلع شي اعيد الطريقة مرة تانية

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم​

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

زيزوومى محترف

توقيع : Technology G!rl

زيزوومي جديد

برنامج Avast Premium Security 24.12.9725 تفعيل بسيريال مدة 680 يوم