land moon
زيزوومى مبدع
غير متصل
-
تصميم Ramy Badraan
Cisdem Video Compressor 2.2.0 برنامج لضغط الفيديوهات مع المحافظة على الجودة قدر الإمكان - مع التفعيل تصميم Ramy Badraan
WinRAR - أداة متكاملة لتحميل وتثبيت وتفعيل WinRAR7.11 اخر اصدار تلقائيًا وبثلاث لغات) تصميم Ramy Badraan
متصفح القوة والسرعة Google Chrome 116.0.5845.97 Stable تصميم Ramy Badraan
الأسطوانة العربية** Ar Windows 10-11 (2019-2021-2024) IoT Enterprise LTSC (x64) Update April 2025 تصميم Ramy Badraan
Windows Video Converter 2025 v9.9.9.17 برنامج تحويل وتحرير الفيديو الكل في واحد تصميم Ramy Badraan
Windows Video Converter 2025 v9.9.9.17 برنامج تحويل وتحرير الفيديو الكل في واحد تصميم Ramy Badraan
27.00.0300 XYplorer Pro لإدارة الملفات والمجلدات والبحث عنها بسرعة تصميم Ramy Badraan
ويندوز 11 اندكس برو -عربي إنكليزي فرنسي من غير متطلبات ومفعلWindows11PRO_24H2(Ar-En-Fr)26100.3909-Activ_NO TPM تصميم Ramy Badraan
Foxit PDF Editor 2025 .1.0.27937 تصميم Ramy Badraan
CoolUtils Total Doc Converter 5.1.0.364 Repack & Portable لتحويل الملفات الكتابية إلى عدة صيغ تصميم Ramy Badraan
برنامج الحماية الرهيب Webroot Secure Anywhere CE 25.2 والتفعيل بسيريال لمدة 700 يوم تصميم Ramy Badraan
Zyzoom Driver Booster Tool - عملاق جلب التعريفات Iobit Driver Booster فى اصداره النهائى مفعل - تنصيب صامت) تصميم Ramy Badraan
Zyzoom Process Lasso Tool - Wise Care 365 Pro 7.2.4.697 RePack & Portable البرنامج الشامل للصيانة وإصلاح النظام) تصميم Ramy Badraan
TechsmithSnagit 25.1.0.6239 x64 Silent Install عملاق تصوير الشاشة وعمل الشروحات تصميم Ramy Badraan
Glary Utilities Pro 6.24.0.28 RePack & Portable لصيانة النظام وتنظيفه من الملفات التالفة تصميم Ramy Badraan
Zyzoom Process Lasso Tool - عملاق تسريع المعالج وتنظيم العمليات فى اصداره الاخير - تنصيب صامت) 
- بادئ الموضوع land moon
- تاريخ البدء
- الحالة
System32
زيزوومى محترف
غير متصلجرب هذا الموضوع ..يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
توقيع : System32
تأييد 0
alemalbyelaram
عضو شرف
- إنضم
- 10 سبتمبر 2008
- المشاركات
- 38,388
- مستوى التفاعل
- 1,008
- النقاط
- 1,020
- الإقامة
- ˚ஐ˚◦{ ♥ in my dreams˚ஐ˚◦{ ♥
غير متصل
هلا بك اخوى
،
قم بعمل التقارير الموجوده فى الاداه لكى نتبين سبب المشكله
وان شاء الله ما يصير الا خير
:king:
توقيع : alemalbyelaram
تأييد 0
land moon
زيزوومى مبدع
غير متصلهلا وغلا بكم اخواني واحبابي جميعاً
هذه تقارير جهازي .........بعد استخدام الاداة
hijackthi
Report 2011-03-02 12.20.06يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
توقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلsreport
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Error
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Softlist
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
وأخير runscanner
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
الله يعطيكم كل خير وعااااافيةتوقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلhijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:32 AM, on 3/2/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Documents and Settings\maged\Local Settings\Application Data\Autobahn\autobahn.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by maged alawadhi
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:895:80
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: ????? ????? ?????? ??? Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1229272821-1078081533-1801674531-500\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: autobahn.lnk = C:\Documents and Settings\maged\Local Settings\Application Data\Autobahn\autobahn.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: fsp_lmwl - fsp_lmwl.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 10016 bytesتوقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلError_log
====== ??? ????? ?????? ======
Computer Name: MAGED-AD797721F
Event Code: 59
Message: Generate Activation Context failed for C:\Program Files\MusicMp3Downloader\MusicMp3Downloader.exe.
Reference error message: The operation completed successfully.
.
Record Number: 5747
Source Name: SideBySide
Time Written: 20110221224919.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference error message: The system cannot find the path specified.
.
Record Number: 5746
Source Name: SideBySide
Time Written: 20110221224919.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 59
Message: Generate Activation Context failed for C:\Program Files\MusicMp3Downloader\MusicMp3Downloader.exe.
Reference error message: The operation completed successfully.
.
Record Number: 5742
Source Name: SideBySide
Time Written: 20110221221646.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference error message: The system cannot find the path specified.
.
Record Number: 5741
Source Name: SideBySide
Time Written: 20110221221646.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 59
Message: Generate Activation Context failed for C:\Program Files\MusicMp3Downloader\MusicMp3Downloader.exe.
Reference error message: The operation completed successfully.
.
Record Number: 5740
Source Name: SideBySide
Time Written: 20110221221644.000000-480
Event Type: error
User:
===== ??? ????? ??????? =====
Computer Name: MAGED-AD797721F
Event Code: 82
Message: Event Info: Exception opening connection to database.
Program Guide info not available. Data may be corrupt. Media Center could not load the Guide. Please restart the computer and try again. If the problem persists, see Help for more information.
Process: DefaultDomain
Object Name: Microsoft.Ehome.Epg.Database.GuideDbConnection
Record Number: 1811
Source Name: Media Center Guide
Time Written: 20110222214252.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 1
Message:
Record Number: 1807
Source Name: Nokia M Platform
Time Written: 20110222214131.000000-480
Event Type: warning
User:
Computer Name: MAGED-AD797721F
Event Code: 1802
Message: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus and Firewall.
Record Number: 1805
Source Name: SecurityCenter
Time Written: 20110222214131.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 0
Message: Event Info: Failure opening database connection
Process: DefaultDomain
Object Name: Media Center Guide
Record Number: 1801
Source Name: Media Center Guide
Time Written: 20110222192754.000000-480
Event Type: error
User:
Computer Name: MAGED-AD797721F
Event Code: 0
Message: Event Info: Unable to initialize connection to the database.
Process: DefaultDomain
Object Name: Media Center Guide
Record Number: 1800
Source Name: Media Center Guide
Time Written: 20110222192739.000000-480
Event Type: error
User:
===== ????? ?????? ??????? =====
===== ????? ?????? ??????? =====توقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلReport 2011-03-02 12.20.06
QuickScan Beta 32-bit v0.9.9.52
-------------------------------
تاريخ المسح: Wed Mar 02 12:20:06 2011
عنوان الحاسب: 40BD5358
لم يتم العثور على عدوى
----------------------
البرامج
-------
غير مسجل Internet Download Manager (IDM) 2508 C:\Program Files\Internet Download Manager\IDMan.exe
غير مسجل Nokia M Platform 1184 C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
غير مسجل zyzoom.exe 460 C:\Zyzoom_Forum_Tools\zyzoom.exe
تم تفقده ATI Desktop Component 1168 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
تم تفقده ATI External Event Utility for WindowsN 940 C:\WINDOWS\system32\ati2evxx.exe
تم تفقده ATI External Event Utility for WindowsN 640 C:\WINDOWS\system32\ati2evxx.exe
تم تفقده autobahn.exe 2372 C:\Documents and Settings\maged\Local Settings\Application Data\Autobahn\autobahn.exe
تم تفقده BoostSpeed 1728 C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
تم تفقده Firefox 156 C:\Program Files\Mozilla Firefox\firefox.exe
تم تفقده hpqwmiex Module 4044 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
تم تفقده hsssrv.exe 2304 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
تم تفقده hsswd.exe 2520 C:\Program Files\Hotspot Shield\bin\hsswd.exe
تم تفقده IEMonitor Application 3496 C:\Program Files\Internet Download Manager\IEMonitor.exe
تم تفقده Java(TM) Platform SE 6 U23 2576 C:\Program Files\Java\jre6\bin\jqs.exe
تم تفقده Java(TM) Platform SE Auto Updater 2 0 672 C:\Program Files\Common Files\Java\Java Update\jusched.exe
تم تفقده Kaspersky Anti-Virus 3256 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
تم تفقده Lock My PC 1620 C:\Program Files\Lock My PC 4\lockpc.exe
تم تفقده Microsoft Distributed Transaction Coord 3364 C:\WINDOWS\system32\msdtc.exe
تم تفقده Microsoft® Windows® Operating System 3244 C:\WINDOWS\ehome\ehmsas.exe
تم تفقده Microsoft® Windows® Operating System 1924 C:\WINDOWS\ehome\ehRecvr.exe
تم تفقده Microsoft® Windows® Operating System 1928 C:\WINDOWS\ehome\ehSched.exe
تم تفقده Microsoft® Windows® Operating System 464 C:\WINDOWS\ehome\ehtray.exe
تم تفقده Microsoft® Windows® Operating System 3452 C:\WINDOWS\ehome\mcrdsvc.exe
تم تفقده Microsoft® Windows® Operating System 1452 C:\WINDOWS\explorer.exe
تم تفقده Microsoft® Windows® Operating System 3152 C:\WINDOWS\system32\alg.exe
تم تفقده Microsoft® Windows® Operating System 1848 C:\WINDOWS\system32\csrss.exe
تم تفقده Microsoft® Windows® Operating System 180 C:\WINDOWS\system32\ctfmon.exe
تم تفقده Microsoft® Windows® Operating System 3328 C:\WINDOWS\system32\dllhost.exe
تم تفقده Microsoft® Windows® Operating System 444 C:\WINDOWS\system32\lsass.exe
تم تفقده Microsoft® Windows® Operating System 432 C:\WINDOWS\system32\services.exe
تم تفقده Microsoft® Windows® Operating System 1520 C:\WINDOWS\system32\smss.exe
تم تفقده Microsoft® Windows® Operating System 800 C:\WINDOWS\system32\spoolsv.exe
تم تفقده Microsoft® Windows® Operating System 1672 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1824 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1260 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1156 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 2724 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 2880 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 2968 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1308 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 1012 C:\WINDOWS\system32\svchost.exe
تم تفقده Microsoft® Windows® Operating System 2636 C:\WINDOWS\system32\wbem\wmiprvse.exe
تم تفقده Microsoft® Windows® Operating System 272 C:\WINDOWS\system32\winlogon.exe
تم تفقده Microsoft® Windows® Operating System 2700 C:\WINDOWS\system32\wscntfy.exe
تم تفقده openvpnas.exe 392 C:\Program Files\Hotspot Shield\bin\openvpnas.exe
تم تفقده Quick Launch Buttons 660 C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
تم تفقده StartMan Application 2820 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
تم تفقده WindowBlinds -. 1976 C:\Program Files\AlienGUIse\wbload.exeيجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
انشطة الشبكة
------------
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 66.235.142.24
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 88.221.217.65
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 92.122.5.115
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 65.55.85.39
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 65.55.85.39
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 65.55.85.39
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 209.85.149.102
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 209.85.149.102
البرنامج firefox.exe (156) موصول على معبر 80 (HTTP) --> 92.123.156.20
البرنامج svchost.exe (1156) يستمع لمعبر: 135 (RPC)
البرنامج svchost.exe (2880) يستمع لمعبر: 2869 (SSDP event notification, UPNP)
الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
غير مسجل Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe
غير مسجل Nokia M Platform C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
تم تفقده fLoad C:\Program Files\AlienGUIse\fastload.dll
تم تفقده Adobe Acrobat C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
تم تفقده Adobe CS5 Service Manager C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
تم تفقده Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
تم تفقده Adobe Updater Startup Utility C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
تم تفقده ATI Desktop Component C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
تم تفقده autobahn.exe C:\Documents and Settings\maged\Local Settings\Application Data\Autobahn\autobahn.exe
تم تفقده ImScInst.exe C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
تم تفقده Java(TM) Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe
تم تفقده Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
تم تفقده Kaspersky Anti-Virus c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll
تم تفقده Kaspersky Anti-Virus c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll
تم تفقده Kaspersky Anti-Virus C:\WINDOWS\system32\klogon.dll
تم تفقده Microsoft IME 2002 C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\ehome\ehtray.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\browseui.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\dimsntfy.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\shell32.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
تم تفقده Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\wpdshserviceobj.dll
تم تفقده PC Tools Smart Update C:\Program Files\Registry Mechanic\Update.exe
تم تفقده Quick Launch Buttons C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
تم تفقده Registry Mechanic C:\Program Files\Registry Mechanic\RegMech.exe
تم تفقده SBSV 2010/02/19-11:02:07 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
تم تفقده Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
تم تفقده µTorrent C:\Program Files\uTorrent\uTorrent.exe
تم تفقده 新注音 C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
وصلات المتصفح
-------------
غير مسجل Java(TM) Platform SE 6 U23 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
تم تفقده 2007 Microsoft Office system C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
تم تفقده AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
تم تفقده Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
تم تفقده Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
تم تفقده BitDefender QuickScan C:\Documents and Settings\maged\Application Data\Mozilla\Firefox\Profiles\oi6ent9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
تم تفقده BitDefender QuickScan C:\Documents and Settings\maged\Application Data\Mozilla\Firefox\Profiles\oi6ent9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
تم تفقده BitDefender QuickScan C:\Documents and Settings\maged\Application Data\Mozilla\Firefox\Profiles\oi6ent9j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll (deleted)
تم تفقده hssie.dll c:\program files\hotspot shield\hssie\hssie.dll
تم تفقده Internet Download Manager Module c:\program files\internet download manager\idmiecc.dll
تم تفقده Java Deployment Toolkit 6.0.230.5 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
تم تفقده Java(TM) Platform SE 6 U23 c:\program files\java\jre6\bin\jp2ssv.dll
تم تفقده Java(TM) Platform SE 6 U23 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
تم تفقده Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2011\ievkbd.dll
تم تفقده Kaspersky Anti-Virus c:\program files\kaspersky lab\kaspersky internet security 2011\klwtbbho.dll
تم تفقده Microsoft® Windows Live Login Helper c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
تم تفقده Microsoft® Windows® Operating System C:\WINDOWS\system32\winrnr.dll
تم تفقده Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
تم تفقده NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
تم تفقده RealPlayer Version Plugin C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
تم تفقده RealPlayer Version Plugin C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
تم تفقده RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
تم تفقده RealPlayer(tm) G2 LiveConnect-Enabled P C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
تم تفقده Snagit c:\program files\techsmith\snagit 10\snagitbho.dll
تم تفقده Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
تم تفقده Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
الملفات الناقصة
---------------
الملف Ati2evxx.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent\"DllName"
الملف C:\WINDOWS\System32\hidserv.dll غيرموجود
--> HKLM\System\ControlSet001\services\HidServ\Parameters\"ServiceDll"
الملف Explorer.exe غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell"
الملف WlNotify.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn\"DllName"
الملف cmd.exe غيرموجود
--> HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\"AlternateShell"
الملف crypt32.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain\"DllName"
الملف cryptnet.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet\"DllName"
الملف cscdll.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll\"DllName"
الملف fsp_lmwl.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fsp_lmwl\"DllName"
الملف logonui.exe غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"UIHost"
الملف sclgntfy.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy\"DllName"
الملف shell32.dll غيرموجود
--> HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32\"(default)"
الملف wbsys.dll غيرموجود
--> HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\"AppInit_DLLs"
الملف wlnotify.dll غيرموجود
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\"DllName"
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule\"DllName"
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv\"DllName"
--> HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon\"DllName"
مسح
---
غير مسجل MD5: 4762585d4e256064ede16e97433ed049 C:\Program Files\Common Files\Nokia\MPlatform\MItemPlugins.dll
غير مسجل MD5: 1f6b168a0c888e978cf5a0d94a84cc69 C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
غير مسجل MD5: 661b770bc4cb72ee4e4b17c5a62b994f C:\Program Files\Hotspot Shield\bin\libeay32.dll
غير مسجل MD5: 09abd85bf89bcdf87925cd852a7e2eea C:\Program Files\Internet Download Manager\IDMan.exe
غير مسجل MD5: ea8fcf30d2961369435c84ce3b3063f1 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
غير مسجل MD5: 9ca986db205f5a6f273a57b24fbc310f C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
غير مسجل MD5: e72b70c57c4229d339fe110951932392 C:\Program Files\Mozilla Firefox\freebl3.dll
غير مسجل MD5: 3d07aceebe516a561767117c43088f2c C:\Program Files\Mozilla Firefox\nssdbm3.dll
غير مسجل MD5: 2935447938967fdd07dd9118dfb4afb2 C:\Program Files\Mozilla Firefox\softokn3.dll
غير مسجل MD5: 9dddf4ab74dd81ab0e0ee56a114634b0 C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
غير مسجل MD5: 7d3903af48e6c1dc2704eafcb608d031 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
غير مسجل MD5: d6969d52430aff7c1891780ba0068f19 C:\Zyzoom_Forum_Tools\zyzoom.exe
لم يتم تحميل اي ملف
انتهاء المسح - تم الاتصال خلال 10 ثواني
الحجم الاجمالي - تم ارسال 0.04 ميجابايت و تم استقبال 4.57
تم مسح 1006 ملف و برنامج - 16 ثواني
==============================================================================توقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلsoftlist
====== ??????? ???? ??????? ======
X86 WIN_XP 2600 Service Pack 3
====== ????? ??????? ??????? ======
µTorrent
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop CS5
Adobe Reader 9 - Arabic
Adobe Stock Photos 1.0
Adobe® Flash® Player 10 ActiveX
AIMP2
AlienGUIse Theme Manager
ATI - Software Uninstall Utility
Auslogics BoostSpeed
Autobahn
AutoPlay Media Studio 8 Trial
Broadcom 802.11 Wireless LAN Adapter
Conexant AC-Link Audio
FormatFactory 2.60
Golden Al-Wafi Translator
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotspot Shield 1.57
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 23
Kaspersky Internet Security 2011
Kaspersky Internet Security 2011
K-Lite Codec Pack 6.4.0 (Full)
Lock My PC 4.7
MediaWiper
Messenger Plus! 5
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.13)
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 6.0 Parser
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
NSS (remove only)
Ovi Desktop Sync Engine
OviMPlatform
PC Connectivity Solution
PC Icon Editor
PDF Settings CS5
Real Alternative 1.48
REALTEK GbE & FE Ethernet PCI NIC Driver
Registry Mechanic 10.0
Royal AIO Theme
Segoe UI
Skype™ 4.2
Snagit 10
Soft Data Fax Modem with SmartCP
TeraCopy 2.12
Texas Instruments PCIxx21/x515/xx12 drivers.
The KMPlayer (remove only)
TIPCI
UltraISO Premium V9.36
WebFldrs XP
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
WinRAR archiver
Your Uninstaller! 2010
???? ??????? Windows Live Upload Tool
????? ????? ?????? ??? Windows Liveتوقيع : land moon
تأييد 0
land moon
زيزوومى مبدع
غير متصلsreport
"Silent Runners.vbs", revision 61,يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
Operating System: Windows XP SP3
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"IDMan" = "C:\Program Files\Internet Download Manager\IDMan.exe /onboot" ["Tonec Inc."]
"uTorrent" = ""C:\Program Files\uTorrent\uTorrent.exe"" ["BitTorrent, Inc."]
"(Default)" = "(empty string)" [file not found]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ehTray" = "C:\WINDOWS\ehome\ehtray.exe" [MS]
"IMJPMIG8.1" = ""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32" [MS]
"MSPY2002" = "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC" [null data]
"PHIME2002ASync" = "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC" [MS]
"PHIME2002A" = "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName" [MS]
"eabconfg.cpl" = "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start" ["Hewlett-Packard "]
"SunJavaUpdateSched" = ""C:\Program Files\Common Files\Java\Java Update\jusched.exe"" ["Sun Microsystems, Inc."]
"Adobe Reader Speed Launcher" = ""C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"" ["Adobe Systems Incorporated"]
"AVP" = ""C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"" ["Kaspersky Lab ZAO"]
"ATIPTA" = ""C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"" ["ATI Technologies, Inc."]
"NokiaMServer" = "C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup" ["Nokia"]
"AdobeAAMUpdater-1.0" = ""C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"" ["Adobe Systems Incorporated"]
"SwitchBoard" = "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" ["Adobe Systems Incorporated"]
"AdobeCS5ServiceManager" = ""C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin" ["Adobe Systems Incorporated"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{0055C089-8582-441B-A0BF-17B458C2A3A8}\(Default) = "IDM Helper"
-> {HKLM...CLSID} = "IDMIEHlprObj Class"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMIECC.dll" ["Tonec Inc."]
{00C6482D-C502-44C8-8409-FCE54AD9C208}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SnagIt Toolbar Loader"
\InProcServer32\(Default) = "C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll" ["TechSmith Corporation"]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = "AcroIEHelperStub"
-> {HKLM...CLSID} = "Adobe PDF Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll" ["Adobe Systems Incorporated"]
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}\(Default) = "IEVkbdBHO"
-> {HKLM...CLSID} = "IEVkbdBHO Class"
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll" ["Kaspersky Lab ZAO"]
{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM...CLSID} = "***** ***** ****** *** Windows Live" (unwritable string)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll" [MS]
{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Java(tm) Plug-In 2 SSV Helper"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\bin\jp2ssv.dll" ["Sun Microsystems, Inc."]
{E33CF602-D945-461A-83F0-819F76A199F8}\(Default) = "link filter bho"
-> {HKLM...CLSID} = "FilterBHO Class"
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll" ["Kaspersky Lab ZAO"]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = "JQSIEStartDetectorImpl"
-> {HKLM...CLSID} = "JQSIEStartDetectorImpl Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll" ["Sun Microsystems, Inc."]
{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Hotspot Shield Class"
\InProcServer32\(Default) = "C:\Program Files\Hotspot Shield\HssIE\HssIE.dll" ["AnchorFree Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\
DropboxExt1\(Default) = "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
DropboxExt2\(Default) = "{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
DropboxExt3\(Default) = "{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
DropboxExt4\(Default) = "{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
IDM Shell Extension\(Default) = "{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]
"{1F77B17B-F531-44DB-ACA4-76ABB5010A28}" = "AIMP2: ShellExt"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
"{CDC95B92-E27C-4745-A8C5-64A52A78855D}" = "IDM Shell Extension"
-> {HKLM...CLSID} = "IDM Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Internet Download Manager\IDMShellExt.dll" ["Tonec Inc."]
"{AD392E40-428C-459F-961E-9B147782D099}" = "UltraISO"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS]
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
-> {HKLM...CLSID} = "Microsoft Office Metadata Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
-> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" = "Snagit"
-> {HKLM...CLSID} = "Snagit"
\InProcServer32\(Default) = "C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll" ["TechSmith Corporation"]
"{CF74B903-3389-469c-B3B6-0204D204FCBD}" = "SnagIt Shell Extension"
-> {HKLM...CLSID} = "SnagItShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\TechSmith\Snagit 10\SnagitShellExt.dll" ["TechSmith Corporation"]
"{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}" = "TeraCopy"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopy.dll" [null data]
"{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}" = "TeraCopy"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopyExt.dll" [null data]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\WPDShServiceObj.dll" [MS]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
<<!>> "AppInit_DLLs" = "wbsys.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll" [file not found]
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
<<!>> fsp_lmwl\DLLName = "fsp_lmwl.dll" ["FSPro Labs"]
<<!>> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab ZAO"]
<<!>> WB\DLLName = "C:\Program Files\AlienGUIse\fastload.dll" ["Stardock"]
HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]
HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\
<<!>> livecall\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]
<<!>> ms-help\CLSID = "{314111c7-a502-11d2-bbca-00c04f8ec294}"
-> {HKLM...CLSID} = "HxProtocol Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll" [MS]
<<!>> msnim\CLSID = "{828030A1-22C1-4009-854F-8E305202313F}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL" [MS]
<<!>> skype4com\CLSID = "{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}"
-> {HKLM...CLSID} = "IEProtocolHandler Class"
\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL" ["Skype Technologies"]
HKCU\Software\Classes\*\shellex\ContextMenuHandlers\
DropboxExt\(Default) = "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll" ["Kaspersky Lab ZAO"]
SnagItMainShellExt\(Default) = "{CF74B903-3389-469c-B3B6-0204D204FCBD}"
-> {HKLM...CLSID} = "SnagItShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\TechSmith\Snagit 10\SnagitShellExt.dll" ["TechSmith Corporation"]
TeraCopy\(Default) = "{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopyExt.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\
TeraCopy\(Default) = "{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopy.dll" [null data]
HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\
DropboxExt\(Default) = "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\
AIMPClassic\(Default) = "{1F77B17B-F531-44DB-ACA4-76ABB5010A28}"
-> {HKLM...CLSID} = "AIMP2: ShellExt"
\InProcServer32\(Default) = "C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL" ["AIMP DevTeam"]
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll" ["Kaspersky Lab ZAO"]
SnagItMainShellExt\(Default) = "{CF74B903-3389-469c-B3B6-0204D204FCBD}"
-> {HKLM...CLSID} = "SnagItShellExt Class"
\InProcServer32\(Default) = "C:\Program Files\TechSmith\Snagit 10\SnagitShellExt.dll" ["TechSmith Corporation"]
TeraCopy\(Default) = "{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopyExt.dll" [null data]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\
TeraCopy\(Default) = "{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopy.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\
DropboxExt\(Default) = "{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
-> {HKCU...CLSID} = "DropboxExt"
\InProcServer32\(Default) = "C:\Documents and Settings\maged\Application Data\Dropbox\bin\DropboxExt.14.dll" ["Dropbox, Inc."]
HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\
TeraCopy\(Default) = "{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopyExt.dll" [null data]
HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]
HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\shellex.dll" ["Kaspersky Lab ZAO"]
TeraCopy\(Default) = "{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopyExt.dll" [null data]
UltraISO\(Default) = "{AD392E40-428C-459F-961E-9B147782D099}"
-> {HKLM...CLSID} = "UIContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\UltraISO\isoshell.dll" ["EZB Systems, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\
TeraCopy\(Default) = "{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\TeraCopy\TeraCopy.dll" [null data]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" ["Alexander Roshal"]
Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------
Note: detected settings may not have any effect.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\
"InstallVisualStyle" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
{unrecognized setting}
"InstallTheme" = (REG_EXPAND_SZ) C:\WINDOWS\Resources\Themes\Royale.theme
{unrecognized setting}
Active Desktop and Wallpaper:
-----------------------------
Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\Darkstar.bmp"
Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Darkstar.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\wpgldfsh.scr" [MS]
Windows Portable Device AutoPlay Handlers
-----------------------------------------
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\
BridgeCS5ImportMediaOnArrival\
"Provider" = "Adobe Bridge CS5"
"InvokeProgID" = "Adobe.adobebridgeCS5"
"InvokeVerb" = "launch"
HKLM\SOFTWARE\Classes\Adobe.adobebridgeCS5\shell\launch\command\(Default) = "C:\Program Files\Adobe\Adobe Bridge CS5\bridgeproxy.exe -v %1" ["Adobe Systems, Inc."]
BridgeCS5NonVolumeHandler\
"Provider" = "Adobe Bridge CS5"
"ProgID" = "Adobe.adobebridgeMTP_1"
HKLM\SOFTWARE\Classes\Adobe.adobebridgeMTP_1\CLSID\(Default) = "{1E6C711B-6D70-4a65-8AB6-745DC19BE2A6}"
-> {HKLM...CLSID} = "Adobe Bridge CS5"
\LocalServer32\(Default) = "C:\Program Files\Adobe\Adobe Bridge CS5\bridgeproxy.exe -m" ["Adobe Systems, Inc."]
EHomeMusicDropTarget\
"Provider" = "Media Center"
"InvokeProgID" = "EHomeDropTarget.EHomeMusicDropTarget"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeMusicDropTarget\shell\play\DropTarget\CLSID = "{ED87EFF3-FF22-404E-B2BD-BC3841BDCB2C}"
-> {HKLM...CLSID} = "EHomeMusicDropTarget Class"
\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]
EHomePhotosHandler\
"Provider" = "Media Center"
"InvokeProgID" = "EHomeDropTarget.EHomePhotosHandler"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomePhotosHandler\shell\play\DropTarget\CLSID = "{4b7601c1-d292-4902-89f4-583a5ce0c535}"
-> {HKLM...CLSID} = "EHomePhotosHandler Class"
\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]
EHomeVideoDropTarget\
"Provider" = "Media Center"
"InvokeProgID" = "EHomeDropTarget.EHomeVideoDropTarget"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideoDropTarget\shell\play\DropTarget\CLSID = "{A48E70A4-8E15-4465-9D85-CCE9E63F8AAB}"
-> {HKLM...CLSID} = "EHomeVideoDropTarget Class"
\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]
EHomeVideosHandler\
"Provider" = "Media Center"
"InvokeProgID" = "EHomeDropTarget.EHomeVideosHandler"
"InvokeVerb" = "play"
HKLM\SOFTWARE\Classes\EHomeDropTarget.EHomeVideosHandler\shell\play\DropTarget\CLSID = "{4f61ec50-acef-4ae7-b4c6-b19bddc0f745}"
-> {HKLM...CLSID} = "EHomeVideosHandler Class"
\InProcServer32\(Default) = "C:\WINDOWS\eHome\ehdrop.dll" [MS]
MPCPlayCDAudioOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayCDAudio"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /cd" ["MPC-HC Team"]
MPCPlayDVDMovieOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayDVDMovie"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1 /dvd" ["MPC-HC Team"]
MPCPlayMusicFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayMusicFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1" ["MPC-HC Team"]
MPCPlayVideoFilesOnArrival\
"Provider" = "Media Player Classic"
"InvokeProgID" = "MediaPlayerClassic.Autorun"
"InvokeVerb" = "PlayVideoFiles"
HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = ""C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe" %1" ["MPC-HC Team"]
MSWPDShellNamespaceHandler\
"Provider" = "@%SystemRoot%\System32\WPDShextRes.dll,-501"
"CLSID" = "{A55803CC-4D53-404c-8557-FD63DBA95D24}"
"InitCmdLine" = " "
-> {HKLM...CLSID} = "WPDShextAutoplay"
\LocalServer32\(Default) = "C:\WINDOWS\system32\WPDShextAutoplay.exe" [MS]
Startup items in "maged" & "All Users" startup folders:
-------------------------------------------------------
C:\Documents and Settings\maged\Start Menu\Programs\Startup
"Adobe Gamma" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
"autobahn" -> shortcut to: "C:\Documents and Settings\maged\Local Settings\Application Data\Autobahn\autobahn.exe" [null data]
Enabled Scheduled Tasks:
------------------------
"Auslogics BoostSpeed Integrator Start On maged Logon" -> launches: "C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe -UseTray" ["Auslogics"]
"RMSchedule" -> launches: "C:\Program Files\Registry Mechanic\RegMech.exe /F" ["PC Tools"]
"RMSmartUpdate" -> launches: "C:\Program Files\Registry Mechanic\Update.exe /SILENT /PRODUCT=RM /VERSION=10.0.0.132 /PID=0 /SUBPRODUCT=NRM" ["PC Tools"]
"Scheduled Update for Ask Toolbar" -> launches: "C:\Program Files\Ask.com\UpdateTask.exe" [file not found]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Explorer Bars
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Research"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL" [MS]
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{4248FE82-7FCB-46AC-B270-339F08212110}\
"ButtonText" = "&Virtual Keyboard"
"CLSIDExtension" = "{4248FE82-7FCB-46AC-B270-339F08212110}"
-> {HKLM...CLSID} = "VirtualKeyboardButtonHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll" ["Kaspersky Lab ZAO"]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"
{CCF151D8-D089-449F-A5A4-D9909053F20F}\
"ButtonText" = "URLs c&heck"
"CLSIDExtension" = "{CCF151D8-D089-449F-A5A4-D9909053F20F}"
-> {HKLM...CLSID} = "FilterButtonHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll" ["Kaspersky Lab ZAO"]
{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Hotspot Shield Monitoring Service, HssWd, "C:\Program Files\Hotspot Shield\bin\hsswd.exe -product HSS" [null data]
Hotspot Shield Routing Service, HssSrv, "C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe" ["AnchorFree Inc."]
Hotspot Shield Service, HotspotShieldService, "C:\Program Files\Hotspot Shield\bin\openvpnas.exe" [null data]
hpqwmiex, hpqwmiex, "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" ["Hewlett-Packard Development Company, L.P."]
Java Quick Starter, JavaQuickStarterService, ""C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"" ["Sun Microsystems, Inc."]
Media Center Extender Service, McrdSvc, "C:\WINDOWS\ehome\mcrdsvc.exe" [MS]
Media Center Receiver Service, ehRecvr, "C:\WINDOWS\eHome\ehRecvr.exe" [MS]
Media Center Scheduler Service, ehSched, "C:\WINDOWS\eHome\ehSched.exe" [MS]
PC Tools Startup and Shutdown Monitor service, PCToolsSSDMonitorSvc, "C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe" ["PC Tools"]
Windows Driver Foundation - User-mode Driver Framework, WudfSvc, "C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup" {"C:\WINDOWS\System32\WUDFSvc.dll" [MS]}
Keyboard Driver Filters:
------------------------
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\
HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}\
<<!>> "UpperFilters" = "kbdclass" [MS],<<!>> "lmpc4" ["FSPro Labs"]
---------- (launch time: 2011-03-02 12:24:04)
<<!>>: Suspicious data at a malware launch point.
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 84 seconds, including 15 seconds for message boxes)توقيع : land moon
تأييد 0
alemalbyelaram
عضو شرف
- إنضم
- 10 سبتمبر 2008
- المشاركات
- 38,388
- مستوى التفاعل
- 1,008
- النقاط
- 1,020
- الإقامة
- ˚ஐ˚◦{ ♥ in my dreams˚ஐ˚◦{ ♥
غير متصل
الحمد لله على انتهاء المشكله
،
يغلق
توقيع : alemalbyelaram
تأييد 0- الحالة
