i have try to open any site kaspersky . avg avira . nod 32 and more and ComboFix site cant open it
Should I post hijackthis/combofix log? or what ?
Can not open microsoft and any antivirus sites Help ?
Started by
Ahmed Yousre
, Sep 18 2011 09:03 AM
-
This topic is locked
#1
Posted 18 September 2011 - 09:03 AM
Ahmed Yousre
-
- Member
-
- 5 posts
New Member
i have try to open any site kaspersky . avg avira . nod 32 and more and ComboFix site cant open it
Should I post hijackthis/combofix log? or what ?
#2
Posted 18 September 2011 - 09:07 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Lets try this first and see what you have
Download OTL to your Desktop
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U /s
CREATERESTOREPOINT - Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
#3
Posted 18 September 2011 - 09:13 AM
Ahmed Yousre
- Topic Starter
-
- Member
-
- 5 posts
New Member
Lets try this first and see what you have
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U /s
CREATERESTOREPOINT- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
ok but this log ComboFix
ComboFix 11-09-17.06 - ويندوز 09/18/2011 18:04:36.1.2 - x86
CyberWareZ Cyber 7 v2 6.1.7600.0.1256.20.1033.18.894.508 [GMT 3:00]
Running from: c:\users\΅وغ?΅?\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Plugin Manager\SkypePM.exe
c:\users\ويندوز\AppData\Roaming\Mikrotik
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\advtool.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\advtool.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\arlan.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\arlan.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\dhcp.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\dhcp.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\hotspot.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\hotspot.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\isdn.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\isdn.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\lcd.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\lcd.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ntp.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ntp.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\phone.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\phone.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ppp.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ppp.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\radlan.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\radlan.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\roteros.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\roteros.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\routing.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\routing.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\rstp.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\rstp.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\rtboard.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\rtboard.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\secure.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\secure.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\sync.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\sync.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\system.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\system.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ups.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\ups.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\wlan2.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\wlan2.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\wproxy.crc
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\2.9.27-2322765042\wproxy.dll
c:\users\ويندوز\AppData\Roaming\Mikrotik\Winbox\winbox.cfg
c:\windows\iexplore.exe
c:\windows\PFRO.log
c:\windows\system32\cftmon.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-08-18 to 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 14:26 . 2011-09-18 14:26 -------- d-----w- c:\users\ويندوز\AppData\Local\ElevatedDiagnostics
2011-09-17 16:40 . 2009-11-05 13:38 1669120 ----a-w- c:\windows\system32\BootMan.exe
2011-09-17 16:40 . 2009-09-16 13:55 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys
2011-09-17 16:40 . 2009-09-14 06:21 14848 ----a-w- c:\windows\system32\EuEpmGdi.dll
2011-09-17 16:40 . 2009-08-26 09:45 13192 ----a-w- c:\windows\system32\epmntdrv.sys
2011-09-17 16:40 . 2009-04-22 11:28 86408 ----a-w- c:\windows\system32\setupempdrv03.exe
2011-09-17 15:27 . 2011-09-17 15:27 -------- d-----w- c:\users\ويندوز\AppData\Local\Yahoo
2011-09-17 15:25 . 2011-09-17 15:25 -------- d-----w- c:\users\ويندوز\AppData\Roaming\Yahoo!
2011-09-17 02:31 . 2011-09-17 02:31 -------- d-----w- c:\users\ويندوز\AppData\Local\ESET
2011-09-17 01:24 . 2001-08-23 03:57 65536 ----a-w- c:\program files\Internet Explorer\MUI\0401\MSHTMLER.DLL
2011-09-17 01:24 . 2001-08-23 03:57 14848 ----a-w- c:\program files\Internet Explorer\MUI\0401\MSIDNTLD.DLL
2011-09-17 01:24 . 2001-08-23 03:56 45056 ----a-w- c:\program files\Internet Explorer\MUI\0401\INETRES.DLL
2011-09-17 01:24 . 2001-08-23 03:52 73728 ----a-w- c:\program files\Internet Explorer\MUI\0401\ACCTRES.DLL
2011-09-17 01:24 . 2001-08-23 03:17 2479104 ----a-w- c:\program files\Internet Explorer\MUI\0401\MSOERES.DLL
2011-09-17 01:24 . 2001-08-23 03:17 110592 ----a-w- c:\program files\Internet Explorer\MUI\0401\INETCPLC.DLL
2011-09-17 01:24 . 2001-08-23 03:16 62976 ----a-w- c:\program files\Internet Explorer\MUI\0401\BROWSELC.DLL
2011-09-17 01:24 . 2001-08-23 03:18 249344 ----a-w- c:\program files\Common Files\System\MUI\0401\WAB32RES.DLL
2011-09-17 00:22 . 2011-09-17 00:22 -------- d-----w- c:\users\ويندوز\AppData\Local\Solid State Networks
2011-09-16 23:34 . 2011-09-17 02:43 -------- d-----w- c:\users\ويندوز\AppData\Roaming\Media Player Classic
2011-09-16 23:32 . 2011-09-17 15:08 -------- d-----w- c:\program files\ESET
2011-09-16 23:21 . 2011-09-16 23:21 -------- d-----w- c:\users\ويندوز\AppData\Local\Mozilla
2011-09-16 23:17 . 2011-09-16 23:17 -------- d-----w- c:\users\ويندوز\AppData\Roaming\URSoft
2011-09-16 23:17 . 2011-09-16 23:17 -------- d-----w- c:\program files\Your Uninstaller! 7
2011-09-16 23:15 . 2011-09-17 02:12 -------- d-----r- C:\RavBin
2011-09-16 23:15 . 2010-06-07 11:29 1060864 ------w- c:\windows\system32\MFC71.dll
2011-09-16 23:14 . 2011-09-17 02:13 -------- d-----w- c:\program files\Rising
2011-09-16 23:14 . 2011-09-16 23:17 -------- d-----w- c:\programdata\Rising
2011-09-16 23:11 . 2011-09-18 14:47 -------- d-----w- c:\users\ويندوز\AppData\Roaming\IDM
2011-09-16 11:31 . 2011-09-18 15:08 -------- d-----w- c:\users\ويندوز\AppData\Roaming\DMCache
2011-09-15 15:12 . 2011-07-06 15:14 89376 ----a-w- c:\windows\system32\drivers\idmwfp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-16 23:32 . 2011-07-29 01:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-04 06:20 . 2011-08-04 06:20 33656 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2011-07-29 01:48 . 2011-07-29 01:48 411368 ----a-w- c:\windows\system32\deploytk.dll
2011-07-29 01:38 . 2011-07-29 01:38 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-20 06:44 . 2011-07-29 01:58 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D0AE95B-C856-4CDC-B851-D5E5289636B7}\mpengine.dll
2011-09-03 06:01 . 2011-09-16 23:20 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-07-14 . 4CA5F9407170D6890CBF253C258FD05E . 1297408 . . [2001.12.8530.16385] . . c:\windows\System32\comres.dll
[-] 2009-07-14 . 4CA5F9407170D6890CBF253C258FD05E . 1297408 . . [2001.12.8530.16385] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_2c8730fb47856e94\comres.dll
.
[-] 2009-07-14 . 798D3A7804AFA7BE66EC840383257CCE . 557056 . . [5.82] . . c:\windows\System32\comctl32.dll
[-] 2009-07-14 . 798D3A7804AFA7BE66EC840383257CCE . 557056 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7600.16385_none_39727524394b18eb\comctl32.dll
[-] 2009-07-14 . 798D3A7804AFA7BE66EC840383257CCE . 557056 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16385_none_ebf82fc36c758ad5\comctl32.dll
[7] 2009-07-14 . 0FA436A553408CBEBA070E3182658DE3 . 1680896 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
.
[-] 2009-11-25 . 2BAD5D6512BE8B4FB31D71948E5B0DD2 . 2376704 . . [6.1.7600.16385] . . c:\windows\explorer.exe
[-] 2009-11-25 . 2BAD5D6512BE8B4FB31D71948E5B0DD2 . 2376704 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
.
[-] 2010-02-05 . B87F8D497CDF8E6F24A089DB34C38E12 . 472064 . . [6.1.7600.16385] . . c:\windows\regedit.exe
[-] 2010-01-22 . 0B0D6F65CC88C332D3A1030FA7558891 . 528896 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe
.
[-] 2009-07-14 . CD11855AEA38FB8DEDBAA79E5FBE4AB7 . 843544 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_b346f9b4861b55c2\iexplore.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 16:50 21864 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-09-15 3425688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"USB Antivirus"="c:\program files\USB Disk Security\RunUSBGuard.exe" [2009-12-10 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-11-10 5244216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-08-26 13192]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-09-16 8456]
R3 NSPacket;NextSecurity Packet Driver;c:\windows\system32\drivers\nspacket.sys [2004-12-06 32768]
R3 SliceDisk5;SliceDisk5;c:\users\ويندوز\AppData\Local\Temp\FindAndMount\slicedisk.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-07-29 691696]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 89376]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
.
------- Supplementary Scan -------
.
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.16.1
FF - ProfilePath - c:\users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.eg/
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-09-18 18:10:09
ComboFix-quarantined-files.txt 2011-09-18 15:10
.
Pre-Run: 34,779,799,552 bytes free
Post-Run: 34,633,437,184 bytes free
.
- - End Of File - - 90FA9B3B867B8C5F4FF22185BF59A33F
#4
Posted 18 September 2011 - 09:18 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
But it does not show all so if you could run the OTL scan please
#5
Posted 18 September 2011 - 09:44 AM
Ahmed Yousre
- Topic Starter
-
- Member
-
- 5 posts
New Member
OTL.Txt
OTL logfile created on: 18/09/2011 06:41:12 م - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ويندوز\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c01 | Country: مصر | Language: ARE | Date Format: dd/MM/yyyy
894.49 Mb Total Physical Memory | 396.29 Mb Available Physical Memory | 44.30% Memory free
1.87 Gb Paging File | 1.26 Gb Available in Paging File | 67.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49.67 Gb Total Space | 32.31 Gb Free Space | 65.05% Space Free | Partition Type: NTFS
Drive D: | 195.32 Gb Total Space | 109.48 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 59.26 Gb Free Space | 30.34% Space Free | Partition Type: NTFS
Drive F: | 195.32 Gb Total Space | 129.68 Gb Free Space | 66.39% Space Free | Partition Type: NTFS
Drive G: | 195.31 Gb Total Space | 84.56 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive H: | 100.59 Gb Total Space | 62.01 Gb Free Space | 61.64% Space Free | Partition Type: NTFS
Computer Name: ويندوز-PC | User Name: ويندوز | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/18 18:12:24 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ويندوز\Desktop\OTL.scr
PRC - [2011/09/15 17:33:42 | 003,425,688 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2009/11/25 23:01:59 | 002,376,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 04:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
========== Modules (No Company Name) ==========
MOD - [2009/10/26 10:33:32 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/07/14 04:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 04:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 04:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/07/29 04:38:02 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/07/06 18:14:42 | 000,089,376 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2009/09/16 16:55:00 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/08/26 12:45:10 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2009/07/14 04:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 04:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 04:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 02:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 02:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 01:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/24 21:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2004/12/06 20:08:24 | 000,032,768 | ---- | M] (NextSecurity.NET) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nspacket.sys -- (NSPacket)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2848490199-2696999808-664735733-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com.eg/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8b
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/17 02:20:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\ويندوز\AppData\Roaming\IDM\idmmzcc5 [2011/09/17 06:37:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\ويندوز\AppData\Roaming\IDM\idmmzcc5 [2011/09/17 06:37:42 | 000,000,000 | ---D | M]
[2011/09/17 02:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Extensions
[2011/09/17 02:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\extensions
[2011/09/17 02:22:50 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2011/09/17 02:22:45 | 000,000,000 | ---D | M] (Test Pilot) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\extensions\[email protected](2).com
[2011/09/17 02:22:48 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\extensions\[email protected]
[2011/09/17 02:22:48 | 000,000,000 | ---D | M] (Yes popups) -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\extensions\[email protected]
[2011/05/17 13:12:44 | 000,002,333 | ---- | M] () -- C:\Users\ويندوز\AppData\Roaming\Mozilla\Firefox\Profiles\f8kwoxtq.default\searchplugins\askcom.xml
[2011/09/17 02:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\ظظٹظط―ظط²\APPDATA\ROAMING\IDM\IDMMZCC5
File not found (No name found) -- C:\USERS\ظظٹظط―ظط²\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F8KWOXTQ.DEFAULT\EXTENSIONS\{563E4790-7E70-11DA-A72B-0800200C9A66}.XPI
File not found (No name found) -- C:\USERS\ظظٹظط―ظط²\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F8KWOXTQ.DEFAULT\EXTENSIONS\{BB6BC1BB-F824-4702-90CD-35E2FB24F25D}
File not found (No name found) -- C:\USERS\ظظٹظط―ظط²\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F8KWOXTQ.DEFAULT\EXTENSIONS\[email protected]
[2011/09/03 09:01:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/03 02:25:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2011/09/18 18:08:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [USB Antivirus] C:\Program Files\USB Disk Security\RunUSBGuard.exe (Zbshareware Lab)
O4 - HKU\.DEFAULT..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\.DEFAULT..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-18..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-18..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2848490199-2696999808-664735733-1001..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2848490199-2696999808-664735733-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2848490199-2696999808-664735733-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2848490199-2696999808-664735733-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Key error. (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.16.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B723B2AF-92F0-4675-9D86-260A59024FCB}: DhcpNameServer = 192.168.16.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011/09/18 18:12:08 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\ويندوز\Desktop\OTL.scr
[2011/09/18 18:10:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/09/18 18:10:11 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\temp
[2011/09/18 18:08:16 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/09/18 18:03:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/09/18 18:03:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/09/18 18:03:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/09/18 18:03:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/18 18:03:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/18 17:52:34 | 003,438,900 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\ويندوز\Desktop\mbam-setup-1.51.2.1300.exe.part
[2011/09/18 17:47:29 | 004,214,864 | R--- | C] (Swearware) -- C:\Users\ويندوز\Desktop\ComboFix.exe
[2011/09/18 17:47:07 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\ويندوز\Desktop\TFC.exe
[2011/09/18 17:26:16 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\ElevatedDiagnostics
[2011/09/18 17:24:18 | 004,451,182 | ---- | C] (CURIOLAB S.M.B.A.) -- C:\Users\ويندوز\Desktop\ExterminateItSetup.exe.part
[2011/09/17 18:27:05 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\Yahoo
[2011/09/17 18:25:04 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\Yahoo!
[2011/09/17 15:10:18 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\Desktop\Amal.Maher.4Songs.Up.Album.ArabSeed.CoM
[2011/09/17 05:31:50 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\ESET
[2011/09/17 05:31:50 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\ESET
[2011/09/17 03:22:13 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\Solid State Networks
[2011/09/17 02:34:25 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\Media Player Classic
[2011/09/17 02:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/09/17 02:22:38 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\Mozilla
[2011/09/17 02:21:03 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Local\Mozilla
[2011/09/17 02:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/09/17 02:17:36 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\URSoft
[2011/09/17 02:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/09/17 02:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
[2011/09/17 02:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller! 7
[2011/09/17 02:15:21 | 000,000,000 | R--D | C] -- C:\RavBin
[2011/09/17 02:14:50 | 000,000,000 | ---D | C] -- C:\Program Files\Rising
[2011/09/17 02:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Rising
[2011/09/17 02:11:48 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\IDM
[2011/09/17 02:11:35 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\WinRAR
[2011/09/16 14:31:11 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\AppData\Roaming\DMCache
[2011/09/16 14:29:58 | 000,000,000 | ---D | C] -- C:\Users\ويندوز\Documents\KONAMI
[2011/09/15 18:12:49 | 000,089,376 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
========== Files - Modified Within 30 Days ==========
[2011/09/18 18:37:52 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/18 18:37:52 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/18 18:37:05 | 000,039,936 | ---- | M] () -- C:\Users\ويندوز\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/18 18:12:24 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\ويندوز\Desktop\OTL.scr
[2011/09/18 18:08:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/09/18 18:06:02 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/18 18:06:02 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/18 17:58:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/18 17:58:48 | 703,455,232 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/18 17:54:37 | 003,438,900 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ويندوز\Desktop\mbam-setup-1.51.2.1300.exe.part
[2011/09/18 17:48:17 | 004,214,864 | R--- | M] (Swearware) -- C:\Users\ويندوز\Desktop\ComboFix.exe
[2011/09/18 17:47:25 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\ويندوز\Desktop\TFC.exe
[2011/09/18 17:27:33 | 004,451,182 | ---- | M] (CURIOLAB S.M.B.A.) -- C:\Users\ويندوز\Desktop\ExterminateItSetup.exe.part
[2011/09/17 15:00:06 | 000,014,177 | ---- | M] () -- C:\Users\ويندوز\Desktop\3333.JPG
[2011/09/17 05:17:37 | 001,101,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/17 02:41:40 | 004,484,679 | ---- | M] () -- C:\Users\ويندوز\Desktop\MyEgy.Com.Fadel.Shaker.Aalo.3anni.mp3
[2011/09/17 02:20:39 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/17 02:17:33 | 000,001,030 | ---- | M] () -- C:\Users\ويندوز\Desktop\Your Unin-staller!.lnk
[2011/09/17 02:01:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/09/16 14:35:39 | 000,000,950 | ---- | M] () -- C:\Users\ويندوز\Desktop\PES 11 - Shortcut.lnk
========== Files Created - No Company Name ==========
[2011/09/18 18:03:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/09/18 18:03:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/09/18 18:03:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/09/18 18:03:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/09/18 18:03:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/17 19:40:48 | 001,669,120 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/09/17 19:40:48 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/09/17 19:40:48 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/09/17 19:40:48 | 000,013,192 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/09/17 19:40:48 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/09/17 15:00:01 | 000,014,177 | ---- | C] () -- C:\Users\ويندوز\Desktop\3333.JPG
[2011/09/17 02:39:45 | 004,484,679 | ---- | C] () -- C:\Users\ويندوز\Desktop\MyEgy.Com.Fadel.Shaker.Aalo.3anni.mp3
[2011/09/17 02:20:39 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/17 02:20:39 | 000,001,096 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/09/17 02:17:33 | 000,001,030 | ---- | C] () -- C:\Users\ويندوز\Desktop\Your Unin-staller!.lnk
[2011/09/17 02:01:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/09/17 01:27:53 | 000,039,936 | ---- | C] () -- C:\Users\ويندوز\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/16 14:35:39 | 000,000,950 | ---- | C] () -- C:\Users\ويندوز\Desktop\PES 11 - Shortcut.lnk
[2011/07/29 04:43:32 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/07/29 04:28:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/29 04:28:55 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/07/14 07:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 07:33:53 | 001,101,216 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 05:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 05:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 05:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 05:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 05:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 05:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 03:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/14 02:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 02:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011/09/18 18:08:24 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\DMCache
[2011/09/17 05:31:50 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\ESET
[2011/09/18 17:47:27 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\IDM
[2011/07/29 04:42:15 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\Opera
[2011/07/29 04:46:29 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\tigerplayer
[2011/09/17 02:17:36 | 000,000,000 | ---D | M] -- C:\Users\ويندوز\AppData\Roaming\URSoft
[2011/09/18 17:22:41 | 000,004,396 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2009/11/25 23:01:59 | 002,376,704 | ---- | M] (Microsoft Corporation) MD5=2BAD5D6512BE8B4FB31D71948E5B0DD2 -- C:\Windows\explorer.exe
[2009/11/25 23:01:59 | 002,376,704 | ---- | M] (Microsoft Corporation) MD5=2BAD5D6512BE8B4FB31D71948E5B0DD2 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
< MD5 for: SVCHOST.EXE >
[2009/07/14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 04:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: USERINIT.EXE >
[2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 04:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/07/14 04:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/07/14 04:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 04:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< C:\Windows\assembly\tmp\U /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:1CE11B51
< End of report >
#6
Posted 18 September 2011 - 09:44 AM
Ahmed Yousre
- Topic Starter
-
- Member
-
- 5 posts
New Member
Extras.Txt
OTL Extras logfile created on: 18/09/2011 06:41:12 م - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\ويندوز\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c01 | Country: مصر | Language: ARE | Date Format: dd/MM/yyyy
894.49 Mb Total Physical Memory | 396.29 Mb Available Physical Memory | 44.30% Memory free
1.87 Gb Paging File | 1.26 Gb Available in Paging File | 67.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 49.67 Gb Total Space | 32.31 Gb Free Space | 65.05% Space Free | Partition Type: NTFS
Drive D: | 195.32 Gb Total Space | 109.48 Gb Free Space | 56.05% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 59.26 Gb Free Space | 30.34% Space Free | Partition Type: NTFS
Drive F: | 195.32 Gb Total Space | 129.68 Gb Free Space | 66.39% Space Free | Partition Type: NTFS
Drive G: | 195.31 Gb Total Space | 84.56 Gb Free Space | 43.29% Space Free | Partition Type: NTFS
Drive H: | 100.59 Gb Total Space | 62.01 Gb Free Space | 61.64% Space Free | Partition Type: NTFS
Computer Name: ويندوز-PC | User Name: ويندوز | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2848490199-2696999808-664735733-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3297
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1
"{FB90085B-59E4-40FA-81CA-CBE0E70A7183}" = Windows ARP Spoofer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CCleaner" = CCleaner
"Google Chrome 14.0.794.0" = Google Chrome 14.0.794.0
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.2.0 (Basic)
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"MpcStar" = MpcStar 5.3
"Opera 11.11.2109" = Opera 11.11
"RealAlt_is1" = Real Alternative 2.0.2
"UltraISO_is1" = UltraISO Premium V9.3
"Unlocker" = Unlocker 1.8.8
"USB Disk Security_is1" = USB Disk Security
"Winamp" = Winamp
"WinRAR" = WinRAR
"Yahoo! Messenger" = Yahoo! Messenger
"YU2010_is1" = Your Uninstaller! 7
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2848490199-2696999808-664735733-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16/09/2011 07:52:45 م | Computer Name = ويندوز-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "H:\Pro\install_flashplayer10_chrd_aih.exe".Error
in manifest or policy file "H:\Pro\install_flashplayer10_chrd_aih.exe" on line
0. Invalid Xml syntax.
Error - 16/09/2011 08:21:14 م | Computer Name = ويندوز-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "H:\Pro\install_flashplayer10_chrd_aih.exe".Error
in manifest or policy file "H:\Pro\install_flashplayer10_chrd_aih.exe" on line
0. Invalid Xml syntax.
Error - 16/09/2011 08:23:48 م | Computer Name = ويندوز-PC | Source = Application Hang | ID = 1002
Description = The program install_flashplayer10ax_gtbd_aih.exe version 3.0.6.0 stopped
interacting with Windows and was closed. To see if more information about the problem
is available, check the problem history in the Action Center control panel. Process
ID: 718 Start Time: 01cc74cfcc04eae7 Termination Time: 42 Application Path: C:\Users\ويندوز\AppData\Local\Temp\install_flashplayer10ax_gtbd_aih.exe
Report
Id: 4d4eb516-e0c3-11e0-9e72-00241d2ef2f8
Error - 16/09/2011 08:33:17 م | Computer Name = ويندوز-PC | Source = MsiInstaller | ID = 11704
Description =
Error - 16/09/2011 09:16:10 م | Computer Name = ويندوز-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16385,
time stamp: 0x4a5bc60d Faulting module name: ffmpeg.dll, version: 0.0.0.0, time stamp:
0x4df780b6 Exception code: 0x40000015 Fault offset: 0x0001f6db Faulting process id:
0x608 Faulting application start time: 0x01cc74c835ad0df3 Faulting application path:
C:\Windows\Explorer.EXE Faulting module path: C:\Program Files\K-Lite Codec Pack\ffdshow\ffmpeg.dll
Report
Id: 9ff026b5-e0ca-11e0-9e72-00241d2ef2f8
Error - 16/09/2011 10:13:04 م | Computer Name = ويندوز-PC | Source = VSS | ID = 8194
Description =
Error - 16/09/2011 10:34:31 م | Computer Name = ويندوز-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "H:\Pro\Net\install_flashplayer10_chrd_aih.exe".Error
in manifest or policy file "H:\Pro\Net\install_flashplayer10_chrd_aih.exe" on line
0. Invalid Xml syntax.
Error - 16/09/2011 11:32:41 م | Computer Name = ويندوز-PC | Source = VSS | ID = 8194
Description =
Error - 16/09/2011 11:40:35 م | Computer Name = ويندوز-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16385,
time stamp: 0x4a5bc60d Faulting module name: ffmpeg.dll, version: 0.0.0.0, time stamp:
0x4df780b6 Exception code: 0x40000015 Fault offset: 0x0001ee40 Faulting process id:
0x1ac Faulting application start time: 0x01cc74e760aab197 Faulting application path:
C:\Windows\Explorer.EXE Faulting module path: C:\Program Files\K-Lite Codec Pack\ffdshow\ffmpeg.dll
Report
Id: ccbab90a-e0de-11e0-9c1c-00241d2ef2f8
Error - 18/09/2011 10:56:25 ص | Computer Name = ويندوز-PC | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "I:\install_flashplayer10_chrd_aih.exe".Error
in manifest or policy file "I:\install_flashplayer10_chrd_aih.exe" on line 0. Invalid
Xml syntax.
[ System Events ]
Error - 18/09/2011 10:38:49 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Firewall service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 120000 milliseconds:
Restart the service.
Error - 18/09/2011 10:39:34 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
%%-2147023143.
Error - 18/09/2011 10:40:42 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Network Store Interface Service
service, but this action failed with the following error: %%1056
Error - 18/09/2011 10:40:49 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the Base Filtering Engine service,
but this action failed with the following error: %%1056
Error - 18/09/2011 10:58:59 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom
Error - 18/09/2011 11:04:27 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 18/09/2011 11:06:08 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 18/09/2011 11:08:20 ص | Computer Name = ويندوز-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 18/09/2011 11:36:09 ص | Computer Name = ويندوز-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 18/09/2011 11:36:10 ص | Computer Name = ويندوز-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
< End of report >
#7
Posted 18 September 2011 - 09:49 AM
Ahmed Yousre
- Topic Starter
-
- Member
-
- 5 posts
New Member
what now ?
#8
Posted 18 September 2011 - 10:22 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK next is to check a few system files for integrity and check the winsock settings
Go to this page and about three quarters of the way down is a fixit button run that
If you cannot get to that page then download the attached zip file and extract the .msi programme and run
[attachment=52570:MicrosoftFixit50203.zip]
Then select Start > All Programs > Accessories
Right click the command promp and select run as Administrator
In the black box that opens type
sfc /scannow
Once done then retry MS website
Go to this page and about three quarters of the way down is a fixit button run that
If you cannot get to that page then download the attached zip file and extract the .msi programme and run
[attachment=52570:MicrosoftFixit50203.zip]
Then select Start > All Programs > Accessories
Right click the command promp and select run as Administrator
In the black box that opens type
sfc /scannow
Once done then retry MS website
#9
Posted 22 September 2011 - 11:42 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
