مشكلة في إغلاق الجهاز

START · 10 مايو 2009

السلام عليكم ورحمة الله وبركاتة

أحبتي جهازي المحمول حينما اقوم بإيقاف تشغيله تمر فتره طويلة ثم ينطفئ مع العلم انه كان ينطفئ بسرعه
نسحة جهازي

هذه صورة من خصائص الكمبيوتر

وبرنامج الحماية الذي لدي ففقط الكاسبر وشكرا

KoNaMi · 10 مايو 2009

حياك اخوي

اعمل الاتي

تقرير هايجاك
حمل هذا البرنامج

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم

START · 10 مايو 2009

شكرا أخي
لما ضغطت على Do a system scan and save log ظهرت لي هذه النافذه

وهذا التقرير تفضل
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:39:14 م, on 10/05/09
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\System32\rundll32.exe
C:\Documents and Settings\px.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\Users\KENZ\Documents\Downloads\Programs\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: مساعد تسجيل الدخول إلى Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [{3E95BA42-1459-E899-FD57-6CBCC6A427B9}] C:\Users\KENZ\AppData\Roaming\server.exe
O4 - HKCU\..\Run: [{14F38061-0A03-EE88-2996-7F3AAD6C9AC2}] C:\Documents and Settings\px.exe
O4 - HKCU\..\Run: [momo] C:\Documents and Settings\px.exe
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Enable Psx Autoplay.lnk = C:\Program Files\delta\Delta.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: إضافة إلى حاجب الدعايات - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى FLV بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: تدوين هذا في المدونة - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &تدوين هذا في Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9115 bytes

KoNaMi · 10 مايو 2009

عاديه هذة الرساله يالغلاا دايم تتطلع في الفيستا

طيب يالغلاا ابي اسألك هل نسخه الفيستا عندك اصليه ولا انت منشطها بكراك ؟؟؟؟

START · 10 مايو 2009

النسخة جات مع الجهاز الجهاز جديد وهذه النسحة هي مثبته من أول ماشريته

KoNaMi · 10 مايو 2009

اوكي يالغلاا الحين اعمل الاتي

عطل جميع برامج الحمايه

نزل هذه الاداة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ،، وبذلك يكون الفحص انتهى الصق التقرير بمشاركتك القادمة

START · 10 مايو 2009

تفضل اخوي

ComboFix 09-05-09.05 - KENZ 05/10/2009 22:14.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.966.1033.18.3069.1970 [GMT 3:00]
Running from: c:\users\KENZ\Documents\Downloads\Programs\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *disabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\KENZ\AppData\Roaming\addon.dat
c:\users\KENZ\AppData\Roaming\server.exe
c:\windows\~INSX362.EXE
c:\windows\system32\l6fsm8t.dll
c:\windows\system32\prsgrc.dll
c:\windows\system32\ssprs.dll

.
((((((((((((((((((((((((( Files Created from 2009-04-10 to 2009-05-10 )))))))))))))))))))))))))))))))
.

2009-05-07 22:12 . 2009-05-07 22:12 -------- d-----w c:\program files\Metal Gear Solid
2009-05-07 14:14 . 2009-03-09 12:27 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
2009-05-07 14:14 . 2009-03-09 12:27 453456 ----a-w c:\windows\system32\d3dx10_41.dll
2009-05-07 14:14 . 2009-03-09 12:27 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
2009-05-07 14:14 . 2009-03-16 11:18 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
2009-05-07 14:14 . 2009-03-16 11:18 517448 ----a-w c:\windows\system32\XAudio2_4.dll
2009-05-07 14:12 . 2009-05-07 14:11 118104 ----a-w c:\windows\dxsdkuninst.exe
2009-05-07 14:12 . 2009-05-07 14:16 -------- d-----w c:\program files\Microsoft DirectX SDK (March 2009)
2009-05-05 07:22 . 2009-05-05 07:22 -------- d-----w c:\program files\SlySoft
2009-05-04 22:45 . 2009-05-04 22:45 -------- d-----w c:\program files\SystemRequirementsLab
2009-05-04 22:45 . 2009-05-04 22:45 -------- d-----w c:\users\KENZ\AppData\Roaming\SystemRequirementsLab
2009-05-03 21:54 . 2009-05-03 21:55 -------- d-----w c:\program files\Wik And The Fable Of Souls
2009-05-03 21:03 . 2009-05-03 21:03 -------- d-----w C:\My Games
2009-05-03 19:43 . 2009-05-03 19:43 -------- d-----w c:\program files\BFG
2009-05-02 15:11 . 2009-05-02 15:11 -------- d-----w c:\users\KENZ\AppData\Roaming\Genimo
2009-05-02 14:49 . 2009-05-04 09:59 38 ----a-w c:\users\KENZ\AppData\Local\Index_4E29823E.dat
2009-05-02 13:27 . 2009-05-02 13:27 -------- d-----w c:\users\KENZ\AppData\Local\Helicon
2009-05-02 13:25 . 2009-05-02 13:25 -------- d-----w c:\program files\Common Files\Nikon
2009-05-02 13:25 . 2009-05-02 13:25 -------- d-----w c:\program files\Movie Player ActiveX Control
2009-05-02 13:25 . 2009-05-02 13:25 -------- d-----w c:\program files\Audio Capture ActiveX Control
2009-05-01 22:19 . 2009-05-01 22:19 -------- d-----w c:\program files\Butterfly Escape
2009-05-01 18:44 . 2009-05-01 18:44 589824 ----a-w c:\program files\gpupec.dll
2009-05-01 18:44 . 2009-05-07 16:45 -------- d-----w c:\program files\psx emulation cheater
2009-04-30 09:02 . 2009-04-30 09:02 -------- d-----w C:\THETOMB
2009-04-30 08:55 . 2009-04-30 08:55 -------- d-----w C:\GAME1000
2009-04-30 08:55 . 1994-03-30 21:00 39424 ----a-w c:\windows\system\DDEML.DLL
2009-04-30 08:55 . 1993-04-27 21:00 7008 ----a-w c:\windows\system\SETUPKIT.DLL
2009-04-30 08:55 . 1991-05-09 22:00 271264 ----a-w c:\windows\system\VBRUN100.DLL
2009-04-30 08:55 . 1992-10-20 20:00 356992 ----a-w c:\windows\system\VBRUN200.DLL
2009-04-30 08:55 . 1993-11-18 21:00 398416 ----a-w c:\windows\system\VBRUN300.DLL
2009-04-30 08:55 . 1995-06-30 14:04 28433 ----a-w c:\windows\SETUP1.EXE
2009-04-30 08:36 . 2009-04-30 08:36 7680 ----a-w c:\windows\~INSX462.EXE
2009-04-29 14:38 . 2009-04-29 14:38 -------- d-----w c:\programdata\n7-89-o9-3r-4t-r9
2009-04-29 14:38 . 2009-04-29 14:38 -------- d-----w c:\users\All Users\n7-89-o9-3r-4t-r9
2009-04-29 14:36 . 2009-04-29 14:36 -------- d-----w c:\users\KENZ\AppData\Roaming\GameHouse
2009-04-29 14:36 . 2007-01-07 16:44 802816 ----a-w c:\windows\FeedingFrenzy.scr
2009-04-29 14:36 . 2009-04-29 14:36 -------- d-----w c:\program files\GameHouse
2009-04-29 08:08 . 2009-04-29 08:08 -------- d-----w c:\program files\Ozzy Bubbles
2009-04-29 08:07 . 2009-04-29 08:07 -------- d-----w c:\program files\ReflexiveArcade
2009-04-28 07:17 . 2009-04-28 07:17 -------- d-----w c:\program files\GameTop.com
2009-04-27 08:52 . 1998-09-02 08:28 38160 ----a-w c:\windows\system32\LMRTREND.dll
2009-04-27 08:52 . 1998-09-02 08:28 155408 ----a-w c:\windows\system32\LMRT.dll
2009-04-27 08:52 . 1998-08-27 04:51 182032 ----a-w c:\windows\system32\dxtmsft3.dll
2009-04-27 08:52 . 1998-08-20 10:38 217984 ----a-w c:\windows\system32\strmdll.dll
2009-04-27 08:52 . 1998-09-02 08:28 63488 ----a-w c:\windows\system32\unam4ie.exe
2009-04-27 08:52 . 1998-08-17 09:21 10240 ----a-w c:\windows\system32\vidx16.dll
2009-04-27 08:52 . 1998-08-17 09:21 11776 ----a-w c:\windows\system32\mciqtz.drv
2009-04-27 08:52 . 1998-09-02 08:02 194320 ----a-w c:\windows\system32\qcut.dll
2009-04-27 08:52 . 2009-04-27 08:52 4608 ----a-w c:\windows\system32\w95inf32.dll
2009-04-27 08:52 . 2009-04-27 08:52 2272 ----a-w c:\windows\system32\w95inf16.dll
2009-04-27 03:58 . 2009-04-27 03:58 -------- d-----w C:\Buziol Games
2009-04-27 01:23 . 2009-04-27 01:30 -------- d-----w C:\Lyrics
2009-04-27 01:23 . 2009-04-27 01:25 -------- d-----w c:\users\KENZ\AppData\Roaming\MiniLyrics
2009-04-26 23:17 . 2005-05-26 15:34 2297552 ----a-w c:\windows\system32\d3dx9_26.dll
2009-04-25 02:09 . 2009-04-25 02:09 -------- d-----w c:\program files\PowerISO
2009-04-19 06:28 . 2008-09-16 19:23 168448 ----a-w c:\windows\system32\unrar.dll
2009-04-19 06:28 . 2009-04-19 06:28 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-17 20:24 . 2009-04-17 20:24 -------- d-----w c:\programdata\Roxio
2009-04-17 20:24 . 2009-04-17 20:24 -------- d-----w c:\users\All Users\Roxio
2009-04-17 20:24 . 2009-04-17 20:24 -------- d-----w c:\users\KENZ\AppData\Roaming\Roxio
2009-04-16 04:27 . 2009-04-16 04:27 -------- d-----w c:\users\KENZ\AppData\Roaming\Filter Forge
2009-04-16 04:06 . 2006-11-10 16:41 1030144 ----a-w c:\windows\system32\dbghelp-xfw.dll
2009-04-15 21:52 . 2009-04-15 22:39 -------- d-----w c:\program files\Tunatic
2009-04-15 11:57 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-15 11:37 . 2009-02-13 08:49 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-04-15 11:37 . 2009-02-13 08:49 72704 ----a-w c:\windows\system32\secur32.dll
2009-04-15 11:37 . 2009-03-17 03:38 13824 ----a-w c:\windows\system32\apilogen.dll
2009-04-15 11:37 . 2009-03-17 03:38 24064 ----a-w c:\windows\system32\amxread.dll
2009-04-15 11:36 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-15 11:36 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-15 11:36 . 2009-03-03 04:37 3600880 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-04-15 11:36 . 2009-03-03 04:37 3548656 ----a-w c:\windows\system32\ntoskrnl.exe
2009-04-15 11:36 . 2009-03-03 04:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-04-15 11:36 . 2009-03-03 03:04 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-04-15 11:36 . 2009-03-03 04:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-04-15 11:36 . 2009-03-03 04:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-04-15 11:36 . 2009-03-03 04:37 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-04-15 11:36 . 2009-03-03 04:37 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-04-15 11:36 . 2009-03-03 04:37 54784 ----a-w c:\windows\system32\iasads.dll
2009-04-15 11:36 . 2009-03-03 02:38 17408 ----a-w c:\windows\system32\iashost.exe
2009-04-14 13:45 . 2009-04-14 13:45 -------- d-----w c:\users\KENZ\Library
2009-04-14 13:45 . 2009-04-14 13:45 -------- d-----w c:\users\KENZ\AppData\Roaming\com.adobe.ExMan
2009-04-12 20:29 . 2009-04-12 20:29 -------- d-----w c:\program files\Common Files\Macrovision Shared
2009-04-12 16:24 . 2009-04-12 16:24 -------- d-----w c:\programdata\FLEXnet
2009-04-12 16:24 . 2009-04-12 16:24 -------- d-----w c:\users\All Users\FLEXnet
2009-04-12 16:18 . 2009-04-12 16:18 -------- d-----w c:\program files\Adobe Media Player
2009-04-12 16:17 . 2009-04-12 16:17 -------- d-----w c:\program files\Common Files\Adobe AIR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-10 19:08 . 2009-03-20 11:32 811040 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-05-10 19:08 . 2009-03-20 11:32 4900 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-05-10 19:08 . 2009-03-20 11:32 3842080 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-05-10 19:08 . 2009-03-20 11:32 32144 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-05-10 19:07 . 2009-01-27 15:30 4592 ----a-w c:\windows\bthservsdp.dat
2009-05-08 12:13 . 2009-03-18 18:58 27240 ----a-w c:\users\KENZ\AppData\Roaming\nvModes.dat
2009-05-05 07:34 . 2009-01-27 14:47 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-01 18:44 . 2009-05-01 18:44 117 ----a-w c:\program files\pec.ini
2009-04-30 17:08 . 2009-03-18 15:49 168952 ----a-w c:\users\KENZ\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-28 13:33 . 2009-04-08 23:11 328 ----a-w c:\users\KENZ\AppData\Roaming\wklnhst.dat
2009-04-26 23:48 . 2009-03-18 18:58 680 ----a-w c:\users\KENZ\AppData\Local\d3d9caps.dat
2009-04-23 03:10 . 2009-03-18 23:10 -------- d-----w c:\program files\Messenger Plus! Live
2009-04-22 04:24 . 2009-03-19 14:24 -------- d-----w c:\program files\Internet Download Manager
2009-04-14 20:21 . 2008-08-14 04:57 73312 ----a-w c:\windows\system32\drivers\adfs.sys
2009-04-14 19:55 . 2009-01-27 14:59 -------- d-----w c:\program files\Common Files\Adobe
2009-04-12 21:23 . 2009-03-27 04:33 -------- d-----w c:\program files\DCETools
2009-04-10 15:36 . 2009-04-10 15:36 -------- d-----w c:\program files\Paltalk Messenger
2009-04-08 22:59 . 2009-04-08 22:59 -------- d-----w c:\program files\uTorrent
2009-04-08 18:02 . 2009-04-08 18:01 -------- d-----w c:\program files\Vertus Fluid Mask 3
2009-04-08 18:01 . 2009-04-08 18:01 1024 ----a-w c:\windows\system32\lau35cy.dll
2009-04-08 18:01 . 2009-04-08 18:01 1024 ----a-w c:\windows\system32\grcauth2.dll
2009-04-08 18:01 . 2009-04-08 18:01 1024 ----a-w c:\windows\system32\grcauth1.dll
2009-04-08 18:01 . 2009-04-08 18:01 1024 ----a-w c:\windows\system32\clauth2.dll
2009-04-08 18:01 . 2009-04-08 18:01 1024 ----a-w c:\windows\system32\clauth1.dll
2009-04-07 11:36 . 2009-04-07 11:36 -------- d-----w c:\program files\MSXML 4.0
2009-04-05 16:40 . 2009-04-05 16:40 -------- d-----w c:\program files\Serif
2009-04-03 17:06 . 2009-04-03 16:22 -------- d-----w c:\program files\SWiSHmax
2009-04-01 08:16 . 2009-04-01 08:15 -------- d-----w c:\program files\QuickTime
2009-04-01 08:15 . 2009-04-01 08:15 -------- d-----w c:\program files\Apple Software Update
2009-03-26 22:31 . 2009-03-26 22:32 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-26 22:31 . 2009-01-27 14:43 -------- d-----w c:\program files\Java
2009-03-26 15:35 . 2009-04-03 13:24 210352 ----a-w c:\windows\system32\idmmbc.dll
2009-03-25 22:11 . 2009-03-18 18:09 -------- d-----w c:\program files\JetAudio
2009-03-20 14:04 . 2009-03-20 14:04 -------- d-----w c:\program files\Common Files\ACD Systems
2009-03-20 14:04 . 2009-03-20 14:04 -------- d-----w c:\program files\ACD Systems
2009-03-20 12:07 . 2008-01-29 14:29 33808 ----a-w c:\windows\system32\drivers\klbg.sys
2009-03-20 12:07 . 2009-03-20 11:33 89601 ----a-w c:\windows\system32\drivers\klick.dat
2009-03-20 12:07 . 2009-03-20 11:33 101287 ----a-w c:\windows\system32\drivers\klin.dat
2009-03-20 11:32 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-03-20 11:32 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-03-20 11:32 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-03-20 11:32 . 2009-03-20 11:32 -------- d-----w c:\program files\Kaspersky Lab
2009-03-20 01:02 . 2009-03-20 01:02 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-03-18 18:09 . 2009-03-18 18:09 -------- d-----w c:\program files\Common Files\COWON
2009-03-18 17:08 . 2009-01-27 14:46 -------- d-----w c:\program files\Windows Live
2009-03-18 17:05 . 2009-03-18 17:05 -------- d-----w c:\program files\Microsoft
2009-03-18 17:05 . 2009-03-18 17:05 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-18 16:39 . 2009-03-18 16:39 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-16 21:36 . 2009-05-07 14:16 3795784 ----a-w c:\windows\system32\d3dx9d_33.dll
2009-03-16 21:36 . 2009-05-07 14:16 2650440 ----a-w c:\windows\system32\d3d9d.dll
2009-03-16 21:36 . 2009-05-07 14:16 1063256 ----a-w c:\windows\system32\DWrite_beta.dll
2009-03-16 21:36 . 2009-05-07 14:16 931672 ----a-w c:\windows\system32\XAudioD2_4.dll
2009-03-16 21:36 . 2009-05-07 14:16 842072 ----a-w c:\windows\system32\D2D1_beta.dll
2009-03-16 21:36 . 2009-05-07 14:16 799576 ----a-w c:\windows\system32\D3D10WARP_beta.dll
2009-03-16 11:18 . 2009-05-07 14:13 235352 ----a-w c:\windows\system32\xactengine3_4.dll
2009-03-16 11:18 . 2009-05-07 14:13 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
2009-03-15 10:25 . 2009-03-15 10:25 56268 ----a-w c:\windows\system32\drivers\scdemu.sys
2009-03-03 04:40 . 2009-04-15 11:32 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:37 . 2009-04-15 11:32 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 02:28 . 2009-04-15 11:32 26624 ----a-w c:\windows\system32\ieUnatt.exe
2008-01-21 02:43 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2009-01-27 14:49 . 2009-01-27 14:49 75 --sh--r c:\windows\CT4CET.bin
2009-01-27 23:05 . 2009-01-27 23:01 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-04-16 22:13 721408 ----a-w c:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-04-16 22:13 721408 ----a-w c:\program files\Fingerprint Reader Suite\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-12-22 2573744]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"{14F38061-0A03-EE88-2996-7F3AAD6C9AC2}"="c:\documents and settings\px.exe" [2009-04-10 81920]
"momo"="c:\documents and settings\px.exe" [2009-04-10 81920]
"AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-28 13145448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-12-03 36864]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-25 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-25 8478720]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-25 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-09-25 81920]
"PSQLLauncher"="c:\program files\Fingerprint Reader Suite\launcher.exe" [2007-04-16 49168]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-03-20 206088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-26 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

c:\users\KENZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2009-1-27 50688]
PalTalk.lnk - c:\program files\Paltalk Messenger\paltalk.exe [2009-1-28 10950144]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-01-27 15:08 10536 ----a-w c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-04-16 22:04 86528 ----a-w c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E1FFCBAE-F225-471E-8FBC-647D58096CC9}"= c:\program files\Dell\MediaDirect\MediaDirect.exe

ell MediaDirect
"{5BB13F4A-B998-462C-872B-6588E22D805C}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{40200142-034E-4290-9ABC-654D345D5DBF}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{1C6B584A-1A7C-4896-BCB7-40B66E52FB01}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{E871E95B-B2E7-496C-AC55-3044F86660D5}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{D07380BE-B496-4DC9-A2D2-06651811FB01}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{DA0E3AA5-7096-4C45-A138-1088B6A97156}"= UDP:443

oVoo TCP المنفذ 443
"{1E33075B-4C16-4DE0-817B-B8E6FDDC1563}"= TCP:443

oVoo UDP المنفذ 443
"{D8E0D8D5-1F3E-48C3-9A93-E9D5448E372D}"= UDP:37674

oVoo TCP المنفذ 37674
"{89A5C14E-5ED6-492C-A955-D506B79BD955}"= TCP:37674

oVoo UDP المنفذ 37674
"{B210856D-7A18-4B1A-9DFE-1E717159F33C}"= TCP:37675

oVoo UDP المنفذ 37675
"{A56E84C9-EA1C-4D52-9FAA-ED8911F27B2F}"= UDP:5353:Adobe CSI CS4
"{6F8F2A77-6253-4B30-8315-79802D57FDC8}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4
"{D86C97F7-E82A-4A54-813A-FD54904BD16B}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/08 05:29 م 33808]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [09/07/08 05:28 م 20496]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [27/01/09 06:29 م 73728]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [24/09/08 12:09 ص 155648]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28/01/09 02:23 ص 179712]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/08 06:02 م 26640]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [28/01/09 02:23 ص 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [28/01/09 02:23 ص 7424]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder

2009-05-10 c:\windows\Tasks\User_Feed_Synchronization-{7F41E303-FE6C-4280-ABC8-87B32AD1F831}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-{3E95BA42-1459-E899-FD57-6CBCC6A427B9} - c:\users\KENZ\AppData\Roaming\server.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
uInternet Settings,ProxyOverride = local
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\users\KENZ\AppData\Roaming\Mozilla\Firefox\Profiles\21tyo7qb.default\
FF - prefs.js: browser.search.selectedEngine - Ask
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.sa/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\users\KENZ\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2009-05-10 22:17
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
{14F38061-0A03-EE88-2996-7F3AAD6C9AC2} = c:\documents and settings\px.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
momo = c:\documents and settings\px.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.032"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.abr"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ani"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.arw"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bay"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bmp"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.bw"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cr2"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.crw"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cs1"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.cur"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcr"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dcx"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dib"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djv"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.djvu"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.dng"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.emf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.eps"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.erf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fff"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.fpx"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.gif"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.hdr"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icl"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.icn"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iff"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ilbm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.int"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.inta"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.iw4"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2c"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.j2k"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jbr"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jfif"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jif"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jp2"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpc"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpe"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpeg"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpg"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpk"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.jpx"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.kdc"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.lbm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mef"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mos"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.mrw"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.nef"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.orf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pbr"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcd"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pct"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pcx"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pef"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pgm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pic"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pict"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pix"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.png"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ppm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psd"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.psp"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspbrush"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.pspimage"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ras"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.raw"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgb"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rgba"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rle"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rsb"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.rw2"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sgi"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.sr2"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.srf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tga"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.thm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tif"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.tiff"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttc"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.ttf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wbmp"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.wmf"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xbm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xif"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xpm"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[]
@Class="Shell"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*[\OpenWithList]
@Class="Shell"

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CD442CB-8AB5-3321-93AB-2ADB91AF3290}*]
"haomgghehcnihpig"=hex:6a,61,66,64,6d,6a,61,66,64,68,70,6e,64,69,63,6c,64,6a,
65,66,00,00
"iaemagjfmcoiifkdkf"=hex:6a,61,66,64,6d,6a,61,66,64,68,70,6e,64,69,63,6c,64,6a,
65,66,00,00
"hadglhjoidfhodol"=hex:64,63,70,69,6d,6d,6c,64,6a,64,61,63,6b,69,6b,66,61,61,
61,63,66,61,69,65,6c,63,64,62,64,6a,6b,70,66,68,6f,6e,63,69,66,67,62,66,6a,\

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):d4,84,3f,27,fe,f2,1e,b6,0a,5b,39,5d,76,4d,c3,b3,b4,b2,30,11,ff,
c9,af,ab,4b,a3,b7,cc,49,89,b9,2a,70,72,20,0c,62,82,c3,e6,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-274761127-3438700489-1080722424-1000_Classes\CLSID\{d5b535f5-8606-40e5-a7b8-88e0eab05a96}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000006f
"Therad"=dword:00000023
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,e4,42,b3,a6,5b,53,71,a8,69,7c,fe,78,dd,36,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(780)
c:\windows\system32\psqlpwd.dll
c:\program files\Fingerprint Reader Suite\homefus2.dll
c:\program files\Fingerprint Reader Suite\infra.dll
.
Completion time: 2009-05-10 22:18
ComboFix-quarantined-files.txt 2009-05-10 19:18

Pre-Run: 115,658,096,640 bytes free
Post-Run: 115,634,270,208 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7
628 --- E O F --- 2009-05-07 17:26

أعتز بك · 10 مايو 2009

تابع هذا الموضوع

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

وشوف الحل رقم

السابع

والأخير

بالتوفيق

START · 10 مايو 2009

وشكرا لك انت ايضا اخي اعتز بك على المساعدة ولكن الأداة التي في الحل رقم 7 الرابطين معطوبين ارجو رفعها على موقع اخر

البتال · 10 مايو 2009

تفضل أخي الكريم

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

أخوكم

مشكلة في إغلاق الجهاز

START

زيزوومي جديد

KoNaMi

زيزوومى فضى

توقيع : KoNaMi

START

زيزوومي جديد

KoNaMi

زيزوومى فضى

توقيع : KoNaMi

START

زيزوومي جديد

KoNaMi

زيزوومى فضى

توقيع : KoNaMi

START

زيزوومي جديد

أعتز بك

زيزوومى محترف

توقيع : أعتز بك

START

زيزوومي جديد

البتال

عـضـو شـرف

توقيع : البتال

حصري (ينتهي الدعم في 13 يناير 2032) Windows 10 IoT Enterprise LTSC 2021 (19044.6276) Aio Multi Update August 2025